Lucene search
+L

1605 matches found

RedHat Linux
RedHat Linux
added 2026/04/29 11:14 a.m.3 views

openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

7.5CVSS7AI score0.00702EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/29 11:14 a.m.3 views

openjdk: Enhance certificate chain validation (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

5.3CVSS6.7AI score0.00305EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.11 views

PT-2026-35029

Name of the Vulnerable Software and Affected Versions OpenPrinting CUPS versions prior to 2.4.17 Description A network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend, leading to an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory is convert...

6.5CVSS5.7AI score0.00409EPSS
Exploits3References23
RedHat Linux
RedHat Linux
added 2026/04/23 9:6 a.m.11 views

.net: .NET: Denial of Service via out-of-bounds read

A flaw was found in .NET. An unauthorized attacker can exploit an out-of-bounds read vulnerability over a network, leading to a Denial of Service DoS. This can prevent legitimate users from accessing the affected service...

7.5CVSS6.8AI score0.02049EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/21 7:20 p.m.31 views

CVE-2026-40881 Zebra: addr/addrv2 Deserialization Resource Exhaustion

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-network version 5.0.1, when deserializing addr or addrv2 messages, which contain vectors of addresses, Zebra would fully deserialize them up to a maximum length over 233,000 that was derived from the 2 MiB...

6.3CVSS0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

Microsoft ASP.NET Core 数据伪造问题漏洞

Microsoft ASP.NET Core is a cross-platform open-source framework developed by Microsoft. This framework is used to build cloud-based applications such as web applications, IoT applications, and mobile backends. Microsoft ASP.NET Core has a vulnerability related to data manipulation, caused by...

9.1CVSS6AI score0.11205EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.12 views

RHEL 9 : grafana (RHSA-2026:8881)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:8881 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: net/url: Incorrect...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/15 7:23 p.m.6 views

CVE-2026-32225

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS6.2AI score0.00908EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 12:0 a.m.13 views

CVE-2026-30616

CVE-2026-30616 relates to Jaaz 1.0.30, with a remote code execution vulnerability in the MCP STDIO command handling. An attacker can send crafted network requests to the network-accessible Jaaz application, leading to attacker-controlled commands executed in the Jaaz service process and potential...

7.3CVSS6.5AI score0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/14 4:58 p.m.25 views

CVE-2026-33827 Windows TCP/IP Remote Code Execution Vulnerability

...

8.1CVSS0.00837EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

Synology SSL VPN Client 安全漏洞

The Synology SSL VPN Client is a VPN client software developed by Synology, a Chinese company, used for secure connection to Synology NAS devices. Versions of the Synology SSL VPN Client prior to 1.4.5-0684 contained security vulnerabilities. These vulnerabilities stemmed from externally accessib...

6.5CVSS5.8AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.12 views

Juniper Networks CTP OS 安全漏洞

Juniper Networks CTP OS is an operating system used by Juniper Networks for migrating from circuit-to-packet networks. There are security vulnerabilities in Juniper Networks CTP OS versions 9.2R1 and 9.2R2. These vulnerabilities stem from weak password requirements in the password management...

9.1CVSS5.8AI score0.00264EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/06 10:54 p.m.7 views

PocketMine-MP: Network amplification vulnerability with `ActorEventPacket`

Impact The server handles ActorEventPacket to trigger consuming animations from vanilla clients when they eat food or drink potions. This can be abused to make the server spam other clients, and to waste server CPU and memory. For every ActorEventPacket sent by the client, an animation event will...

5.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/06 7:48 a.m.4 views

BIT-DOTNET-2026-26127 .NET Denial of Service Vulnerability

Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network...

7.5CVSS6.8AI score0.02049EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.11 views

Microsoft Azure AI Foundry 授权问题漏洞

Microsoft Azure AI Foundry is a platform tool developed by the American company Microsoft, used for building, managing, and deploying enterprise-level AI models and services. There is an authorization issue vulnerability in Microsoft Azure AI Foundry; this vulnerability stems from improper...

10CVSS5.8AI score0.00913EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2026/03/27 10:30 p.m.9 views

K000160507: Oracle Java SE vulnerability CVE-2026-21933

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1;...

6.1CVSS6.5AI score0.00261EPSS
Exploits1
EUVD
EUVD
added 2026/03/27 12:31 p.m.5 views

EUVD-2026-16586

Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network...

6CVSS5.9AI score0.00314EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/27 12:31 p.m.6 views

EUVD-2026-16589

Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network...

6.3CVSS5.9AI score0.00157EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/27 12:31 p.m.8 views

EUVD-2026-16587

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS6.1AI score0.00996EPSS
Exploits0References2
NVD
NVD
added 2026/03/27 12:16 p.m.9 views

CVE-2026-4622

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

9.8CVSS0.00864EPSS
Exploits0References1
Rows per page
Query Builder