Lucene search
K

504 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox

A stop condition for the iterator was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox versions less than 12...

5.9CVSS6.8AI score0.00218EPSS
Exploits1References2
OSV
OSV
added 2026/05/20 12:37 a.m.7 views

MAL-2026-4244 Malicious code in hardhat-gas-profiler-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21e0ec3571fccc81c8e047835e84f75b6f0d95e2e4ee7e3d11537b99eab8115 Package impersonates the Hardhat plugin ecosystem real Hardhat plugins are published under @nomicfoundation/; the referenced github.com/hardhat/...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 12:37 a.m.11 views

Malicious code in hardhat-gas-profiler-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21e0ec3571fccc81c8e047835e84f75b6f0d95e2e4ee7e3d11537b99eab8115 Package impersonates the Hardhat plugin ecosystem real Hardhat plugins are published under @nomicfoundation/; the referenced github.com/hardhat/...

5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/04/15 10:30 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the pprof endpoint. An attacker can obtain sensitive authentication tokens by sending unauthenticated requests to the /debug/pprof/cmdline endpoint and subsequently use the leaked token to gain unauthorized...

9.4CVSS5.8AI score0.00509EPSS
Exploits1References2
Patchstack
Patchstack
added 2026/04/13 10:57 a.m.7 views

WordPress Optimole plugin <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL vulnerability

Reflected Cross-Site Scripting via Page Profiler URL vulnerability discovered by WordFence in WordPress Plugin Optimole versions = 4.2.3...

6.1CVSS5.8AI score0.00495EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/11 1:24 a.m.8 views

CVE-2026-5226 Optimole <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL

The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient output escaping on user-supplied URL paths in the getcurrenturl function, which are inserted into...

6.1CVSS6AI score0.00495EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-32722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports...

6.1CVSS6.1AI score0.00302EPSS
Exploits2References3
NVD
NVD
added 2026/03/18 10:16 p.m.5 views

CVE-2026-32722

Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...

6.1CVSS0.00302EPSS
Exploits2References3
OSV
OSV
added 2026/03/18 10:16 p.m.9 views

DEBIAN-CVE-2026-32722

Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...

6.1CVSS5.6AI score0.00302EPSS
Exploits2References1
OSV
OSV
added 2026/03/18 10:16 p.m.6 views

UBUNTU-CVE-2026-32722

Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...

6.1CVSS6AI score0.00302EPSS
Exploits2References6
UbuntuCve
UbuntuCve
added 2026/03/18 10:16 p.m.10 views

CVE-2026-32722

Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...

6.1CVSS6.1AI score0.00302EPSS
Exploits2References5
OSV
OSV
added 2026/03/18 9:25 p.m.5 views

CVE-2026-32722 Memray-generated HTML reports vulnerable to Stored XSS via unescaped command-line metadata

Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...

3.6CVSS6AI score0.00302EPSS
Exploits2References5
Debian CVE
Debian CVE
added 2026/03/18 9:25 p.m.3 views

CVE-2026-32722

Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...

6.1CVSS5.5AI score0.00302EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2026/03/18 9:25 p.m.3 views

CVE-2026-32722

Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated...

3.6CVSS5.9AI score0.00302EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2026/02/26 3:23 p.m.6 views

BIT-PYTORCH-2025-2148 PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption

A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler.callendcallbacksonjitfut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launch...

7.5CVSS4.9AI score0.00403EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.5 views

CVE-2025-20106

Uncontrolled search path in some software installer for some VTuneTM Profiler software and IntelR oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity...

6.7CVSS5.4AI score0.00128EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 2:47 p.m.4 views

CVE-2025-61969

Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

7CVSS6AI score0.00131EPSS
Exploits0References2
Fedora
Fedora
added 2026/02/11 1:0 a.m.8 views

[SECURITY] Fedora 42 Update: rust-rbspy-0.34.1-4.fc42

Sampling CPU profiler for Ruby...

7.5CVSS5.4AI score0.00443EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.17 views

PT-2026-7596

Name of the Vulnerable Software and Affected Versions AMD µProf affected versions not specified Description A flaw in permission assignment within AMD µProf could allow a local, privileged attacker to escalate their privileges, potentially leading to arbitrary code execution. Recommendations At t...

7CVSS5.7AI score0.00131EPSS
Exploits0References4
NVD
NVD
added 2026/02/10 5:16 p.m.5 views

CVE-2025-20106

Uncontrolled search path in some software installer for some VTuneTM Profiler software and IntelR oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity...

6.7CVSS0.00128EPSS
Exploits0References1
Rows per page
Query Builder