Lucene search
K

68 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-24965

chmod: recursive mode returns exit code 0 even when some files fail last-file-wins...

5.5CVSS6AI score0.00142EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 10:17 a.m.5 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:40 a.m.5 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.7 views

PT-2026-53671

Name of the Vulnerable Software and Affected Versions Mythic versions prior to 3.4.0.60 Description An authorization bypass exists that allows authenticated users with the spectator role to perform unauthorized write operations. This occurs because the 'eventing import automatic webhook' endpoint...

5.4CVSS6AI score0.00249EPSS
Exploits0References9
CVE
CVE
added 2026/06/25 7:40 p.m.24 views

CVE-2026-10592

CVE-2026-10592 concerns certificates with wildcard DNS SANs (e.g., *.example.com) bypassing CA name-constraint checks. A wildcard SAN that should be rejected by the issuing CA’s permitted/excluded DNS name constraints could be accepted, enabling potential mis-issuance. The provided documents refe...

6.3CVSS5.8AI score0.00124EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.6 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.14 views

SUSE CVE-2026-45927

In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...

5.7AI score0.00092EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/26 7:4 a.m.10 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/26 6:40 a.m.12 views

gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

7.4CVSS5.7AI score0.00566EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Apache2

A substitution encoding issue in modrewrite in Apache HTTP Server 2.4.59 and earlier allows attackers to execute scripts in directories permitted by the configuration, but these directories are not directly accessible via URLs. Additionally, the source of scripts intended for execution only as CG...

9.8CVSS7.8AI score0.02456EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/01 2:12 a.m.10 views

SUSE CVE-2026-3833

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

6.5CVSS5.4AI score0.00566EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2026/04/22 4:7 p.m.5 views

CVE-2026-35339 uutils coreutils chmod False Success Exit Code in Recursive Mode

The recursive mode -R of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determined solely by the success or failure of the last file processed. This allows the command to return an exit code of 0 success even if error...

5.5CVSS5.8AI score0.00142EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.8 views

PT-2026-36155

Name of the Vulnerable Software and Affected Versions gnutls affected versions not specified Description A flaw exists where case-sensitive comparisons are performed on nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtree...

9.1CVSS5.8AI score0.01263EPSS
Exploits1References119
Veracode
Veracode
added 2026/02/09 9:26 a.m.6 views

Server-Side Request Forgery (SSRF)

Webpack is vulnerable to Server-Side Request Forgery SSRF . The vulnerability is due to missing re-validation of allowedUris after HTTP 30x redirects in the HttpUriPlugin, allowing imports initially constrained to trusted URLs to be redirected to untrusted or internal endpoints, resulting in...

3.7CVSS5.5AI score0.002EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/05 9:19 p.m.8 views

Unauthenticated Spree Commerce users can access all guest addresses

Summary A critical IDOR vulnerability exists in Spree Commerce's guest checkout flow that allows any guest user to bind arbitrary guest addresses to their order by manipulating address ID parameters. This enables unauthorized access to other guests' personally identifiable information PII includi...

8.7CVSS5.9AI score0.00599EPSS
Exploits1References13Affected Software1
EUVD
EUVD
added 2026/02/04 4:7 p.m.6 views

EUVD-2026-5488

In the Linux kernel, the following vulnerability has been resolved: uacce: implement mremap in uaccevmops to return -EPERM The current uaccevmops does not support the mremap operation of vmoperationsstruct. Implement .mremap to return -EPERM to remind users. The reason we need to explicitly disab...

5.2AI score0.00177EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/02/04 4:7 p.m.4 views

CVE-2026-23056

In the Linux kernel, the following vulnerability has been resolved: uacce: implement mremap in uaccevmops to return -EPERM The current uaccevmops does not support the mremap operation of vmoperationsstruct. Implement .mremap to return -EPERM to remind users. The reason we need to explicitly disab...

5.1AI score0.00177EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in Botan

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or by explicitly encoding the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted and exclude...

5.3CVSS5.9AI score0.00272EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-0071

Malware in sbrugna...

4.3CVSS6.4AI score0.01283EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-13768

Malware in sbrugna...

4.3CVSS4.9AI score0.00581EPSS
Exploits0References2
Rows per page
Query Builder