Lucene search
+L

18359 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.6 views

AlmaLinux 8 : container-tools:rhel8 (ALSA-2026:35833)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:35833 advisory. github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption JWE object CVE-2026-34986...

9.1CVSS6.8AI score0.00651EPSS
Exploits0References7
CERT
CERT
added 2026/07/06 12:0 a.m.5 views

HP Deskjet 2800 Printer Series Webservers contain Missing Authorization Vulnerability

Overview HP Printers in the Deskjet 2800 Series running firmware version =TBP1CN2612AR contain a missing authorization vulnerability tracked as CVE-2026-13753. This vulnerability allows unauthenticated access to the printer's webserver API endpoints, exposing Wi-Fi credentials, management...

7.5CVSS6.2AI score0.00271EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/07/01 6:54 p.m.8 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 5:50 p.m.4 views

CVE-2026-50195 containerd: CRI checkpoint import allows local image tag poisoning

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

5.6CVSS6.3AI score0.00354EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/07/01 12:59 p.m.28 views

AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the browser on both...

8.8CVSS7.2AI score0.99735EPSS
Exploits9
NVD
NVD
added 2026/07/01 5:16 a.m.9 views

CVE-2026-12113

The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.02 via the cpabcappointmentsfilterlist. This makes it possible for authenticated attackers, with contributor-level access and above, to extract customer...

4.3CVSS0.00228EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/29 10:17 a.m.9 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:54 a.m.5 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.11 views

Fedora 43 : mariadb10.11 (2026-efc64a64ec)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-efc64a64ec advisory. MariaDB 10.11.18 Upstream Release notes: https://mariadb.com/docs/release-notes/community-server/10.11/10.11.18 Upstream Changelog:...

10CVSS6AI score0.00998EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.8 views

SUSE CVE-2026-53249

In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPTSSRR and IPOPTLSRR options This patch restricts setting Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options to users with CAPNETRAW capability. This prevents unprivileged...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/25 2:20 a.m.8 views

SUSE CVE-2026-52915

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6thbh: reject oversized option lists struct ip6topts stores at most IP6TOPTSOPTSNR option descriptors, but hbhmt6check does not reject larger optsnr values supplied from userspace. Validate optsnr in the rule setup...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/23 10:11 p.m.13 views

Snipe-IT's selectlist visibility is too permissive

Impact The GET /api/v1/object/selectlist API endpoint is missing an authorization check. Any user who can log into Snipe-IT - regardless of permissions - can retrieve a paginated list of all user accounts using only their web session cookie. No API token or elevated permissions are required. This...

7.1CVSS5.9AI score0.00385EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/22 12:47 p.m.34 views

CVE-2026-7166 Multiple vulnerabilities in the Assassin game by Gaudire

Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the ‘email’ and ‘telefon’ fields. This vulnerability is also present in the local database, as it contains accessible sensitive information such as data on...

9.2CVSS0.00384EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.11 views

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1861)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1861 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can...

7.5CVSS6AI score0.00353EPSS
Exploits0References18
EUVD
EUVD
added 2026/06/20 3:24 p.m.13 views

EUVD-2026-38120

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive...

6.9CVSS5.9AI score0.00239EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.24 views

PT-2026-51152

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An information disclosure issue exists in the unauthenticated '/replication' endpoint. This allows attackers to retrieve internal PostgreSQL replication telemetry without authentication, exposing...

6.9CVSS5.9AI score0.00239EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

In the Linux kernel up to version 5.8.7, local attackers who were able to inject conntrack netlink configurations could exploit an overflow in a local buffer, resulting in crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink....

6CVSS6.6AI score0.00566EPSS
Exploits1References1
Debian
Debian
added 2026/06/19 8:47 a.m.9 views

[SECURITY] [DLA 4636-1] thunderbird security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4636-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 19, 2026 https://wiki.debian.org/LTS -...

9.6CVSS6.1AI score0.00476EPSS
Exploits0
CVE
CVE
added 2026/06/18 8:58 a.m.22 views

CVE-2026-50643

The CVE-2026-50643 entry concerns the 8cc compiler. It describes an Out-of-Bounds Read caused by improper handling of #line directives and GNU linemarkers, where attacker-controlled filename and line-number metadata is used without validation when accessing source line arrays. This can lead to ou...

5.1CVSS5.3AI score0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/18 6:50 a.m.12 views

EUVD-2026-37864

The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.4.01. This is due to insufficient authorization and missing per-calendar ownership checks in the cpabcappointmentscalendarload2 function, which is reachable vi...

4.3CVSS5.4AI score0.00285EPSS
Exploits0References10
Rows per page
Query Builder