Lucene search
K

19534 matches found

RedhatCVE
RedhatCVE
added 2026/04/29 9:0 a.m.7 views

CVE-2026-41677

A flaw was found in rust-openssl, a library that provides OpenSSL functionalities for Rust applications. The library's password callback functions did not correctly check the size of data provided by a user's callback. This oversight could allow a specially crafted password callback to read beyon...

9.1CVSS4.8AI score0.00294EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/29 4:20 a.m.88 views

Web-Client-Side-Vulnerabilities-Practical-Exploitation-and-Mitigation

No d...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.3 views

FreeBSD : Mozilla -- Mitigation bypass (61805c9e-4305-11f1-a627-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 61805c9e-4305-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=1880429 reports: Mitigation bypass in the DOM: postMessage...

6.5CVSS5.8AI score0.00189EPSS
Exploits0References3
Hewlett-Packard
Hewlett-Packard
added 2026/04/29 12:0 a.m.7 views

AMI BIOS SMM Security Update

A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. HP has released mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that...

6.1CVSS6.3AI score0.00174EPSS
Exploits0Affected Software198
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.4 views

FreeBSD : Mozilla -- Mitigation bypass (872a6e95-4305-11f1-a627-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 872a6e95-4305-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2023615 reports: Mitigation bypass in the Networking: Cooki...

9.8CVSS5.8AI score0.00285EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.3 views

FreeBSD : Mozilla -- Mitigation bypass (6f7989ef-4305-11f1-a627-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6f7989ef-4305-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2016923 reports: Mitigation bypass in the Networking: Cooki...

9.8CVSS5.8AI score0.00279EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.6 views

FreeBSD : Mozilla -- Mitigation bypass (1d3f0d87-4307-11f1-a627-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1d3f0d87-4307-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2025067 reports: Mitigation bypass in the DOM: Security...

9.8CVSS5.8AI score0.00309EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.3 views

FreeBSD : Mozilla -- Mitigation bypass (785dfce9-4305-11f1-a627-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 785dfce9-4305-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2021666 reports: Mitigation bypass in the File Handling...

6.5CVSS5.8AI score0.00191EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.3 views

FreeBSD : Mozilla -- Mitigation bypass (2510f10a-4307-11f1-a627-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2510f10a-4307-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2016915 reports: Mitigation bypass in the DOM: Security...

5.4CVSS5.8AI score0.00153EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/04/28 12:48 p.m.89 views

atproto-api-abuse-risk-report

PoC documentaire professionnel Risque d’énumération et d’...

5.3AI score
Exploits0
OSV
OSV
added 2026/04/28 12:6 p.m.16 views

RLSA-2026:10767 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

7.5CVSS5.3AI score0.04938EPSS
Exploits1References26
OSV
OSV
added 2026/04/28 12:3 p.m.11 views

RLSA-2026:10757 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

7.5CVSS5.3AI score0.04938EPSS
Exploits1References26
Citrix
Citrix
added 2026/04/28 12:0 p.m.11 views

XenServer Security Update for Multiple Issues

Severity: High Description of Problem Several issues have been identified that affect XenServer 8.4. These are: An issue that may, in some circumstances, allow a malicious privileged user in a guest VM to compromise the host. This issue has the following identifier: CVE-2026-23558 An issue that m...

7.8CVSS5.4AI score0.00191EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/28 11:57 a.m.7 views

CVE-2026-41240

A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and...

8.1CVSS5.4AI score0.00263EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/04/28 11:23 a.m.11 views

CVE-2026-6921

A race flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493315759 Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

9.6CVSS4.8AI score0.00187EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/28 11:15 a.m.7 views

CVE-2026-6920

An out of bounds read flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499891888 Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...

9.6CVSS4.8AI score0.00211EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/28 9:19 a.m.5 views

CVE-2026-7233

A flaw was found in Artifex MuPDF, specifically within its CFF Index Handler component. A local user could exploit an out-of-bounds read vulnerability in the fzsubsetcffforgids function. This could allow an attacker to read sensitive information from memory, potentially leading to information...

6.1CVSS5.2AI score0.00238EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/04/28 8:54 a.m.5 views

CVE-2026-7020

A flaw was found in Ollama, specifically within the Tensor Model Transfer Handler component. A remote attacker can exploit this vulnerability by manipulating the digest argument in the digestToPath function, leading to a path traversal. This allows unauthorized access to files or directories on t...

6.3CVSS5.2AI score0.00908EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2026/04/27 9:10 p.m.3 views

CVE-2026-41059

A flaw was found in OAuth2 Proxy. An unauthenticated attacker can exploit a configuration-dependent authentication bypass by sending a crafted request containing a number sign in the path. This allows the OAuth2 Proxy to incorrectly match a public allowlist rule, leading to the exposure of...

8.2CVSS5.3AI score0.00275EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/27 3:30 p.m.7 views

Apache Storm Prometheus Reporter vulnerable to Improper Certificate Validation via Global SSL Context Downgrade

Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...

4.8CVSS5.8AI score0.00193EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder