Lucene search
K

1841 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/21 4:17 p.m.8 views

CVE-2026-24189

NVIDIA CUDA-Q contains a vulnerability in an endpoint, where an unauthenticated attacker could cause an out-of-bounds read by sending a maliciously crafted request. A successful exploit of this vulnerability might lead to denial of service and information disclosure...

8.2CVSS5.8AI score0.0032EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/21 4:17 p.m.10 views

CVE-2026-24189

NVIDIA CUDA-Q contains a vulnerability in an endpoint, where an unauthenticated attacker could cause an out-of-bounds read by sending a maliciously crafted request. A successful exploit of this vulnerability might lead to denial of service and information disclosure...

8.2CVSS5.8AI score0.0032EPSS
Exploits0References3
Nvidia
Nvidia
added 2026/04/21 12:0 a.m.9 views

Security Bulletin: NVIDIA CUDA-Q - April 2026

NVIDIA has released a software update for NVIDIA® CUDA-Q. To protect your system, clone or update this software to CUDA-Q v0.14.0 or later from CUDA-Q on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses...

8.2CVSS5.7AI score0.0032EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.8 views

NVIDIA CUDA-Q 缓冲区错误漏洞

NVIDIA CUDA-Q is a hybrid quantum-classical computing development platform provided by NVIDIA Corporation. NVIDIA CUDA-Q has a buffer error vulnerability, which stems from out-of-bounds read operations at the endpoint. This vulnerability could allow unauthorized attackers to cause denial of servi...

8.2CVSS6AI score0.0032EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/17 12:0 a.m.10 views

Privacy-Aware Machine Unlearning with SISA for Reinforcement Learning-Based Ransomware Detection

Ransomware detection systems increasingly rely on behavior-based machine learning to address evolving attack strategies. However, emerging privacy compliance, data governance, and responsible AI deployment demand not only accurate detection but also the ability to efficiently remove the influence...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007368)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007368 advisory. In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless new one was allocated Avoid potential use-after-free condition...

7.8CVSS6.3AI score0.00153EPSS
Exploits0References4
NVD
NVD
added 2026/04/13 2:16 p.m.6 views

CVE-2026-31421

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL pointer dereference on shared blocks The old-method path in fwclassify calls tcfblockq and dereferences q-handle. Shared blocks leave block-q NULL, causing a NULL deref when an empty clsfw filter is...

5.5CVSS0.00114EPSS
Exploits0References10
OSV
OSV
added 2026/04/11 3:18 p.m.2 views

MINI-QFP5-7FVP-56Q3

Bulletin has no description...

6.1CVSS5.7AI score0.0029EPSS
Exploits0
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.12 views

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: golangci-lint, haproxy-ingress, kyverno-policy-reporter-ui, fluxcd-kustomize-mutating-webhook, hugo, cloud-provider-aws, helm-mapkubeapis, terraform-provider-kubernetes, kserve-rest-proxy, newrelic-nri-statsd, telegraf, kubernetes-csi-external-resizer,...

7.5CVSS6.9AI score0.00349EPSS
Exploits0
Circl
Circl
added 2026/04/09 7:23 p.m.2 views

GHSA-CHQC-8P9Q-PQ6Q

creationtimestamp| type| source ---|---|--- 2026-04-09 19:23:14+00:00| seen| Telegram/Y2UpQC9zCL6PqNfAxsSoQJ7YUumR5oW0JI3RILB7SgtOVH4 2026-04-13 12:02:56+00:00| seen| https://gist.github.com/subaruoutbacksteakhouse/755867cb60dca06f145990b4865d6eee...

4.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/01 11:1 p.m.15 views

CVE-2026-34400

Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API q= was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been patched in version...

9.8CVSS5.8AI score0.00505EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/31 11:23 p.m.4 views

SQL Injection

Overview alerta-server is an Alerta server WSGI application Affected versions of this package are vulnerable to SQL Injection in the q parameter of the query string API due to direct interpolation of user-supplied input into SQL statements using f-strings. An attacker can execute arbitrary SQL...

9.8CVSS6.1AI score0.00505EPSS
Exploits0References2
OSV
OSV
added 2026/03/31 11:23 p.m.7 views

GHSA-8PRR-286P-4W7J alerta-server has potential SQL Injection vulnerability in Query String Syntax (q=) API

Impact The Query string search API q= was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. Patches Fixed in v9.1.0. The Postgres query parser now uses parameterized queries wit...

6.9CVSS5.9AI score0.00505EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/03/31 9:0 p.m.5 views

CVE-2026-34400

Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API q= was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been patched in version...

6.9CVSS5.8AI score0.00505EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2026/03/30 2:16 p.m.6 views

CVE-2026-3321

A vulnerability of authorization bypass through user-controlled key in the 'console-survey/api/v1/answer/EVENTID/TIMESTAMP/' endpoint. Exploiting this vulnerability would allow an unauthenticated attacker to enumerate event IDs and obtain the complete Q&A history. This publicly exposed data may...

8.7CVSS0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/30 1:17 p.m.23 views

CVE-2026-3321 Authorization Bypass in ON24 Q&A chat

A vulnerability of authorization bypass through user-controlled key in the 'console-survey/api/v1/answer/EVENTID/TIMESTAMP/' endpoint. Exploiting this vulnerability would allow an unauthenticated attacker to enumerate event IDs and obtain the complete Q&A history. This publicly exposed data may...

8.7CVSS0.00287EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 11:16 a.m.5 views

UBUNTU-CVE-2026-23353

In the Linux kernel, the following vulnerability has been resolved: ice: fix crash in ethtool offline loopback test Since the conversion of ice to page pool, the ethtool loopback test crashes: BUG: kernel NULL pointer dereference, address: 000000000000000c PF: supervisor write access in kernel mo...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References5
NVD
NVD
added 2026/03/12 4:16 p.m.5 views

CVE-2019-25513

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

9.8CVSS0.00564EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.4 views

CVE-2019-25513 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection via datagetir.php

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS5.9AI score0.00564EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.8 views

Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Preconfigured News Sites Script is a content management system developed by the Turkish company Jettweb. The Jettweb PHP Preconfigured News Sites Script V3 version has a SQL injection vulnerability. This vulnerability stems from the q parameter, which allows for SQL injections. It cou...

9.8CVSS5.9AI score0.00564EPSS
Exploits1References2
Rows per page
Query Builder