Lucene search
K

91211 matches found

OSV
OSV
added 8 hours ago4 views

BELL-CVE-2026-53351 CVE-2026-53351 does not affect BellSoft software

Bulletin has no description...

5.9AI score0.00145EPSS
Exploits0References1
OSV
OSV
added yesterday3 views

DEBIAN-CVE-2026-14355

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score
Exploits0References1
OSV
OSV
added yesterday2 views

DEBIAN-CVE-2026-14604

A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...

6.3CVSS6.3AI score
Exploits0References1
OSV
OSV
added yesterday3 views

CGA-HFHH-VC5H-3M53

Bulletin has no description...

9.1CVSS5.9AI score0.00359EPSS
Exploits0
OSV
OSV
added yesterday2 views

CGA-PG8R-8M63-V32P

Bulletin has no description...

9.1CVSS6.3AI score0.00387EPSS
Exploits0
OSV
OSV
added yesterday3 views

CGA-8349-J6V3-QW75

Bulletin has no description...

8.8CVSS5.9AI score0.00329EPSS
Exploits1
OSV
OSV
added yesterday3 views

CGA-V75M-8572-4J65

Bulletin has no description...

8.1CVSS5.9AI score0.00249EPSS
Exploits1
OSV
OSV
added yesterday4 views

CGA-C9GM-Q3XM-PG2P

Bulletin has no description...

8.8CVSS5.9AI score0.00328EPSS
Exploits1
OSV
OSV
added yesterday3 views

CGA-WMWR-29MF-6427

Bulletin has no description...

8.8CVSS5.9AI score0.00303EPSS
Exploits1
OSV
OSV
added yesterday2 views

CGA-3M4Q-6RQR-JXRW

Bulletin has no description...

5.9AI score
Exploits0
OSV
OSV
added yesterday3 views

CGA-5Q9R-44PM-G2Q2

Bulletin has no description...

5.9AI score0.00023EPSS
Exploits0
OSV
OSV
added yesterday3 views

DEBIAN-CVE-2026-8804

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...

6.7CVSS5.9AI score
Exploits0References1
OSV
OSV
added yesterday3 views

DEBIAN-CVE-2026-14544

A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...

9.8CVSS6.3AI score
Exploits0References1
OSV
OSV
added yesterday3 views

CGA-CWXR-C5VF-P22P

Bulletin has no description...

6.3CVSS5.9AI score0.0037EPSS
Exploits0
OSV
OSV
added yesterday5 views

DEBIAN-CVE-2026-8925

The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the same pointer twice...

5.9AI score
Exploits0References1
OSV
OSV
added yesterday4 views

DEBIAN-CVE-2026-11352

An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. Because the helper function discards zero-length UDP datagrams before counting them toward the per-call packet budget, a connected QUIC peer can...

6.7AI score
Exploits0References1
OSV
OSV
added yesterday4 views

DEBIAN-CVE-2026-11856

Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...

6AI score
Exploits0References1
OSV
OSV
added yesterday3 views

DEBIAN-CVE-2026-11586

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

6AI score
Exploits0References1
OSV
OSV
added 2 days ago2 views

ECHO-D96B-E170-7D9F

Bulletin has no description...

8.3CVSS5.7AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2 days ago2 views

ECHO-B241-5686-39E3

Bulletin has no description...

7.5CVSS5.7AI score0.00265EPSS
Exploits0References1
Rows per page
Query Builder