Lucene search
K

4618 matches found

Vulnrichment
Vulnrichment
added 2026/03/02 4:28 p.m.4 views

CVE-2025-64427 ZimaOS is vulnerable to Server-Side Request Forgery (SSRF)

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that target internal IP addresses e.g., 127.0.0.1, localhost, or...

7.1CVSS5.9AI score0.00238EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/02 4:28 p.m.5 views

EUVD-2026-9206

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in the frontend/UI to prevent users from creating files or folders in internal OS paths. However, when interacting directly with the API, th...

8.5CVSS6AI score0.0041EPSS
Exploits2References1
OSV
OSV
added 2026/03/02 4:16 a.m.9 views

CVE-2026-3408

A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit is publicly available...

6.5CVSS5.6AI score
Exploits0References7
OSV
OSV
added 2026/03/02 4:16 a.m.4 views

UBUNTU-CVE-2026-3408

A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit is publicly available...

6.5CVSS5.3AI score0.00394EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-3283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulatio...

7.1CVSS4AI score0.0022EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-14103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowe...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/28 7:47 a.m.13 views

CVE-2026-3285

A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scanstring of the file src/belexer.c. This manipulation causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name:...

7.8CVSS5.6AI score0.00223EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/02/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-3525

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have, under...

6.5CVSS5.8AI score0.00308EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/28 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-27148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat Enterprise Linux - storybook: Storybook: Remote Code Execution via WebSocket Hijacking CVE-2026-27148 Note that Nessus relies on the presence of the...

9.6CVSS6.1AI score0.00542EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/27 4:41 p.m.6 views

EUVD-2026-9035

OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on the server...

6.5CVSS6AI score0.00399EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/27 4:41 p.m.7 views

CVE-2026-24488 OpenEMR Vulnerable to Arbitrary File Exfiltration via Fax Endpoint

OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on the server...

6.5CVSS6AI score0.00399EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2026/02/27 4:0 a.m.6 views

CVE-2025-11065 affecting package kata-containers for versions less than 3.19.1.kata2-5

CVE-2025-11065 affecting package kata-containers for versions less than 3.19.1.kata2-5. A patched version of the package is available...

5.3CVSS5.9AI score0.00357EPSS
Exploits0
EUVD
EUVD
added 2026/02/27 3:30 a.m.10 views

EUVD-2026-8991

A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...

4.8CVSS4.6AI score0.00214EPSS
Exploits2References9
EUVD
EUVD
added 2026/02/27 3:30 a.m.9 views

EUVD-2026-8985

A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now publ...

5.3CVSS5.9AI score0.00243EPSS
Exploits1References9
OSV
OSV
added 2026/02/27 3:16 a.m.7 views

DEBIAN-CVE-2026-3284

A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...

5.5CVSS4.3AI score0.00214EPSS
Exploits2References1
OSV
OSV
added 2026/02/27 3:16 a.m.4 views

DEBIAN-CVE-2026-3283

A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulation of the argument extractband leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed to th...

7.1CVSS3.9AI score0.0022EPSS
Exploits1References1
OSV
OSV
added 2026/02/27 3:16 a.m.9 views

UBUNTU-CVE-2026-3284

A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...

5.5CVSS5.6AI score0.00214EPSS
Exploits2References10
OSV
OSV
added 2026/02/27 3:16 a.m.9 views

UBUNTU-CVE-2026-3283

A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulation of the argument extractband leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed to th...

7.1CVSS5.1AI score0.0022EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2026/02/27 3:2 a.m.4 views

CVE-2026-3285 berry-lang berry be_lexer.c scan_string out-of-bounds

A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scanstring of the file src/belexer.c. This manipulation causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name:...

4.8CVSS5.6AI score0.00223EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/02/27 3:2 a.m.28 views

CVE-2026-3284 libvips extract.c vips_extract_area_build integer overflow

A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...

4.8CVSS0.00214EPSS
Exploits2References8
Rows per page
Query Builder