Lucene search
K

6727 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-55206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, PackInfo.read in...

8.7CVSS6.1AI score0.00321EPSS
Exploits0References3
NVD
NVD
added 5 days ago9 views

CVE-2026-33803

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process whi...

6.9CVSS0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-59873

A flaw was found in node-tar, a tar archive manipulation library for Node.js. This vulnerability allows a remote attacker to craft a small gzip bomb, which, when processed, can lead to the exhaustion of disk space and CPU resources. This occurs because node-tar does not enforce strict limits on t...

9.2CVSS5.8AI score0.00358EPSS
Exploits1References6
CVE
CVE
added 5 days ago21 views

CVE-2026-57027

CVE-2026-57027 affects Juniper Networks Junos OS on EX4100 and EX4400 in sFlow VC deployments. When multicast traffic is exchanged between VC members, a memory leak in the packet forwarding engine (pfe) can cause an FPC crash and restart, leading to DoS for unauthenticated adjacent attackers. Aff...

7.1CVSS6.1AI score0.00269EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 5 days ago5 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the matches, matchesFull, and replaceMatches functions in FHIRPath expression evaluation. An attacker can exhaust system CPU resources by submitting specially crafted regular expressions th...

8.7CVSS6AI score
Exploits0References2
Snyk
Snyk
added 5 days ago3 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the matches, matchesFull, and replaceMatches functions in FHIRPath expression evaluation. An attacker can exhaust system CPU resources by submitting specially crafted regular expressions th...

8.7CVSS6AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 5 days ago5 views

CVE-2026-59928

A flaw was found in Mistune, a Python Markdown parser. A remote attacker could exploit this vulnerability by providing a specially crafted Markdown document containing numerous repeated or distinct reference-link definitions. This can lead to excessive processing, causing CPU exhaustion and a...

7.5CVSS6AI score0.00366EPSS
Exploits1References6
CVE
CVE
added 6 days ago9 views

CVE-2026-56669

Elysia (a TypeScript framework for request validation, type inference, OpenAPI docs, and client-server communication) contains a vulnerability (CVE-2026-56669) caused by using getAll in form data normalization for multipart/form-data endpoints prior to 1.4.29. This leads to quadratic growth in wo...

7.5CVSS6AI score0.00358EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42315

Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, Immutable.Map and Immutable.Set keep keys that share the same 32-bit hash in a HashCollisionNode collision bucket that is scanned linearly, allowing an attacker who controls keys inserted into a Map, such a...

8.7CVSS6AI score0.0037EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-56400

Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.4.1 Description Improper input validation in the Stripe Connect payment processor allows unauthenticated attackers to pay an arbitrary amount. This occurs...

7.5CVSS6.2AI score0.0021EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 6 days ago4 views

PT-2026-56508

Name of the Vulnerable Software and Affected Versions Mistune versions prior to 3.3.0 Description A flaw in the Python Markdown parser occurs when the strikethrough, mark, or insert plugins scan for matching markers from each possible start position. Specifically, a sequence of closed tilde,...

7.5CVSS6.1AI score0.00366EPSS
Exploits1References8
OSV
OSV
added last week5 views

PYSEC-2026-1835 pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if parsecontentstream is executed. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. That is, for example, the case if the...

6.2CVSS6.2AI score0.00352EPSS
Exploits1References9
CVE
CVE
added 2026/07/06 8:9 p.m.12 views

CVE-2026-25271

The CVE describes a TOCTOU race condition in Qualcomm DSP Service causing memory corruption when processing asynchronous input parameters due to improper handling of modified values between check and use. Affected component: DSP Service (Qualcomm). Root cause: TOCTOU under asynchronous input para...

7.8CVSS6AI score0.00052EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/07/06 6:25 a.m.5 views

OESA-2026-2804 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
OSV
OSV
added 2026/07/02 3:49 p.m.6 views

USN-8498-1 linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References298
OSV
OSV
added 2026/07/02 3:24 p.m.10 views

USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References300
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.7 views

jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression

A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This...

7.5CVSS6.9AI score0.00244EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-53354

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete...

9.1CVSS6.6AI score0.0053EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 4:43 p.m.10 views

USN-8488-1 linux, linux-aws, linux-gcp, linux-ibm, linux-oracle, linux-realtime vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits18References237
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.9 views

CVE-2026-53354

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...

5.8AI score0.00182EPSS
Exploits0
Rows per page
Query Builder