Lucene search
+L

2987 matches found

OSV
OSV
added 2026/05/21 5:10 p.m.3 views

CVE-2026-48240 Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick_id and f_tick_id Parameters

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...

7.1CVSS6.1AI score0.00218EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.13 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021536)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021536 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References4
Microsoft Security Update
Microsoft Security Update
added 2026/05/12 5:0 p.m.34 views

2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5088860)

2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 KB5088860...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2026/05/12 2:0 p.m.33 views

May 12, 2026—KB5087471 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.72253EPSS
Exploits32
Microsoft KB
Microsoft KB
added 2026/05/12 2:0 p.m.18 views

May 12, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB5087062)

None None...

7.3CVSS7AI score0.00662EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/04 2:31 p.m.6 views

rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability

A flaw was found in Rollup, a JavaScript module bundler. Insecure file name sanitization in the core engine allows an attacker to control output filenames, potentially through command-line interface CLI inputs, manual chunk aliases, or malicious plugins. By using directory traversal sequences ../...

9.8CVSS7.7AI score0.01402EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2026/05/04 2:10 p.m.22 views

rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability

A flaw was found in Rollup, a JavaScript module bundler. Insecure file name sanitization in the core engine allows an attacker to control output filenames, potentially through command-line interface CLI inputs, manual chunk aliases, or malicious plugins. By using directory traversal sequences ../...

9.8CVSS7.7AI score0.01402EPSS
Exploits1References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/23 3:54 a.m.18 views

Malicious code in rollup-plugin-polyfill-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae32c5ba788989f856ede10fa991e6dafa8d9263b0f5fc7384c69fba97e41d4a The package rollup-plugin-polyfill-route was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Snyk
Snyk
added 2026/04/23 3:54 a.m.4 views

Malicious Package

Overview rollup-plugin-polyfill-route is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.4AI score
Exploits0References2
OSV
OSV
added 2026/04/23 3:54 a.m.12 views

MAL-2026-3009 Malicious code in rollup-plugin-polyfill-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae32c5ba788989f856ede10fa991e6dafa8d9263b0f5fc7384c69fba97e41d4a The package rollup-plugin-polyfill-route was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013814)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013814 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...

5.5CVSS5.7AI score0.00146EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.12 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013391 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...

5.5CVSS5.6AI score0.00146EPSS
Exploits0References4
OSV
OSV
added 2026/04/21 9:26 a.m.2 views

SUSE-SU-2026:1524-1 Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers golang-github-prometheus-prometheus: - Security issues fixed: CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup bsc1258893 +...

9.8CVSS6.5AI score0.01929EPSS
Exploits4References48
Microsoft Security Update
Microsoft Security Update
added 2026/04/14 5:0 p.m.15 views

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5084069)

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 KB5084069...

5.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/04/14 5:0 p.m.34 views

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5084070)

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 KB5084070...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2026/04/14 2:0 p.m.8 views

April 14, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB5082400)

None None...

7.5CVSS6.7AI score0.02279EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/04/01 12:0 a.m.8 views

The vulnerability of the Rollup module extractor is related to incorrect restrictions on the path name to the catalog, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Rollup module extractor is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.01402EPSS
Exploits1References6Affected Software2
SUSE Linux
SUSE Linux
added 2026/03/30 11:21 a.m.4 views

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-prometheus-prometheus: CVE-2026-27606: Fix arbitrary file write via path traversal in rollup bsc1258893 Bump rollup to version 4.59.0 Drop SLE 12 support jscPED-15474 CVE-2026-25547: Fix unbounded brace range expansion leading to excessive CPU...

9.8CVSS6.8AI score0.01402EPSS
Exploits2References52
Snyk
Snyk
added 2026/03/20 4:52 a.m.5 views

Malicious Package

Overview rollup-plugin-polyfill-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 4:52 a.m.7 views

Malicious code in rollup-plugin-polyfill-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 985c6e7bc0975c513137b35a6dca07cf02aa2b87444716244933ca17d56c6bd2 The package rollup-plugin-polyfill-utils was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Rows per page
Query Builder