Lucene search
K

18 matches found

OSV
OSV
added 2026/06/25 10:23 p.m.10 views

GHSA-X527-X647-Q7GG golang.org/x/crypto: Invoking VerifiedPublicKeyCallback permissions skip enforcement

Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...

10CVSS6.8AI score0.03153EPSS
Exploits2References18
Debian CVE
Debian CVE
added 2026/06/25 8:1 p.m.8 views

CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS5.8AI score0.00346EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/21 3:58 p.m.5 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

5.9CVSS5.8AI score0.00105EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:23 p.m.6 views

CVE-2026-3195

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

7.4CVSS5.8AI score0.00126EPSS
Exploits0References3Affected Software6
Cvelist
Cvelist
added 2026/05/12 5:16 p.m.45 views

CVE-2026-44166 Pocketbase: Account pre-hijacking via OAuth2 unverfied->verified autolinking upgrade

Pocketbase is an open source web backend written in go. Prior to 0.22.42 and 0.37.4, in some situations, if an attacker knows the email address of the victim they can create and link an unverified PocketBase user in advance by authenticating with one of the OAuth2 app providers, e.g. "A". When th...

6.1CVSS0.00247EPSS
Exploits1References1
OSV
OSV
added 2026/04/22 10:52 a.m.7 views

OPENSUSE-SU-2026:20611-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks sometimes soft-fail...

9.1CVSS8.6AI score0.21691EPSS
Exploits8References20
OSV
OSV
added 2026/04/11 2:3 p.m.5 views

OESA-2026-1847 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer,...

7.4CVSS5.8AI score0.00126EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/05 1:40 p.m.6 views

CVE-2023-7337

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied...

9.8CVSS6AI score0.02041EPSS
Exploits0References1
OSV
OSV
added 2025/11/14 12:38 p.m.3 views

OESA-2025-2655 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability wh...

7.5CVSS6.9AI score0.0051EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 3:21 p.m.5 views

EUVD-2025-32731

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

5.7AI score0.00119EPSS
Exploits0References3
CVE
CVE
added 2025/10/07 3:21 p.m.15 views

CVE-2023-53686

CVE-2023-53686: Linux kernel vulnerability in net/handshake/netlink.c fix null-ptr-deref in handshake_nl_done_doit(); ensures trace_handshake_cmd_done_err() is not called if socket lookup fails and is invoked before releasing the file to avoid dereferencing sock->sk. Affects kernel networking ...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/09/16 12:0 a.m.12 views

CVE-2025-59437

The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection...

3.2CVSS0.00116EPSS
Exploits0References2
OSV
OSV
added 2024/04/10 12:24 p.m.4 views

USN-6719-2 util-linux vulnerability

USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory details: Skyler Ferrante discovered that the util-linux wall command di...

3.3CVSS6.8AI score0.02242EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.4 views

PT-2023-17896 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to a possible use after free due to a race condition in multiple functions of WVDrmPlugin.cpp. This could lead to local escalation of privilege with no additional...

7CVSS6.9AI score0.00066EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.4 views

SUSE CVE-2014-1927

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

7.5CVSS8.1AI score0.03388EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2022/11/01 1:15 p.m.4 views

CVE-2022-42309

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be...

8.8CVSS5.8AI score0.00272EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2022/08/08 7:43 p.m.1 views

minimist: prototype pollution

An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...

9.8CVSS6.8AI score0.04581EPSS
Exploits1References5
OSV
OSV
added 2015/12/03 8:59 p.m.4 views

UBUNTU-CVE-2015-8078

Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the sectionoffset variable. NOTE: this vulnerability exists because of an incomplete fix for...

7.5CVSS7.4AI score0.02753EPSS
Exploits0References2
Rows per page
Query Builder