Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.6 views

SUSE SLES15 Security Update : valkey (SUSE-SU-2026:0848-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0848-1 advisory. Update to version 8.0.7. Security issues fixed: - CVE-2025-67733: data tampering and denial of service via improper null character...

8.5CVSS5.9AI score0.00586EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.9 views

RockyLinux 10 : valkey (RLSA-2026:3443)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3443 advisory. Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts CVE-2025-67733 valkey: Valkey: Denial of Servic...

8.5CVSS6AI score0.00586EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/26 3:21 p.m.8 views

Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts

A flaw was found in Valkey, a distributed key-value database. A malicious user can exploit this vulnerability by using scripting commands to inject arbitrary information into the response stream. This is caused by improper handling of null characters in the error handling code for Lua scripts...

8.5CVSS5.9AI score0.00586EPSS
Exploits0References5
OSV
OSV
added 2026/02/26 8:53 a.m.5 views

BIT-VALKEY-2025-67733 Valkey Affected by RESP Protocol Injection via Lua error_reply

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

8.5CVSS5.8AI score0.00586EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-67733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary...

8.5CVSS5.7AI score0.00586EPSS
Exploits0References2
OSV
OSV
added 2026/02/23 8:28 p.m.7 views

ALPINE-CVE-2025-67733

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

7.1CVSS6AI score0.00586EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : java-17-openjdk-17.0.7.0.7-1.el9 (AXSA:2023-5309:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5309:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS6.6AI score0.02474EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2025/12/15 5:32 a.m.2 views

CVE-2025-14549 OMR on Z processors Exposing a possible buffer over-read problem

In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse OpenJ9 consumers of OMR on Z processors incorrectly handles NUL 0x00 characters during the Latin-compatible charset UTF-8, ISO8859-1, ASCII, etc to IBM-1047/037 translation sequence. This can cause the...

6.9CVSS6.5AI score0.00256EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-0907

Malware in sbrugna...

4.6CVSS8.5AI score0.01347EPSS
Exploits0References34
OSV
OSV
added 2023/07/10 5:16 p.m.6 views

CLSA-2023-1689009395 Fix of 9 CVEs

Backport upstream releases 8u372 to 16.04 LTS CVEs fixed in 8u372: - CVE-2023-21930: Improper connection handling during TLS handshake - CVE-2023-21937: Missing string checks for NULL characters - CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder - CVE-2023-21939: Swing HTML...

7.4CVSS7.3AI score0.02474EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2023/04/20 2:6 a.m.8 views

OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

3.7CVSS7.3AI score0.01208EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/04/19 7:27 p.m.3 views

OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

3.7CVSS7.3AI score0.01208EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/04/19 4:4 p.m.7 views

OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

3.7CVSS7.3AI score0.01208EPSS
Exploits0References4
securityvulns
securityvulns
added 2015/04/13 12:0 a.m.48 views

Asterisk certificate validation bypass

Invalid NULL character handling...

4.3CVSS1.7AI score0.46156EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.44 views

Scientific Linux Security Update : nspr and nss for SL 5.x on i386/x86_64

CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly CVE-2009-2404 nss regexp heap overflow The packages with this update are identical to the packages released on the 20th of July 2009. They are being reissued as a...

9.3CVSS7.3AI score0.05741EPSS
Exploits5References4
Exploit DB
Exploit DB
added 2010/04/11 12:0 a.m.35 views

Microsoft Internet Explorer/Opera - Source Code viewer Null Character Handling

Exploit Title: IE/Opera source code viewer Null Character Handling Vulnerability Date: 10/04/2010 Author: Daniel Correa Software Link: http://www.microsoft.com/windows/internet-explorer/default.aspx Software Link: http://www.opera.com/download/ Version: Tested on IE 8, Opera 10.51 Tested on:...

7AI score
Exploits0
0day.today
0day.today
added 2010/04/11 12:0 a.m.22 views

IE/Opera source code viewer Null Character Handling

Exploit for windows platform in category remote exploits =================================================== IE/Opera source code viewer Null Character Handling =================================================== Exploit Title: IE/Opera source code viewer Null Character Handling Vulnerability Dat...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/04/11 12:0 a.m.19 views

Microsoft Internet ExplorerOpera - Source Code viewer Null Character Handling

Microsoft Internet ExplorerOpera - Source Code viewer Null Character Handling Exploit Title: IE/Opera source code viewer Null Character Handling Vulnerability Date: 10/04/2010 Author: Daniel Correa Software Link: http://www.microsoft.com/windows/internet-explorer/default.aspx Software Link:...

0.1AI score
Exploits0
Ubuntu
Ubuntu
added 2009/01/06 11:17 p.m.73 views

USN-701-1: Thunderbird vulnerabilities

Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Thunderbird could be...

10CVSS8.6AI score0.03201EPSS
Exploits0
securityvulns
securityvulns
added 2002/07/02 12:0 a.m.32 views

KPMG-2002026: Jrun sourcecode Disclosure

-------------------------------------------------------------------- Title: Jrun sourcecode Disclosure BUG-ID: 2002026 Released: 01st Jul 2002 -------------------------------------------------------------------- Problem: ======== It is possible for a malicious user to trick the Jrun webserver int...

0.5AI score
Exploits0
Rows per page
Query Builder