Lucene search
+L

491 matches found

Nuclei
Nuclei
added yesterday87 views

WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting

WordPress Laborator Neon theme 2.0 contains a cross-site scripting vulnerability via the data/autosuggest-remote.php q parameter. id: CVE-2019-20141 info: name: WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting author: knassar702 severity: medium description: WordPress Laborator Neon them...

6.1CVSS6.4AI score0.05008EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago25 views

Malicious code in @cw-ui/asio-neon-themes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd2366d31cefc8f66861e0e65c782a88c46dc9232d11d463a9fa2869c73dcaa On npm install, postinstall.js reads os.hostname and embeds it as a query parameter in a plain-HTTP GET to a bare IPv4 address...

6.2AI score
Exploits0References2
OSV
OSV
added 3 days ago5 views

MAL-2026-10556 Malicious code in @cw-ui/asio-neon-themes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd2366d31cefc8f66861e0e65c782a88c46dc9232d11d463a9fa2869c73dcaa On npm install, postinstall.js reads os.hostname and embeds it as a query parameter in a plain-HTTP GET to a bare IPv4 address...

6.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-6330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2...

6.5CVSS6AI score0.0013EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 10:17 p.m.10 views

CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS0.0013EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:17 p.m.3 views

DEBIAN-CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 9:1 p.m.26 views

CVE-2026-6330 ML-KEM ARM64 NEON ciphertext comparison only compares half of the input

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.3CVSS0.0013EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/25 9:1 p.m.9 views

CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 9:1 p.m.5 views

CVE-2026-6330

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.5CVSS5.8AI score0.0013EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.17 views

PT-2026-52603

Name of the Vulnerable Software and Affected Versions ML-KEM affected versions not specified Description An issue exists in the ARM64 NEON ciphertext comparison where only half of the input is compared. This failure breaks the implicit rejection of the Fujisaki-Okamoto transform—a method used to...

6.5CVSS5.8AI score0.0013EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.6.36 through 1.6.55, there was an out-of-bounds read and write vulnerability in libpng’s ARM/AArch64 Neon-optimized palette expansion path. When...

7.6CVSS6.8AI score0.00585EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 12:5 p.m.6 views

RLSA-2026:28233 Moderate: libpng security update

The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of servi...

7.6CVSS6.5AI score0.01052EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2026/06/24 12:5 p.m.9 views

libpng security update

An update is available for libpng. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libpng packages contain a library of functions for creating and...

7.6CVSS6.8AI score0.01052EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.12 views

RHEL 9 : libpng (RHSA-2026:28255)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28255 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security...

7.6CVSS6.8AI score0.01052EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/06/23 10:46 p.m.13 views

Moderate: Red Hat Security Advisory: libpng security update

An update for libpng is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.6CVSS6.4AI score0.01052EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/23 10:46 p.m.16 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.1AI score0.00585EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/23 5:55 p.m.14 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.5AI score0.00585EPSS
Exploits0References7
OSV
OSV
added 2026/06/23 12:0 a.m.4 views

ALSA-2026:28233 Moderate: libpng security update

The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of servi...

7.6CVSS6.7AI score0.01052EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : libpng (EulerOS-SA-2026-2212)

According to the versions of the libpng packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In...

7.6CVSS6.4AI score0.01052EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/05/29 8:14 a.m.73 views

waf-engine

WAF & SOAR Engine A cloud-native Web Application Firewall and...

5.9AI score
Exploits0
Rows per page
Query Builder