Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.10.1 : libssh (EulerOS-SA-2026-2027)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A malicious SCP server can send unexpected paths that could make the client application override local files outside of working...

8.2CVSS6.8AI score0.58204EPSS
Exploits9References7
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Amazon Linux 2023 : golang-github-burntsushi-toml, golang-github-burntsushi-toml-devel (ALAS2023-2026-1751)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1751 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 Within HostnameError.Error, when constructing ...

7.5CVSS7.2AI score0.01945EPSS
Exploits3References34
Amazon
Amazon
added 2026/05/26 12:0 a.m.27 views

Important: cni-plugins

Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...

7.5CVSS7.2AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.16 views

Important: runc

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.24 views

Important: runfinch-finch

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/09 5:30 p.m.11 views

USN-8154-2: Django vulnerabilities

USN-8154-1 fixed vulnerabilities in Django. This update provides the corresponding updates for Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Original advisory details: Seokchan Yoon discovered that Django incorrectly handled copying memory when parsing multipart uploads with excessive whitespace. A remo...

9.8CVSS6AI score0.00879EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/02/25 12:0 a.m.129 views

📄 Open Babel 3.1.1 CIF File Memory Corruption

This Metasploit auxiliary module generates a crafted .cif file designed to test for memory corruption conditions in Open Babel version 3.1.1. By providing an excessive number of symmetry operations, it triggers a crash DoS during file parsing. The exact outcome depends on the target's build,...

5.6AI score
Exploits0
OSV
OSV
added 2026/02/25 12:0 a.m.10 views

ALSA-2026:3291 Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in query...

10CVSS6AI score0.01945EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.7 views

Amazon Linux 2 : golang, --advisory ALAS2-2026-3136 (ALAS-2026-3136)

The version of golang installed on the remote host is prior to 1.24.12-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3136 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP...

10CVSS8.4AI score0.01945EPSS
Exploits2References14
SUSE Linux
SUSE Linux
added 2026/01/22 12:13 p.m.4 views

Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. CVE-2025-68119: cmd/go: unexpected code execution when invoking...

7.6CVSS6.4AI score0.01945EPSS
Exploits2References26
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : ruby:3.0 (AXSA:2022-3846:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3846:01 advisory. ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-41817 ruby: Cookie prefix spoofing in CGI::Cookie.parse...

9.8CVSS7.9AI score0.04127EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : pcs-0.10.18-2.el8_10.1.ML.1 (AXSA:2024-8703:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8703:04 advisory. REXML: DoS parsing an XML with many s in an attribute value CVE-2024-35176 Tenable has extracted the preceding description block directly from the MiracleLin...

5.3CVSS8.5AI score0.02064EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.9 views

MiracleLinux 7 : rh-ruby26-ruby-2.6.9-120.el7 (AXSA:2022-3091:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3091:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

9.3CVSS7.4AI score0.06307EPSS
Exploits5References7
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.12 views

CVE-2023-29013

Traefik pronounced traffic is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This...

7.5CVSS6.5AI score0.01085EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-23775

Malware in sbrugna...

7.5CVSS7AI score0.1229EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-23774

Malware in sbrugna...

7.5CVSS7AI score0.043EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-0614

Malware in sbrugna...

7.5CVSS7.6AI score0.06883EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-26991

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01122EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2025/07/17 3:38 p.m.10 views

USN-7645-1: PHP vulnerabilities

It was discovered that PHP incorrectly parsed certain HTTP response headers. An attacker could possibly use this issue to cause incorrect MIME type parsing which could result in unexpected behavior. CVE-2025-1217 It was discovered that PHP did not properly validate certain HTTP headers. An attack...

9.8CVSS6.2AI score0.00821EPSS
Exploits1
NVD
NVD
added 2025/07/10 3:15 p.m.8 views

CVE-2025-7370

Rejected reason: Upon investigtion upstream maintainers discovered this was not a real issue. See the references for more details. See: https://gitlab.gnome.org/GNOME/libsoup/-/issues/430note2494090...

Exploits0
Rows per page
Query Builder