Lucene search
K

201 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0528

Malware in sbrugna...

5CVSS6.4AI score0.01797EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0102

Malware in sbrugna...

5CVSS6.4AI score0.04069EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2006-2563

Malware in sbrugna...

2.1CVSS6.1AI score0.00408EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2017-5620

Malware in sbrugna...

7.1CVSS5.3AI score0.02234EPSS
Exploits3References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1871

Malicious code in bioql PyPI...

5CVSS6.6AI score0.07854EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-21274

Malicious code in bioql PyPI...

5.3CVSS6.2AI score0.00514EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-7043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do n...

9.1CVSS8AI score0.02403EPSS
Exploits0References2
OSV
OSV
added 2025/07/25 1:16 p.m.5 views

OESA-2025-1889 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

7.5CVSS7AI score0.00953EPSS
Exploits2References4
OSV
OSV
added 2025/07/13 11:15 p.m.3 views

DEBIAN-CVE-2025-1220

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before 8.4.10 some functions like fsockopen lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parseurl treat the hostname in different way, thus openin...

5.3CVSS6AI score0.00514EPSS
Exploits1References1
OSV
OSV
added 2025/07/13 10:18 p.m.5 views

CVE-2025-1220 Null byte termination in hostnames

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before 8.4.10 some functions like fsockopen lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parseurl treat the hostname in different way, thus openin...

3.7CVSS6.5AI score0.00514EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/21 8:57 p.m.7 views

CVE-2005-2239

oftpd 0.3.7 allows remote attackers to cause a denial of service via a USER command with a large number of null \0 characters...

5CVSS7.1AI score0.03397EPSS
Exploits1References1
OSV
OSV
added 2024/08/23 11:8 a.m.5 views

OESA-2024-2020 c-ares security update

This is c-ares, an asynchronous resolver library. It is intended for applications which need to perform DNS queries without blocking, or need to perform multiple Security Fixes: c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as...

5.5CVSS6.7AI score0.00349EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/06/28 12:0 a.m.8 views

The vulnerability of the Net::CIDR::Lite interpreter for the Perl programming language arises from errors in handling extra null characters at the beginning of an IP address string. This allows a malicious actor to bypass access controls.

The vulnerability of the Net::CIDR::Lite interpreter for the Perl programming language is related to errors in handling extra zero characters at the beginning of an IP address. Exploiting this vulnerability can allow a remote attacker to bypass access controls...

7.5CVSS6.6AI score0.00493EPSS
Exploits0References7Affected Software2
Redos
Redos
added 2024/06/26 12:0 a.m.18 views

ROS-20240626-07

A vulnerability in the Net::CIDR::Lite module of the Perl programming language interpreter is related to bugs in the handling foreign null characters at the beginning of an IP address string. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access controls...

6.3CVSS6.9AI score0.00493EPSS
Exploits0
Veracode
Veracode
added 2024/04/11 12:37 a.m.25 views

Buffer Under-read

c-ares is vulnerable to Buffer Under-read. The vulnerability is due to improper handling of embedded NULL characters as the first character in a new line within certain configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and prior to version 1.27.0, the...

5.5CVSS6.9AI score0.00349EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2023/10/04 9:47 a.m.714 views

Untrusted Search Path

python is vulnerable to Untrusted Search Path. The vulnerability is due to the Pynormpath function which cannot process paths with embedded null characters without truncating the path. If a path containing the \0 byte is passed to os.path.normpath, the path will be truncated unexpectedly at the...

7.5CVSS7AI score0.02155EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linux
added 2023/07/31 9:33 a.m.54 views

Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.7AI score0.02474EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2023/07/17 8:51 a.m.6 views

OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

3.7CVSS7.3AI score0.01208EPSS
Exploits0References4
OSV
OSV
added 2023/07/06 9:2 p.m.6 views

CLSA-2023-1688677355 java-1.8.0-openjdk: Fix of 7 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs: - CVE-2023-21930: Improper connection handling during TLS handshake 8294474 - CVE-2023-21937: Missing string checks for NULL characters 8296622 - CVE-2023-21938: Incorrect handling of NULL characters in...

7.4CVSS6.4AI score0.02474EPSS
Exploits1References1
OSV
OSV
added 2023/04/26 3:28 p.m.35 views

RLSA-2023:1909 Important: java-1.8.0-openjdk security and bug fix update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS6.8AI score0.02474EPSS
Exploits1References9
Rows per page
Query Builder