Lucene search
K

19537 matches found

RedHat Linux
RedHat Linux
added 2026/04/13 10:24 a.m.3 views

firefox: thunderbird: Mitigation bypass in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the Networking: HTTP component...

9.8CVSS7.2AI score0.00459EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/13 10:18 a.m.1 views

firefox: thunderbird: Mitigation bypass in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the Networking: HTTP component...

9.8CVSS7.2AI score0.00459EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/13 10:16 a.m.4 views

firefox: thunderbird: Mitigation bypass in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the Networking: HTTP component...

9.8CVSS7.2AI score0.00459EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/13 10:5 a.m.4 views

firefox: thunderbird: Mitigation bypass in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the Networking: HTTP component...

9.8CVSS7.2AI score0.00459EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/13 10:5 a.m.2 views

firefox: thunderbird: Mitigation bypass in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the Networking: HTTP component...

9.8CVSS7.2AI score0.00459EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.5 views

PT-2026-32545

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An incomplete mitigation allows for a bypass when a URL contains the string "%action". For certain browser types, this can lead to command injection into the...

7CVSS5.8AI score0.0029EPSS
Exploits0References173
RedhatCVE
RedhatCVE
added 2026/04/10 9:25 p.m.5 views

CVE-2026-35204

A flaw was found in Helm, a package manager for Kubernetes. An attacker could exploit this vulnerability by providing a specially crafted Helm plugin. When such a plugin is installed or updated, Helm incorrectly processes its configuration, allowing the plugin's contents to be written to an...

8.6CVSS5.8AI score0.00158EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/10 7:30 p.m.5 views

Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble

Authenticated arbitrary file write in artifact bundle assembly Summary An authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a...

7.1CVSS6.2AI score0.00299EPSS
Exploits0References4Affected Software1
GithubExploit
GithubExploit
added 2026/04/10 12:37 p.m.107 views

Exploit for CVE-2022-30190

CVE-2022-30190 Follina Educational Malware Development, Expl...

9.3CVSS7.5AI score0.99374EPSS
Exploits62
RedhatCVE
RedhatCVE
added 2026/04/10 7:12 a.m.5 views

CVE-2026-34500

A flaw was found in Apache Tomcat where OCSP-based certificate validation may incorrectly soft-fail during CLIENTCERT authentication, even when soft-fail is disabled, under certain FFM-related execution paths. This can result in client certificates being accepted despite failed or unverifiable...

6.5CVSS5.7AI score0.00469EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/10 7:7 a.m.8 views

CVE-2026-34487

A flaw was found in Apache Tomcat. The cloud membership for clustering component was vulnerable to the insertion of sensitive information into log files. This vulnerability could lead to the exposure of the Kubernetes bearer token, which is a credential used for authentication within a Kubernetes...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/10 7:7 a.m.6 views

CVE-2026-29146

A flaw was found in Apache Tomcat. This Padding Oracle vulnerability, present in the EncryptInterceptor with its default configuration, could allow a remote attacker to decrypt sensitive information. By exploiting weaknesses in the encryption padding, an attacker may be able to gain unauthorized...

7.5CVSS5AI score0.03494EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/10 6:3 a.m.9 views

Security Bulletin: Segmentation Fault Vulnerability in Rust time crate on Unix Systems (v0.2.7–v0.2.22) affects watsonx.data

Summary A vulnerability in the Rust time crate v0.2.7–v0.2.22 can cause segmentation faults on Unix-like systems when environment variables are set from a different thread. Windows and WebAssembly targets are unaffected. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2020-26235...

5.3CVSS6AI score0.01881EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2026/04/10 1:29 a.m.129 views

Exploit for CVE-2026-34197

6.0.0-6.1.1 V...

8.8CVSS6.6AI score0.9619EPSS
Exploits12
RedhatCVE
RedhatCVE
added 2026/04/09 11:4 p.m.7 views

CVE-2026-34943

A flaw was found in Wasmtime, a runtime for WebAssembly. A malicious guest can exploit an issue where a flags-typed component model value, containing unexpected bit settings, causes the host system to panic during processing. This vulnerability can lead to a Denial of Service DoS, rendering the...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/09 11:0 p.m.7 views

CVE-2026-34946

A flaw was found in Wasmtime, a runtime for WebAssembly Wasm code. A malicious Wasm program, when processed by Wasmtime's Winch compiler, can cause the underlying system to crash. This is due to an error in how the compiler handles certain instructions, leading to a Denial of Service DoS...

7.5CVSS5.8AI score0.00358EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2026/04/09 1:21 p.m.13 views

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

In this article 1. Technical details 2. Disclosure timeline 3. Mitigation and protection guidance 4. References 5. Learn more During routine security research, we identified a severe intent redirection vulnerability in a widely used third-party Android SDK called EngageSDK. This flaw allows apps ...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/04/09 1:21 p.m.7 views

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

In this article 1. Technical details 2. Disclosure timeline 3. Mitigation and protection guidance 4. References 5. Learn more During routine security research, we identified a severe intent redirection vulnerability in a widely used third-party Android SDK called EngageSDK. This flaw allows apps ...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/08 9:21 p.m.5 views

CVE-2026-32281

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

7.5CVSS5.8AI score0.00349EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/08 5:13 p.m.5 views

CVE-2026-33753

A flaw was found in rfc3161-client, a Python library implementing the Time-Stamp Protocol TSP. This authorization bypass vulnerability allows a remote attacker to impersonate a trusted TimeStamping Authority TSA. The flaw exists in the library's signature verification process, specifically in how...

7.5CVSS5.9AI score0.00188EPSS
Exploits1References4
Rows per page
Query Builder