Lucene search
K

71 matches found

Cvelist
Cvelist
added 2026/06/23 4:27 p.m.36 views

CVE-2026-55423 Langflow: Logout button does not clear session

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.7.0, the logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. This vulnerability is fixed in 1.7.0...

6.1CVSS0.00152EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-32960

SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet...

7.1CVSS7.1AI score0.0026EPSS
Exploits0References1
CVE
CVE
added 2026/05/25 8:16 p.m.42 views

CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indicator for TELNET data, but the trust status is not cleared between proxy authentication and the main session. This may cause a misleading trust cue to the user. Affected version range is 0.77–0.83; remediation is to upgrade to 0....

3.1CVSS5.8AI score0.00224EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/20 6:31 a.m.5 views

EUVD-2026-23753

SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet...

7.1CVSS5.8AI score0.0026EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/20 3:18 a.m.29 views

CVE-2026-32960

SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet...

7.1CVSS0.0026EPSS
Exploits0References3
NVD
NVD
added 2026/03/25 9:16 p.m.7 views

CVE-2025-64646

IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not properly clearing resources...

6.2CVSS0.00174EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:35 p.m.2 views

CVE-2025-64646

IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not properly clearing resources...

6.2CVSS6AI score0.00174EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 8:35 p.m.1 views

CVE-2025-64646 Multiple Vulnerabilities in IBM Concert Software

IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not properly clearing resources...

6.2CVSS6AI score0.00174EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.3 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38149)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38149 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: phy: clear phydev-devlink when the...

5.5CVSS5.4AI score0.00145EPSS
Exploits0References2
OSV
OSV
added 2025/12/24 11:15 a.m.2 views

UBUNTU-CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

5.7AI score0.00145EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clear the allocated run buffer when reading MFT fails, which could lead to a memory leak...

6.2AI score0.00175EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/17 6:14 p.m.3 views

CVE-2025-13321 Mattermost Desktop App logging sensitive information and fails to clear data on server deletion

Mattermost Desktop App versions 6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on server deletion which allows an attacker with access to the users system to gain access to potentially sensitive information via reading the application logs...

3.3CVSS6.4AI score0.001EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/17 6:14 p.m.27 views

CVE-2025-13321 Mattermost Desktop App logging sensitive information and fails to clear data on server deletion

Mattermost Desktop App versions 6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on server deletion which allows an attacker with access to the users system to gain access to potentially sensitive information via reading the application logs...

3.3CVSS0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a pointer not being cleared to zero, which could result in a use-after-free or double-free...

6.2AI score0.00168EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/05 6:10 p.m.20 views

CVE-2025-66566 yawkat LZ4 Java has a possible information leak in Java safe decompressor

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

8.2CVSS0.00541EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/20 3:30 p.m.5 views

EUVD-2025-198271

@perfood/couch-auth may expose session tokens, passwords...

6.5CVSS6.4AI score0.00182EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-51894

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0038EPSS
Exploits0References2
OSV
OSV
added 2025/10/03 7:56 p.m.4 views

RLSA-2025:16432 Moderate: opentelemetry-collector security update

Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score,...

6.8CVSS7.2AI score0.0056EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.3 views

Horilla 跨站脚本漏洞

Horilla is a free and open source human resources software from Horilla, Inc. A cross-site scripting vulnerability exists in Horilla version 1.3.0, which stems from multiple fields in the Project and Task modules not being properly cleared for user input, and could lead to a stored cross-site...

4.8CVSS5.9AI score0.00223EPSS
Exploits1References2
NVD
NVD
added 2025/09/18 2:15 p.m.6 views

CVE-2023-53387

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...

5.5CVSS0.00134EPSS
Exploits0References3
Rows per page
Query Builder