Lucene search
K

3358 matches found

Fedora
Fedora
added 2026/05/17 1:27 a.m.20 views

[SECURITY] Fedora 44 Update: python-jupytext-1.19.1-4.fc44

Have you always wished Jupyter notebooks were plain text documents? Wished you could edit them in your favorite IDE? And get clear and meaningful diffs when doing version control? Then... Jupytext may well be the tool you're looking for! Jupytext is a plugin for Jupyter that can save Jupyter...

9.8CVSS6.5AI score0.01735EPSS
Exploits2
Fedora
Fedora
added 2026/05/17 12:50 a.m.18 views

[SECURITY] Fedora 43 Update: python-jupytext-1.19.1-4.fc43

Have you always wished Jupyter notebooks were plain text documents? Wished you could edit them in your favorite IDE? And get clear and meaningful diffs when doing version control? Then... Jupytext may well be the tool you're looking for! Jupytext is a plugin for Jupyter that can save Jupyter...

9.8CVSS6.5AI score0.01735EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/05/12 12:41 p.m.30 views

CVE-2026-6402

A flaw was found in webpack-dev-server. When the development server operates over plain HTTP, a remote attacker can exploit a cross-origin source code exposure vulnerability. This allows a malicious website, visited by a developer, to load the bundled application source code as a script and read ...

6.5CVSS5.8AI score0.00216EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/12 9:19 a.m.10 views

Exposed Dangerous Method or Function

Overview webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function in Server.js, when handling non-HTTPS responses. An attacker can...

6.5CVSS5.8AI score0.00427EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/05/08 2:20 a.m.7 views

SUSE CVE-2026-43166

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

5.7AI score0.00132EPSS
Exploits0References3
Hacker One
Hacker One
added 2026/05/07 6:58 a.m.10 views

curl: CVE-2026-8286: wrong STARTTLS connection reuse

A vulnerability was found in the Curl library that allowed a plain-text connection to reuse an existing SSL-upgraded connection without verifying the SSL configuration. This could lead to a man-in-the-middle attack if an attacker was able to intercept the initial STARTTLS upgrade. The issue was...

8.1CVSS6.6AI score0.02596EPSS
Exploits2
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.12 views

VMware Spring Cloud Config 日志信息泄露漏洞

VMware Spring Cloud Config is a configuration management solution for distributed systems developed by VMware, Inc. This product provides server and client support for external configurations in distributed systems. VMware Spring Cloud Config has a vulnerability related to log information leakage...

4.4CVSS5.8AI score0.00168EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 12:30 p.m.8 views

EUVD-2026-27729

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

5.7AI score0.00132EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 12:16 p.m.8 views

CVE-2026-43166

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

7.1CVSS0.00132EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.26 views

CVE-2026-43166 erofs: fix interlaced plain identification for encoded extents

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

7.1CVSS0.00132EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.6 views

CVE-2026-43166

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

7.1CVSS5.7AI score0.00132EPSS
Exploits0
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43166

CVE-2026-43166 concerns the Linux kernel’s erofs filesystem. A flaw in interlaced plain extent identification occurs when the start position and on-disk physical length are not both aligned to the block size, causing plain data to be misclassified as interlaced instead of shifted. This can lead t...

7.1CVSS5.7AI score0.00132EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/06 8:16 a.m.8 views

CVE-2026-23928

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

7.3CVSS0.00285EPSS
Exploits0References1
OSV
OSV
added 2026/05/06 8:16 a.m.8 views

DEBIAN-CVE-2026-23928

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

7.3CVSS5.9AI score0.00285EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/06 8:16 a.m.7 views

CVE-2026-23928

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

7.3CVSS5.9AI score0.00285EPSS
Exploits0References1
OSV
OSV
added 2026/05/06 8:16 a.m.4 views

UBUNTU-CVE-2026-23928

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

7.3CVSS5.9AI score0.00285EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 7:0 a.m.7 views

CVE-2026-23928 Stored XSS vulnerability in the Item history/Plain text widget

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

7.3CVSS5.9AI score0.00285EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 7:0 a.m.10 views

EUVD-2026-27530

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

7.3CVSS5.9AI score0.00285EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:0 a.m.5 views

CVE-2026-23928

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

7.3CVSS5.9AI score0.00285EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/06 7:0 a.m.22 views

CVE-2026-23928

CVE-2026-23928 describes a stored XSS in Zabbix widgets: the Item history widget (7.0+) or the Plain text widget (6.0) can execute injected JavaScript when HTML display is enabled. The attacker must supply the malicious script from a monitored host, and the impact varies by user viewing a dashboa...

7.3CVSS5.9AI score0.00285EPSS
Exploits0References1
Rows per page
Query Builder