Lucene search
K

80262 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/24 6:14 p.m.4 views

CVE-2026-33421

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.53 and 9.6.0-alpha.42, Parse Server's LiveQuery WebSocket interface does not enforce Class-Level Permission CLP pointer permissions readUserFields and pointerFields. Any...

7.1CVSS5.7AI score0.00397EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/03/24 6:14 p.m.19 views

CVE-2026-33421 Parse Server: LiveQuery bypasses CLP pointer permission enforcement

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.53 and 9.6.0-alpha.42, Parse Server's LiveQuery WebSocket interface does not enforce Class-Level Permission CLP pointer permissions readUserFields and pointerFields. Any...

7.1CVSS0.00397EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/24 6:14 p.m.2 views

CVE-2026-33421 Parse Server: LiveQuery bypasses CLP pointer permission enforcement

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.53 and 9.6.0-alpha.42, Parse Server's LiveQuery WebSocket interface does not enforce Class-Level Permission CLP pointer permissions readUserFields and pointerFields. Any...

7.1CVSS5.7AI score0.00397EPSS
Exploits0References5
CVE
CVE
added 2026/03/24 6:14 p.m.11 views

CVE-2026-33421

Parse Server’s LiveQuery WebSocket interface historically did not enforce Class-Level Permission pointer permissions (readUserFields and pointerFields) prior to versions 8.6.53 and 9.6.0-alpha.42. Any authenticated user could subscribe to LiveQuery events and receive real-time updates for objects...

7.1CVSS5.7AI score0.00397EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/24 6:14 p.m.5 views

CVE-2026-33421 Parse Server: LiveQuery bypasses CLP pointer permission enforcement

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.53 and 9.6.0-alpha.42, Parse Server's LiveQuery WebSocket interface does not enforce Class-Level Permission CLP pointer permissions readUserFields and pointerFields. Any...

7.1CVSS5.7AI score0.00397EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/24 5:31 p.m.3 views

CVE-2026-32854 LibVNCServer httpd proxy NULL Pointer Dereference

LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...

6.3CVSS5.8AI score0.05322EPSS
Exploits1References3
CVE
CVE
added 2026/03/24 5:31 p.m.40 views

CVE-2026-32854

LibVNCServer

7.5CVSS5.8AI score0.05322EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/03/24 5:31 p.m.5 views

EUVD-2026-14932

LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...

6.3CVSS5.8AI score0.05322EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/24 5:31 p.m.3 views

CVE-2026-32854

LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...

6.3CVSS5.8AI score0.05322EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/24 5:31 p.m.22 views

CVE-2026-32854 LibVNCServer httpd proxy NULL Pointer Dereference

LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...

6.3CVSS0.05322EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/03/24 5:31 p.m.2 views

CVE-2026-32854

LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...

7.5CVSS5.4AI score0.05322EPSS
Exploits1
OSV
OSV
added 2026/03/24 4:49 p.m.1 views

SUSE-SU-2026:20866-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:49 p.m.2 views

SUSE-SU-2026:20887-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:49 p.m.3 views

SUSE-SU-2026:20861-1 Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References13
OSV
OSV
added 2026/03/24 4:49 p.m.3 views

SUSE-SU-2026:20859-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in cryptmessag...

7.8CVSS6.8AI score0.00278EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:49 p.m.2 views

SUSE-SU-2026:20860-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References13
OSV
OSV
added 2026/03/24 4:49 p.m.2 views

SUSE-SU-2026:20882-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in cryptmessag...

7.8CVSS6.8AI score0.00278EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:48 p.m.2 views

SUSE-SU-2026:20895-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References13
OSV
OSV
added 2026/03/24 4:48 p.m.2 views

SUSE-SU-2026:20847-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer bsc1257118. - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to...

7.8CVSS7.2AI score0.00278EPSS
Exploits0References17
OSV
OSV
added 2026/03/24 4:48 p.m.3 views

SUSE-SU-2026:20891-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer bsc1257118. - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to...

7.8CVSS6.9AI score0.00278EPSS
Exploits0References17
Rows per page
Query Builder