Lucene search
K

934 matches found

EUVD
EUVD
added 20 hours ago7 views

EUVD-2026-43594

SAP Create Single Payment does not perform necessary authorization checks for an authenticated user, a restricted user could access specific entity set keys resulting in disclosure of information. This has low impact on confidentiality, with no impact on integrity and availability of the...

4.3CVSS6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday5 views

Malicious code in backup3-ff (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a32646e3ad3e35186f8344c19ccdecfd69c26e8047fc44b77c0516b644fd094 The npm package [email protected] ships multiple heavily obfuscated JavaScript bundles under assets/ AccountPage, DarkVeil, GamesPage, PlusBlockedNote...

6.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-57158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. From 3.21.0 before 3.28.0, FreeRDP clients using the GFX pipeline contain an incomplete fix for...

9.8CVSS6.2AI score0.00528EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.8 views

PT-2026-56056

Name of the Vulnerable Software and Affected Versions Cilium versions 1.19.0 through 1.19.3 Cilium versions 1.18.2 through 1.18.9 Cilium versions prior to 1.17.16 Description Users capable of creating CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs using the addressMatcher parameter...

6.9CVSS6AI score0.00341EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-12481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer...

9.8CVSS7.8AI score0.00397EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/07/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-58209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - nats-server - None Ubuntu Linux - Unknown description CVE-2026-58209 Note that Nessus relies on the presence of the package as reported by the...

4.3CVSS6AI score0.00342EPSS
Exploits0References3
OSV
OSV
added 2026/07/03 9:16 p.m.5 views

DEBIAN-CVE-2026-12481

A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...

9.8CVSS6.6AI score0.00397EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - openvpn - None Ubuntu Linux - 1-byte buffer overrun on NTLMv2 proxy responses CVE-2026-11771 Note that Nessus relies on the presence of the packa...

6.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-13927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via...

7.8CVSS6.2AI score0.0012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-14120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potential...

9.6CVSS6.2AI score0.00276EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-14015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in WebRTC in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to leak cross- origin data via a crafted HTML page. Chromium securit...

6.5CVSS6.2AI score0.00197EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-14011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in SurfaceCapture in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory read via a crafted HTM...

8.1CVSS6.2AI score0.00246EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-13995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a...

4.3CVSS6.2AI score0.0023EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-574 wger: cross-tenant password reset and plaintext disclosure via gym=None bypass

Summary The resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker and victim have no gym assignment gym=None. A user with...

9.9CVSS6AI score0.00371EPSS
Exploits0References5
OSV
OSV
added 2026/06/27 6:11 a.m.4 views

BELL-CVE-2026-53263

Bulletin has no description...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-53488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image conf...

9.4CVSS6.2AI score0.00203EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via TOCTOU in mount8 hookowner.c chmod/chown CVE-2026-53612 Note that Nessus relies o...

6.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. CVE-2026-12301 Note that Nessus relies on the presence ...

5.3CVSS5.9AI score0.00252EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-12324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and...

7.3CVSS6.1AI score0.00209EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-12292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird...

8.1CVSS6.1AI score0.00398EPSS
Exploits0References2
Rows per page
Query Builder