Lucene search
K

15 matches found

CNNVD
CNNVD
added 2026/04/03 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper restoration of writable and soft dirty bits during batch processing, potentially...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/03/26 5:16 p.m.9 views

PYSEC-2026-27

Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...

7.3CVSS5.8AI score0.00132EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2026/02/13 12:0 a.m.4 views

openSUSE Security Advisory (SUSE-SU-2026:0424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7.3AI score0.00311EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-1728

Malware in sbrugna...

7.8CVSS7.5AI score0.00558EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-5346

Malware in sbrugna...

5.5CVSS6.2AI score0.00187EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/07/17 12:30 p.m.16 views

Grafana's insecure DingDing Alert integration exposes sensitive information

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...

4.3CVSS6AI score0.0089EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2025/07/09 3:39 p.m.30 views

CVE-2025-53670

The CVE-2025-53670 entry applies to Jenkins Nouvola DiveCloud Plugin, affected versions prior to 1.09. The underlying issue is that DiveCloud API Keys and Credentials Encryption Keys are stored unencrypted in job config.xml files on the Jenkins controller, making them readable by users with Item/...

6.5CVSS6.5AI score0.0013EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/01/31 4:15 p.m.20 views

CVE-2024-11741

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...

4.3CVSS0.00368EPSS
Exploits0References2
OSV
OSV
added 2024/06/07 3:15 a.m.4 views

CVE-2024-1768

The Clever Fox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's info box block in all versions up to, and including, 25.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

5.4CVSS5.9AI score0.00257EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.6 views

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a file override access vulnerability in the Settings application. Successful exploitati...

5.5CVSS5.6AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2023/03/10 9:30 p.m.4 views

GHSA-584M-7R4M-8J6V Incorrect Authorization in Jenkins Core

When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Jenkins 2.393 and earlier, LTS 2.375.3 and earlier, and , and LTS prior to 2.387.1 creates this temporary file in the default temporar...

3.6CVSS6.3AI score0.00244EPSS
Exploits0References4
OSV
OSV
added 2023/01/26 9:18 p.m.0 views

CVE-2023-24448

A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQPS URL using attacker-specified username and password...

6.5CVSS6.6AI score
Exploits0References1
Code423n4
Code423n4
added 2022/01/27 12:0 a.m.11 views

Anyone can withdraw others

Handle mics Vulnerability details Anyone can withdraw users shares. Although we think that they are sent to the right address, it is still 1 not the desired behavior 2 can be dangerous if the receiver is a smart contract 3 the receiver may not know someone withdraw him XOLE.withdrawReward...

6.9AI score
Exploits0
OSV
OSV
added 2020/12/15 10:52 p.m.6 views

USN-4671-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, bypass security restrictions, spoof the URL bar, ...

9.8CVSS6.9AI score0.01876EPSS
Exploits2References12
RedHat Linux
RedHat Linux
added 2019/08/27 11:12 a.m.8 views

kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group an...

7.8CVSS6.7AI score0.0101EPSS
Exploits2References4
Rows per page
Query Builder