Lucene search
K

1051 matches found

OSV
OSV
added 2026/05/08 7:50 p.m.9 views

CLSA-2026-1778261513 Update of alt-php

Miscellaneous Ubuntu changes - Packaging: add tuxcare suffix Miscellaneous upstream changes - xfrm: esp: avoid in-place decrypt on shared skb frags - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present...

5.8AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.8 views

Spying across Chiplets: Side-Channel Attacks in 2.5/3D Integrated Systems

Advanced packaging and chiplet-based integration are increasingly adopted to build complex heterogeneous systems beyond the limits of monolithic scaling. While these architectures offer major benefits in terms of modularity, yield, and performance, they also introduce new physical attack surfaces...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/05/07 4:39 p.m.9 views

Symlink Attack

Overview bentoml is a BentoML: Build Production-Grade AI Applications Affected versions of this package are vulnerable to Symlink Attack via the build packaging workflow. An attacker can access sensitive files from the build host by introducing crafted symlinks in the build context, which are...

6.7CVSS5.8AI score0.00284EPSS
Exploits1References2
OSV
OSV
added 2026/05/07 9:54 a.m.4 views

SUSE-SU-2026:21593-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...

6.8CVSS5.9AI score0.0016EPSS
Exploits1References4
OSV
OSV
added 2026/05/07 9:52 a.m.4 views

SUSE-SU-2026:21575-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...

6.8CVSS5.9AI score0.0016EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/03 8:23 p.m.8 views

Malicious code in rostilesolver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 eef0922e5bb8ba3371baad4b76542215ff15e445a9d6ed6fb5546230fe5da4df During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.6 views

openSUSE 16 Security Update : radare2 (openSUSE-SU-2026:20653-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20653-1 advisory. Changes in radare2: - Update to version 6.1.4 bsc1262142, CVE-2026-40499: Analysis: improve autoname scoring, jmptbl detection, and performance...

10CVSS6.9AI score0.01184EPSS
Exploits3References18
Fedora
Fedora
added 2026/04/28 1:0 a.m.8 views

[SECURITY] Fedora 43 Update: PackageKit-1.3.4-3.fc43

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...

5.3AI score
Exploits0
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from an execution approval vulnerability in the exec-approvals-allowlist.ts file, which allowed the...

7.3CVSS5.9AI score0.00124EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/24 2:40 a.m.3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the --persist-lint-results process. An attacker can overwrite arbitrary JSON files on the filesystem by supplying a crafted APK with manipulated .PKGINFO fields containing path traversal sequences. This is only...

4.8CVSS6.3AI score0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/24 12:0 a.m.35 views

CVE-2026-29051 melange has Path Traversal via .PKGINFO in --persist-lint-results

melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, melange lint --persist-lint-results opt-in flag, also usable via melange build --persist-lint-results constructs output file paths by joining --out-dir with the arch and...

4.4CVSS0.00172EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.10 views

Oracle MySQL Server 8.0.x < 8.0.46 (April 2026 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Packaging OpenSSL. Supported versions that are affected are 8.0.0-8.0.45,...

9.8CVSS6.3AI score0.47621EPSS
Exploits7References26
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.4 views

PT-2026-34804

Name of the Vulnerable Software and Affected Versions melange versions 0.32.0 through 0.43.3 Description When using the opt-in flag '--persist-lint-results' via 'melange lint' or 'melange build', the software constructs output file paths by joining the '--out-dir' parameter with arch and pkgname...

4.4CVSS5.5AI score0.00172EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.99 views

Oracle MySQL Server 8.4.x < 8.4.9 (April 2026 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Packaging OpenSSL. Supported versions that are affected are 8.0.0-8.0.45,...

9.8CVSS6.3AI score0.47621EPSS
Exploits7References23
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.5 views

Oracle MySQL Server 9.x.x < 9.7.0 (April 2026 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Packaging OpenSSL. Supported versions that are affected are 8.0.0-8.0.45,...

9.8CVSS6.3AI score0.47621EPSS
Exploits7References26
OSV
OSV
added 2026/04/21 9:24 a.m.4 views

SUSE-SU-2026:1519-1 Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers spacecmd: - Version 5.1.13-0 Updated translation strings uyuni-tools: - Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key...

8.7CVSS5.7AI score0.00375EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2026/04/20 4:16 p.m.6 views

CVE-2026-3219

pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior only proceeds wit...

4.6CVSS5.8AI score0.00144EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

Oracle Linux 9 : nodejs:24 (ELSA-2026-7350)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7350 advisory. nodejs 1:24.14.1-2 - Update bundled nghttp2 to 1.68.1 1:24.14.1-1 - Update to version 24.14.1 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fi...

9.8CVSS6.7AI score0.26356EPSS
Exploits1References19
Fedora
Fedora
added 2026/04/16 11:42 p.m.9 views

[SECURITY] Fedora 44 Update: plasma-workspace-x11-6.6.4-1.fc44

Support for the legacy X11 window system in KDE Plasma, as opposed to the default Wayland. This package provides the legacy "Plasma X11" session type and the startplasma-x11 executable required by that session type. Other requirements such as kwin-x11 are found in the package dependencies. The...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/04/16 11:42 p.m.8 views

[SECURITY] Fedora 44 Update: kf6-6.25.0-1.fc44

Filesystem and RPM macros for KDE Frameworks 6...

5.8AI score
Exploits0
Rows per page
Query Builder