Lucene search
K

32372 matches found

OSV
OSV
added yesterday4 views

ROOT-APP-GOBINARY-CVE-2026-27136 CVE-2026-27136 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-27136 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
OSV
OSV
added yesterday4 views

ROOT-APP-GOBINARY-CVE-2026-42502 CVE-2026-42502 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-42502 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
OSV
OSV
added yesterday4 views

ROOT-APP-GOBINARY-CVE-2026-39821 CVE-2026-39821 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-39821 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

9.6CVSS7.3AI score0.00478EPSS
Exploits0
OSV
OSV
added yesterday3 views

ROOT-APP-GOBINARY-CVE-2026-33814 CVE-2026-33814 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-33814 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

7.5CVSS7.3AI score0.00781EPSS
Exploits0
OSV
OSV
added yesterday3 views

ROOT-APP-GOBINARY-CVE-2026-25681 CVE-2026-25681 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-25681 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
Nuclei
Nuclei
added yesterday24 views

CandidATS 3.0.0 - Cross-Site Scripting

CandidATS 3.0.0 contains a cross-site scripting vulnerability via the page parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

6.1CVSS6.4AI score0.01071EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday13 views

Cedar Gate EZ-NET <= 6.8.0 - Cross-Site Scripting

The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. id: CVE-2022-23397 info: name: Cedar Gate EZ-NET = 6.8.0 - Cross-Si...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2 days ago4 views

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.6CVSS7.6AI score0.00813EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2 days ago4 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 days ago6 views

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.6CVSS7.6AI score0.00813EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2 days ago4 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 days ago3 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
NVD
NVD
added 2 days ago7 views

CVE-2026-58127

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...

9.8CVSS0.00779EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2 days ago3 views

CVE-2026-47241

A flaw was found in Net::IMAP, a Ruby client library for the Internet Message Access Protocol IMAP. This vulnerability allows a remote attacker to cause a denial of service by sending specially crafted input to certain Net::IMAP commands. When a raw string argument, derived from user-controlled...

5.9CVSS5.7AI score0.00239EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago4 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS6.8AI score0.01945EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 days ago5 views

Important: Red Hat Security Advisory: ruby:2.5 security update

An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2 days ago4 views

ruby:3.3 security update

An update is available for module.rubygem-pg, module.rubygem-mysql2, rubygem-mysql2, rubygem-pg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is an...

7.6CVSS5.8AI score0.00813EPSS
Exploits0
OSV
OSV
added 2 days ago3 views

ROOT-APP-GOBINARY-CVE-2026-42506 CVE-2026-42506 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-42506 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

6.1CVSS5.8AI score0.00188EPSS
Exploits0
RedHat Linux
RedHat Linux
added 3 days ago3 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 3 days ago4 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00324EPSS
Exploits0References12
Rows per page
Query Builder