Lucene search
K

4323 matches found

Drupal
Drupal
added 2025/12/03 12:0 a.m.13 views

Next.js - Critical - Access bypass - SA-CONTRIB-2025-122

This module enables integration between Next.js and Drupal for headless CMS functionality. When installed, the module automatically enables cross-origin resource sharing CORS with insecure default settings Access-Control-Allow-Origin: , overriding any services.yml CORS configuration. This allows...

6.1CVSS5.4AI score0.00141EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.6 views

Fedora 42 : drupal7 (2025-f8a08bb335)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-f8a08bb335 advisory. - https://www.drupal.org/project/drupal/releases/7.99 - https://www.drupal.org/project/drupal/releases/7.100 -...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.5 views

Fedora 41 : drupal7 (2025-d645721ca4)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d645721ca4 advisory. - https://www.drupal.org/project/drupal/releases/7.99 - https://www.drupal.org/project/drupal/releases/7.100 -...

5.6AI score
Exploits0References1
Rosalinux
Rosalinux
added 2025/12/02 1:21 p.m.8 views

Advisory ROSA-SA-2025-3106

Software: c-ares 1.13.0 OS: ROSA Virtualization 2.1 packageevrstring: c-ares-1.13.0-11.rv3 CVE-ID: CVE-2020-22217 BDU-ID: 2023-05898 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the aresparsesoareply function of the C-ares asynchronous DNS query library is related to an operation exceeding...

6.4CVSS9AI score0.00838EPSS
Exploits1
EUVD
EUVD
added 2025/11/24 9:38 p.m.4 views

EUVD-2025-199035

Malicious code in sa-company-registration-number-regex npm...

6.6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 9:38 p.m.5 views

Malicious code in sa-company-registration-number-regex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f15485422c9807206afeb3c43ed1e03d2f2499b0c689d8bf253e663cf72d7fa7 The package sa-company-registration-number-regex was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 9:37 p.m.2 views

EUVD-2025-199034

Malicious code in sa-id-gen npm...

6.6AI score
Exploits0References4
OSV
OSV
added 2025/11/24 9:37 p.m.2 views

MAL-2025-191009 Malicious code in sa-id-gen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df00f4b56b9be72c09e3f99938b4c41900b44a98e65eb46896c30209f7f0810d The package sa-id-gen was found to contain malicious code. Source: ghsa-malware 3f0da651d111107f348b8807e1fabc4c0ad1125e1af1e268745224c9d81c77fc Any...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 9:37 p.m.5 views

Malicious code in sa-id-gen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df00f4b56b9be72c09e3f99938b4c41900b44a98e65eb46896c30209f7f0810d The package sa-id-gen was found to contain malicious code. Source: ghsa-malware 3f0da651d111107f348b8807e1fabc4c0ad1125e1af1e268745224c9d81c77fc Any...

6.9AI score
Exploits0References4
CVE
CVE
added 2025/11/17 8:47 p.m.19 views

CVE-2025-36118

IBM Storage Virtualize versions 8.4, 8.5, 8.7, and 9.1 are affected by CVE-2025-36118 due to an information disclosure flaw in the IKEv1 Security Association negotiation, allowing remote attackers to read sensitive memory data. The root cause is an IKEv1 implementation issue (heap/memory handling...

7.5CVSS6AI score0.00322EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/17 12:0 a.m.4 views

Alibaba Cloud Linux 3 : 0175: java-17-openjdk (ALINUX3-SA-2025:0175)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0175 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-53057: Vulnerability in the Oracl...

7.5CVSS7.4AI score0.00633EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/11/13 12:24 a.m.5 views

SUSE CVE-2025-40127

In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by missing clock pointer initialization. The clkgetrate call is performed on an uninitialized clk pointer, resulting in division by zer...

5.5CVSS6.8AI score0.00202EPSS
Exploits0References20
OSV
OSV
added 2025/11/12 7:18 p.m.1 views

MAL-2025-178813 Malicious code in tanuri-sa-dafa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44e92f08eb288153cd4b9762677bf8fe5b57339a9749bcdd8376a107a49bef0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.4 views

Malicious code in ter-sohyun-sa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b9ae942e6a6f95ec1cf9b575e06faf6f3ebba1c6674be25c8ffa41101d65d82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.3 views

EUVD-2025-135688

Malicious code in ter-sohyun-sa npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.6 views

EUVD-2025-135689

Malicious code in ter-sohyun-sa npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.1 views

EUVD-2025-136240

Malicious code in tanabr-sa-dafa npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/12 7:18 p.m.4 views

MAL-2025-178731 Malicious code in tanabufir-sa-dafa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee13844ea03d38cab5812a3b49d3d555de75701d352740a3e8a830e2f7fe81af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 7:18 p.m.3 views

MAL-2025-178733 Malicious code in tanabufir-sa-duagfa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 005f223d0c855c7f7cbcfa6867b58f4db707289f06b9c7b1c41b4decd9b3e976 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.2 views

EUVD-2025-136076

Malicious code in tanuria-sa-dafa npm...

6.6AI score
Exploits0
Rows per page
Query Builder