Lucene search
K

346 matches found

Vulnrichment
Vulnrichment
added 2025/03/04 1:31 p.m.8 views

CVE-2025-1933 JIT corruption of WASM i32 return values on 64-bit CPUs

On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

7.1AI score0.00294EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2025/03/04 12:0 a.m.8 views

Python Improper Encoding of Output Vulnerability (Feb 2025) - Linux

Python is prone to an improper encoding of output vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

2.3CVSS5.6AI score0.00575EPSS
Exploits0References11
NVD
NVD
added 2025/02/28 7:15 p.m.10 views

CVE-2025-1795

During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...

2.3CVSS0.00575EPSS
Exploits0References10
OSV
OSV
added 2025/02/26 7:1 a.m.8 views

UBUNTU-CVE-2022-49321

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bcserv is NULL When a rdma server returns a fault format reply, nfs v3 client may treats it as a bcall when bc service is not exist. The debug message at rpcrdmabcreceivecall are,...

5.5CVSS6.2AI score0.00272EPSS
Exploits0References11
CVE
CVE
added 2025/02/14 4:18 p.m.76 views

CVE-2024-3220

CVE-2024-3220 affects the CPython standard library mimetypes module. On Windows, the default known-file locations (and on other platforms via the same locations) are writable, allowing a user to create invalid files and potentially trigger MemoryError at Python startup or cause mis-interpretation...

2.3CVSS6.8AI score0.00478EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/06 12:49 a.m.9 views

CVE-2022-3224

Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0...

9.4CVSS6.7AI score0.00586EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/01/21 12:0 a.m.14 views

EulerOS 2.0 SP8 : wget (EulerOS-SA-2025-1130)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data...

9.1CVSS7.1AI score0.00672EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/01/14 12:20 a.m.7 views

SUSE CVE-2024-56656

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X P7 chip's HW GRO/LRO interface is very similar to that of the previous generation 5750X or P5. However, the aggregation ID fields in the completion structur...

5.5CVSS7.7AI score0.00184EPSS
Exploits0References13
OSV
OSV
added 2024/12/03 5:6 p.m.12 views

CLSA-2024-1733245591 pam: Fix of CVE-2024-10963

CVE-2024-10963: fix a flaw found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. There is the new 'nodns' option which should be enabled to fix the CVE...

7.4CVSS6.8AI score0.00798EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/26 12:43 a.m.3 views

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

8.2CVSS6AI score0.01526EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.19 views

Curl 7.74.0 < 8.10.1 Input Misinterpretation (CVE-2024-9681)

The version of Curl installed on the remote host is between 7.74.0 and prior to 8.10.1. It is, therefore, affected by a potential minor DoS security problem when trying to use HTTPS when that no longer works or a cleartext transmission of data that was otherwise intended to possibly be protected...

6.5CVSS6.6AI score0.0197EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/10/21 7:5 p.m.31 views

CVE-2024-47825 CIDR deny policies may not take effect when a more narrow CIDR allow is present

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

4CVSS0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.4 views

Qt 安全漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

6.5CVSS6.2AI score0.0035EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.18 views

EulerOS 2.0 SP12 : wget (EulerOS-SA-2024-2518)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data...

9.1CVSS7.1AI score0.00672EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.17 views

EulerOS 2.0 SP12 : wget (EulerOS-SA-2024-2543)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data...

9.1CVSS7.1AI score0.00672EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/08 9:59 a.m.45 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.21 LTS, 12.0.4 LTS and 12.4.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported...

9.1CVSS8.9AI score0.36081EPSS
Exploits2Affected Software1
SUSE CVE
SUSE CVE
added 2024/09/12 3:10 a.m.3 views

SUSE CVE-2024-8096

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

6.5CVSS7.5AI score0.00729EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/05 6:17 p.m.37 views

Moderate: Red Hat Security Advisory: wget security update

An update for wget is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

9.1CVSS6.7AI score0.00672EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.31 views

RHEL 8 : wget (RHSA-2024:6208)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:6208 advisory. The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fixes: wget: Misinterpretation of input ma...

9.1CVSS7.1AI score0.00672EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.35 views

RHEL 9 : wget (RHSA-2024:6438)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:6438 advisory. The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fixes: wget: Misinterpretation of input ma...

9.1CVSS7.1AI score0.00672EPSS
Exploits0References5
Rows per page
Query Builder