Lucene search
K

729 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-20268

Malware in sbrugna...

4.3CVSS6.4AI score0.01147EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12765

Malicious code in bioql PyPI...

6.6AI score
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12766

Malicious code in bioql PyPI...

6.6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/01 9:42 a.m.3 views

CVE-2025-9732

A vulnerability was identified in DCMTK. This issue affects an unknown function in the dcmimage/include/dcmtk/dcmimage/diybrpxt.h library of the dcm2img component. Manipulation leads to memory corruption. Local access is required to approach this attack. Mitigation No mitigation is currently...

7.8CVSS5.3AI score0.00158EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/06 6:5 a.m.10 views

CVE-2025-45512

A flaw was found in the bootloader component of DENX Software Engineering Das U-Boot U-Boot. This vulnerability allows arbitrary code execution via installation of crafted firmware files due to missing signature verification. Mitigation Mitigation for this issue is either not available or the...

6.5CVSS7AI score0.00314EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/08/05 6:41 a.m.11 views

CVE-2025-54804

A flaw was found in russh. The SSH channel window adjust message processing incorrectly handles input, leading to an integer overflow. A remote attacker can trigger this overflow by sending a maliciously crafted SSH channel window adjust message. This integer overflow can result in an application...

6.5CVSS6.5AI score0.00386EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/07/31 10:31 p.m.4 views

CVE-2025-48073

A NULL pointer dereference flaw was found in OpenEXR. When reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a NULL pointer dereference in a write operation. Mitigation Mitigation for this issue is either not available ...

6.2CVSS6AI score0.00198EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/07/31 10:31 p.m.5 views

CVE-2025-48072

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...

9.1CVSS6.3AI score0.00496EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/07/30 9:41 p.m.5 views

CVE-2025-54576

An authentication bypass flaw was found in the OAuth2-Proxy project. This bypass affects systems that have configured their deployment to skip authentication on endpoints that match a deployment-defined regular expression. HTTP parameters can be used to match and trigger the authentication bypass...

9.1CVSS6.4AI score0.01133EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/07/29 6:15 p.m.11 views

CVE-2025-7458

An integer overflow flaw has been discovered in SQLite. This flaw allows an attacker who has the ability to execute raw SQL statements to induce a denial of service or leak process memory. Mitigation Mitigation for this issue is either not available or the currently available options do not meet...

9.1CVSS7.3AI score0.0023EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/07/28 9:44 p.m.5 views

CVE-2025-54419

A signature verification flaw was found in the npm @node-saml/node-saml library. This flaw allows an attacker who has access to a validly signed document from the identity provider IdP to alter the content of the document, modify the details within the document, and have the modifications be...

10CVSS6.1AI score0.00357EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/07/28 6:10 p.m.7 views

CVE-2025-8263

A regular expression denial of service flaw has been discovered in the prettier code formatter tool. This flaw allows and attacker who has access to input source files to induce a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do...

5.3CVSS4.6AI score
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/07/22 11:1 p.m.4 views

CVE-2025-8011

A type confusion flaw was found in the Chromium web browser. This flaw allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...

8.8CVSS6.2AI score0.0025EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/22 10:51 p.m.4 views

CVE-2025-53538

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/21 4:15 p.m.5 views

CVE-2025-49656

Users with administrator access can create databases files outside the files area of the Fuseki server. This issue affects Apache Jena version up to 5.4.0. Users are recommended to upgrade to version 5.5.0, which fixes the issue. Mitigation Mitigation for this issue is either not available or the...

7.5CVSS6.3AI score0.01401EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/07/18 6:9 a.m.5 views

CVE-2025-7784

A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin PermissionsFGAPv2 are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorize...

6.5CVSS6.5AI score0.00368EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/17 3:9 a.m.5 views

CVE-2025-27465

A flaw was found in Xen. Xen’s emulation of intercepted instructions uses replay mechanisms with executable stubs. Improper handling of exceptions raised during this replay process allows a local attacker to trigger unexpected behavior. This issue can occur when an instruction causes an exception...

4.3CVSS5.7AI score0.00554EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/17 3:8 a.m.3 views

CVE-2025-22227

A flaw was found in io.projectreactor.netty/reactor-netty. Reactor Netty’s HTTP client, when explicitly configured to follow redirects in chained redirect scenarios, can inadvertently leak credentials. This flaw allows an attacker to trigger this credential leakage by manipulating the redirect...

6.1CVSS5.7AI score0.0034EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/15 8:32 p.m.5 views

CVE-2025-7656

An integer overflow flaw was found in Chromium. This vulnerability allows a remote attacker to cause heap corruption via a crafted HTML page, potentially leading to unpredictable behavior, such as system crashes and the execution of malicious code. Mitigation Mitigation for this issue is either n...

8.8CVSS6.7AI score0.0863EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/14 9:43 p.m.6 views

CVE-2025-53019

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick stream command, specifying multiple consecutive %d format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and...

7.5CVSS6.2AI score0.00466EPSS
Exploits0References4
Rows per page
Query Builder