Lucene search
K

42 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

The SVG element could have been used to load unexpected content that might execute scripts under certain circumstances. Although the specification appears to allow this, other browsers do not do so. Web developers relied on this property for script security, so Gecko’s implementation was aligned...

8.8CVSS7.2AI score0.00548EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 98. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to...

8.8CVSS8.2AI score0.00521EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:52 p.m.4 views

MINI-HCGJ-P55R-99RF

Bulletin has no description...

5.3CVSS6.2AI score0.00856EPSS
Exploits0
OSV
OSV
added 2026/06/05 4:52 p.m.5 views

MINI-G7J4-CMRH-W899

Bulletin has no description...

5.3CVSS5.2AI score0.0037EPSS
Exploits0
NCSC
NCSC
added 2026/05/15 12:8 p.m.15 views

The vulnerability was exploited in Exim.

The developers of Exim introduced a vulnerability in the Exim Mail Transfer Agent versions prior to 4.99.3. This vulnerability involves a use-after-free in the BDAT body parsing process, specifically when certain GnuTLS backend configurations are used. An unauthorized attacker can exploit this...

9.8CVSS6.4AI score0.01225EPSS
Exploits2References4
EUVD
EUVD
added 2026/05/13 6:30 p.m.14 views

EUVD-2026-29920

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

5.1CVSS5.8AI score0.00075EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 8:37 a.m.7 views

CVE-2026-41051 csync2 uses insecure temporary directories when compiled with C99 or later

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

5.1CVSS5.8AI score0.00075EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/01 10:25 a.m.8 views

Malicious code in apple-internal-security-library-v99 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f44267d5128f9ac2c62938b60bfa45264207a0010c41c97082c72246a3a7a248 The package apple-internal-security-library-v99 was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/18 5:31 p.m.4 views

MINI-JC72-RF4W-99MP

Bulletin has no description...

7.1CVSS5.6AI score0.00261EPSS
Exploits0
OSV
OSV
added 2026/03/11 2:56 p.m.5 views

GHSA-FP5J-J7J4-MCXC CraftCMS has an RCE vulnerability via relational conditionals in the control panel

A Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig rendering function with escaping disabled. Any authenticated Control...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/22 12:17 p.m.7 views

Malicious code in corporate-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a096b32dfa76f7e64480d72862c34ec7e644ac03db51ad09af0eb1f929d637a1 The package corporate-blocking was found to contain malicious code. Source: ossf-package-analysis...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:43 a.m.8 views

CVE-1999-0007

Information from SSL-encrypted sessions via PKCS 1...

5CVSS7AI score0.07637EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/31 9:55 p.m.25 views

CVE-2025-69288 Titra has Remote Code Execution in Admin Functionality

Titra is open source project time tracking software. Prior to version 0.99.49, Titra allows any authenticated Admin user to modify the timeEntryRule in the database. The value is then passed to a NodeVM value to execute as code. Without sanitization, it leads to a Remote Code Execution. Version...

9.1CVSS0.00731EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.3 views

Malicious code in teagood-nakama99 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb9667f1d8c307b6ee30781a27ea88797c44f03e4eac7972a2e1f418ed110644 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:47 a.m.3 views

EUVD-2025-74859

Malicious code in bittersilkwormazure-99 npm...

6.6AI score
Exploits0
Circl
Circl
added 2025/11/11 5:0 a.m.6 views

CVE-2025-12840

creationtimestamp| type| source ---|---|--- 2025-11-11 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-991/ 2026-01-26 11:26:56+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mdd56ezxo22q...

7.8CVSS7.3AI score0.00158EPSS
Exploits0References2
CVE
CVE
added 2025/06/18 11:0 a.m.109 views

CVE-2022-49951

CVE-2022-49951 concerns the Linux kernel firmware_loader use-after-free during unregister. In firmware_upload_unregister(), device_unregister() could free fw_upload_priv via dev_release before module_put() dereferences it. The documented fix copies fw_upload_priv->module to a local variable an...

7.8CVSS6.4AI score0.00207EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 11:31 p.m.5 views

CVE-2022-1530

Cross-site Scripting XSS in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application...

6.1CVSS6.1AI score0.00622EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.2 views

WordPress plugin Download Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exists in...

4.8CVSS4.9AI score0.0032EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/04/25 12:0 a.m.4 views

Performance of Machine Learning Classifiers for Anomaly Detection in Cyber Security Applications

This work empirically evaluates machine learning models on two imbalanced public datasets KDDCUP99 and Credit Card Fraud 2013. The method includes data preparation, model training, and evaluation, using an 80/20 train/test split. Models tested include eXtreme Gradient Boosting XGB, Multi Layer...

7.1AI score
Exploits0
Rows per page
Query Builder