Lucene search
K

8 matches found

OSV
OSV
added 2026/02/26 1:37 p.m.8 views

CLSA-2026-1772113038 Fix of 12 CVEs

OpenJDK 8u482 release, build 8. Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2026-January/020959.html - Security fixes 8u482: + CVE-2026-21945: Prevent DoS via repeated crash or hang in sandbox security + CVE-2026-21932: Fix integrity issue in sandboxed handling of untrusted input ...

8.6CVSS6.9AI score0.01058EPSS
Exploits2References1
AlpineLinux
AlpineLinux
added 2025/11/26 5:33 p.m.6 views

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS7AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2025/09/16 6:16 a.m.5 views

UBUNTU-CVE-2025-59437

The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection...

3.2CVSS5.8AI score0.00116EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:22 a.m.13 views

CVE-2024-5208

An uncontrolled resource consumption vulnerability exists in the upload-link endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service DOS by shutting down the server through sending invalid upload requests. Specifically, the server can be made to sh...

6.5CVSS6.9AI score0.00618EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/12/11 8:15 a.m.4 views

CVE-2023-49964

An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI Server-Side Template Injection attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE...

9CVSS7.3AI score0.34684EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/09/12 1:15 p.m.7 views

CVE-2023-39150

ConEmu before commit 230724 does not sanitize title responses correctly for control characters, potentially leading to arbitrary code execution. This is related to an incomplete fix for CVE-2022-46387...

9.8CVSS7.7AI score0.00866EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.6 views

SUSE CVE-2010-1449

Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12...

7.5CVSS10AI score0.03854EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2022/04/09 7:0 a.m.4 views

It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756 which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756 refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756.

...

6.5CVSS7.6AI score0.0051EPSS
Exploits0
Rows per page
Query Builder