Lucene search
K

617 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.6 views

Oracle Linux 9 : evince (ELSA-2026-27819)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-27819 advisory. - Sanitize arguments CVE-2026-46529 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

8.4CVSS5.9AI score0.00529EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.8 views

CVE-2026-27136

A flaw was found in golang.org/x/net/html. When arbitrary HTML is parsed and then rendered, it can result in an unexpected HTML tree. This allows an attacker to bypass HTML sanitization mechanisms, leading to Cross-Site Scripting XSS attacks in applications. Such attacks can result in information...

8.1CVSS5.9AI score0.00178EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/04 12:0 a.m.4 views

openSUSE 16 Security Update : kea (openSUSE-SU-2026:20452-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20452-1 advisory. Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message...

7.5CVSS5.9AI score0.01361EPSS
Exploits0References6
OSV
OSV
added 2026/04/01 9:24 a.m.2 views

OPENSUSE-SU-2026:20452-1 Security update for kea

This update for kea fixes the following issues: Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message bsc1260380. Changelog: A large number of bracket pairs in a JSON payload directed to any endpoint would...

7.5CVSS7.1AI score0.01361EPSS
Exploits0References4
OSV
OSV
added 2026/04/01 9:22 a.m.11 views

SUSE-SU-2026:20989-1 Security update for kea

This update for kea fixes the following issues: Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message bsc1260380. Changelog: A large number of bracket pairs in a JSON payload directed to any endpoint would...

7.5CVSS7.4AI score0.01361EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/25 9:12 p.m.4 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS when processing crafted extglob patterns. An attacker can cause excessive CPU consumption and block the event loop by supplying crafted extglob patterns that trigger catastrophic backtracking i...

8.7CVSS5.8AI score0.00412EPSS
Exploits0References2
OSV
OSV
added 2026/02/25 9:55 a.m.11 views

CLSA-2026-1772013351 glibc: Fix of CVE-2026-0915

CVE-2026-0915: prevent leak of stack contents to configured DNS resolver when getnetbyaddr or getnetbyaddrr query a zero-valued network with DNS backend in nsswitch.conf; sanitize stack buffers and add input validation; eliminate exposure of uninitialized data...

7.5CVSS7.2AI score0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/11 10:58 p.m.21 views

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to enumerate a user's installed apps...

0.00117EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:30 a.m.8 views

CVE-2023-43797

BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby...

6.3CVSS6.2AI score0.00418EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/19 4:40 p.m.25 views

CVE-2025-68457 Orejime has executable code in HTML attributes

Orejime is a consent manager that focuses on accessibility. On HTML elements handled by Orejime prior to version 2.3.2, one could run malicious code by embedding javascript: code within data attributes. When consenting to the related purpose, Orejime would turn data attributes into unprefixed one...

2.3CVSS0.00183EPSS
Exploits0References3
OSV
OSV
added 2025/12/09 12:0 a.m.5 views

CVE-2023-53803 scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in sesenclosuredataprocess A fix for: BUG: KASAN: slab-out-of-bounds in sesenclosuredataprocess+0x949/0xe30 ses Read of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271 Checking after a...

6.3AI score0.00171EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990312 advisory. In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in eventdeliver Coverity spotted that eventms...

7.1CVSS6.1AI score0.00298EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: It is necessary to sanitize the arguments from userspace when adding a device. The Sanity function checks the values for queue depth and the number of queues that we obtain from userspace when adding a device...

7.8CVSS6.2AI score0.00156EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-2406

Malware in sbrugna...

6.1CVSS7AI score0.00845EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2021-0616

Malware in sbrugna...

6.1CVSS6AI score0.00973EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-0721

Malware in sbrugna...

5.4CVSS6.7AI score0.01277EPSS
Exploits2References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-1432

Malware in sbrugna...

7.1CVSS6AI score0.00532EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: golang (UTSA-2025-986182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986182 advisory. Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit...

7.5CVSS6.9AI score0.01094EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4097

Malicious code in bioql PyPI...

5.4CVSS6.8AI score0.01001EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2023-0917

Malicious code in bioql PyPI...

6.1CVSS5.4AI score0.00662EPSS
Exploits0References9
Rows per page
Query Builder