Lucene search
K

1389799 matches found

Chainguard
Chainguard
added yesterday5 views

GHSA-CRH6-FP67-6883 vulnerabilities

Vulnerabilities for packages: wazuh-dashboard...

5.9AI score
Exploits0
EUVD
EUVD
added yesterday6 views

EUVD-2026-25018

id: groups= computed from real GID instead of effective GID...

4.4CVSS5.9AI score0.00108EPSS
Exploits1References3
EUVD
EUVD
added yesterday6 views

EUVD-2026-24988

mkdir: -m exposes directory with umask perms before chmod race window...

3.3CVSS5.9AI score0.00102EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday16 views

CVE-2026-55727

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-55727

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-41923

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS5.9AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-55727

CVE-2026-55727 affects Genetec Security Center 5.14.0.0 (before build 5.14.178.18). A flaw in the authentication mechanism for video stream requests may allow an unauthenticated attacker to access live video streams. The CVSSv3.1 base score is 7.5 (HIGH) with network attack vector and no user int...

7.5CVSS5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-13769

A flaw was found in AWS CLI. Overly permissive file permissions on Unix-like systems, where the umask has not been configured to restrict file permissions, may allow other local users on the same host to read credentials. This occurs when certain AWS CLI subcommands, such as aws codeartifact logi...

6.8CVSS5.9AI score0.00101EPSS
Exploits0References7
CVE
CVE
added yesterday5 views

CVE-2026-41516

OP-TEE (Trusted Execution Environment for Arm Cortex-A TrustZone) contains a vulnerability in the Hisilicon HPRE PKCS#1 v1.5 RSA decryption path. From version 4.5.0 up to, but not including, 4.11.0, the RSA PKCS#1 v1.5 decryption implementation uses non-constant-time memcmp() for label hash verif...

2.5CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-58403

Hugo (static site generator) vulnerable from v0.123.0 through v0.163.0. A regression in RootMappingFs.statRoot caused it to call Stat (which follows symlinks) instead of Lstat, enabling os.ReadFile on a symlink to read the target file outside the mount. This could let a symlink inside a theme or ...

5.9CVSS5.9AI score
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-41904

Hugo is a static site generator. From 0.60.0 until 0.163.3, Hugo's default code-block renderer wrote the Markdown code-fence language or info-string into the code class="language-…" data-lang="…" wrapper without HTML escaping. A fence info-string containing a quote and a script payload breaks out...

5.1CVSS5.8AI score
Exploits0References4
Circl
Circl
added yesterday3 views

GHSA-JV8R-GQR9-68WJ

creationtimestamp| type| source ---|---|--- 2026-07-06 19:19:40+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mpysnxoqkx22 2026-07-07 00:01:32+00:00| seen| https://bsky.app/profile/slackers.it/post/3mpzcfyt62f2d...

5.9AI score
Exploits0References2
Circl
Circl
added yesterday4 views

GHSA-PJMC-GX33-GC76

creationtimestamp| type| source ---|---|--- 2026-07-06 19:19:40+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mpysnxoqkx22 2026-07-07 00:01:32+00:00| seen| https://bsky.app/profile/slackers.it/post/3mpzcfyt62f2d...

5.9AI score
Exploits0References2
CVE
CVE
added yesterday13 views

CVE-2026-54291

CVE-2026-54291 affects pgjdbc (OpenJDK PostgreSQL JDBC Driver) in versions 42.7.4–42.7.11. The issue allows a silent downgrade of channelBinding from SCRAM-SHA-256-PLUS to plain SCRAM-SHA-256 when an attacker can intercept TLS and presents a certificate whose signature algorithm lacks a tls-serve...

8.2CVSS5.9AI score
Exploits0References3
CVE
CVE
added yesterday8 views

CVE-2026-55379

Pillow (Python imaging library) is affected by CVE-2026-55379. In older releases, PIL/BdfFontFile.py:bdf_char() read BBX width/height from a BDF font and passed attacker-controlled values to Image.new() without invoking Image._decompression_bomb_check(), bypassing the library’s decompression bomb...

7.5CVSS6AI score
Exploits0References3
Cvelist
Cvelist
added yesterday18 views

CVE-2026-55380 Pillow GdImageFile decompression bomb protection bypass

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS
Exploits0References3
Rockylinux
Rockylinux
added yesterday3 views

container-tools:rhel8 security update

An update is available for module.netavark, module.runc, slirp4netns, module.libslirp, criu, module.udica, module.oci-seccomp-bpf-hook, udica, toolbox, netavark, container-selinux, module.python-podman, module.crun, python-podman, module.containers-common, module.conmon, oci-seccomp-bpf-hook,...

9.1CVSS6.9AI score0.00651EPSS
Exploits0
Circl
Circl
added yesterday4 views

CVE-2026-40138

creationtimestamp| type| source ---|---|--- 2026-07-06 17:30:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mpymjyjtts2y 2026-07-06 17:42:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpyn7p5zhe2z 2026-07-06 17:48:42+00:00| seen|...

9.2CVSS6.1AI score
Exploits0References6
OSV
OSV
added yesterday3 views

ROOT-OS-DEBIAN-12-CVE-2026-7010 CVE-2026-7010 in rootio-perl - Patched by Root

Root has patched CVE-2026-7010 in the rootio-perl package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS5.9AI score0.00227EPSS
Exploits0
OSV
OSV
added yesterday6 views

ROOT-OS-DEBIAN-12-CVE-2023-31486 CVE-2023-31486 in rootio-perl - Patched by Root

Root has patched CVE-2023-31486 in the rootio-perl package for Root:Debian:12. Multiple fixed versions available...

8.1CVSS5.4AI score0.01742EPSS
Exploits0
Rows per page
Query Builder