Lucene search
K

826 matches found

Vulnrichment
Vulnrichment
added 2026/03/05 2:47 p.m.4 views

CVE-2026-30791 RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

8.7CVSS5.8AI score0.0024EPSS
Exploits1References3
CVE
CVE
added 2026/03/05 2:47 p.m.34 views

CVE-2026-30791

CVE-2026-30791 affects RustDesk Client up to version 1.4.5 across Windows, macOS, Linux, iOS, Android, and WebClient. The issue stems from use of a broken or risky cryptographic algorithm in config import, URI scheme handler, and CLI --config modules, enabling retrieval of embedded sensitive data...

8.7CVSS5.9AI score0.0024EPSS
Exploits1References3Affected Software1
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.5 views

Astra Linux – Vulnerability in bind9

Under certain circumstances, due to a flaw in the Pseudo Random Number Generator PRNG used, an attacker may be able to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through...

8.6CVSS6.6AI score0.00454EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/26 6:18 a.m.4 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG due to the use of a predictable algorithm for generating device lock and wipe PINs based solely on the current Unix timestamp. An attacker can gain unauthorized access to...

5.5CVSS6AI score0.00124EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:27 a.m.4 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:27 a.m.6 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:27 a.m.5 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:27 a.m.8 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:27 a.m.8 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:27 a.m.5 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/24 12:0 a.m.5 views

CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

7.8CVSS5.9AI score0.00135EPSS
Exploits0References2
Redos
Redos
added 2026/02/09 12:0 a.m.7 views

ROS-20260209-73-0004

A vulnerability in the onframerecvcallback function soup-server-message-io-http1.c of the GNOME GUI libsoup library is related to misinterpretation of input data when processing :scheme, :authority, and :path pseudo headers. Exploitation of the vulnerability could allow an attacker acting remotel...

7.5CVSS5.6AI score0.00532EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/06 12:0 a.m.7 views

ACORN-IDS: Adaptive Continual Novelty Detection for Intrusion Detection Systems

Intrusion Detection Systems IDS must maintain reliable detection performance under rapidly evolving benign traffic patterns and the continual emergence of cyberattacks, including zero-day threats with no labeled data available. However, most machine learning-based IDS approaches either assume...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.7 views

EulerOS 2.0 SP13 : bind (EulerOS-SA-2026-1217)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the...

8.6CVSS5.6AI score0.00509EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

EulerOS 2.0 SP13 : bind (EulerOS-SA-2026-1205)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the...

8.6CVSS5.6AI score0.00509EPSS
Exploits1References3
OSV
OSV
added 2026/01/26 6:47 p.m.5 views

USN-7978-1 screen vulnerabilities

It was discovered that GNU Screen incorrectly handled signals when setuid or setgid privileges were being used, which is not the default in Ubuntu. A local attacker could use this issue to send privileged signals, possibly leading to a denial of service. This issue only affected Ubuntu 22.04 LTS...

6.5CVSS6.4AI score0.0054EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/01/22 7:53 p.m.11 views

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

8.4CVSS5.7AI score0.00523EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/01/22 6:53 p.m.3 views

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

8.4CVSS5.7AI score0.00523EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : bind-9.16.23-34.el9_7.1 (AXSA:2025-11501:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11501:12 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 Tenable has extracted the...

8.6CVSS7.5AI score0.00509EPSS
Exploits1References3
CVE
CVE
added 2026/01/18 10:49 p.m.17 views

CVE-2026-23644

esm.sh (a no-build CDN) has a path traversal vulnerability in the extractPackageTarball code path. The issue stems from using path.Clean, which normalizes paths but does not prevent absolute paths inside malicious tar files, allowing potential file writes. The vulnerability existed prior to the G...

8.7CVSS6.5AI score0.00476EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder