Lucene search
K

1422 matches found

UbuntuCve
UbuntuCve
added 2026/03/30 12:0 a.m.5 views

CVE-2026-33995

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

5.3CVSS5.8AI score0.00282EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.8 views

FreeRDP 资源管理错误漏洞

FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from a double release vulnerability. The vulnerability is caused by a double release problem in the memory release process of the kerberosAcceptSecurityContext and...

5.3CVSS5.8AI score0.00282EPSS
Exploits0References3
HackRead
HackRead
added 2026/02/17 4:7 p.m.4 views

Mate Security Introduces the Security Context Graph, an Approach to Smarter SOCs

New York, USA, 17th February 2026, CyberNewswire...

5.4AI score
Exploits0
OSV
OSV
added 2026/01/26 8:16 p.m.7 views

AZL-75369 CVE-2025-11065 affecting package podman 4.1.1-26

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.8 views

AZL-75372 CVE-2025-11065 affecting package azl-otel-collector 0.127.0-1

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 8:16 p.m.7 views

CVE-2025-11065

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS5.8AI score0.00357EPSS
Exploits0References4
OSV
OSV
added 2026/01/26 8:16 p.m.9 views

AZL-75440 CVE-2025-11065 affecting package keda 2.14.1-9

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/20 3:23 p.m.17 views

CVE-2025-36397 Security vulnerabilities have been found in IBM Application Gateway

IBM Application Gateway 23.10 through 25.09 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.4CVSS0.00162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002499)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002499 advisory. The securitycontexttosidcore function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service system cras...

4.9CVSS6.9AI score0.006EPSS
Exploits0References26
EUVD
EUVD
added 2026/01/13 5:56 p.m.4 views

EUVD-2026-2135

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

7.8CVSS6.3AI score0.00483EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:36 a.m.8 views

CVE-2019-7886

A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts...

7.5CVSS6.7AI score0.01186EPSS
Exploits0References1
OSV
OSV
added 2026/01/05 1:15 a.m.7 views

CVE-2025-5591

Kentico Xperience 13 is vulnerable to a stored cross-site scripting attack via a form component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...

5.4CVSS5.6AI score0.00145EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/05 12:2 a.m.7 views

EUVD-2026-0919

Kentico Xperience 13 is vulnerable to a stored cross-site scripting attack via a form component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...

9.4CVSS5.7AI score0.00145EPSS
Exploits0References2
CVE
CVE
added 2026/01/05 12:2 a.m.17 views

CVE-2025-5591

Summary: Kentico Xperience 13 is vulnerable to a stored cross-site scripting (XSS) attack via the Checkbox form component in Form Builder. The root cause is a lack of proper filtering/escaping of user-supplied data in the form component, enabling an attacker to execute arbitrary scripts in a vict...

9.4CVSS5.8AI score0.00145EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-29141

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.2 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A double-free issue exists in the kerberos AcceptSecurityContext and kerberos InitializeSecurityContextA functions WinPR,...

7.1CVSS4.5AI score0.00282EPSS
Exploits0References45
OSV
OSV
added 2025/12/26 3:15 p.m.3 views

CVE-2025-36230

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.4CVSS5.8AI score0.00166EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/12/13 12:0 a.m.5 views

Diverse LLMs Vs. Vulnerabilities: Who Detects and Fixes Them Better?

Large Language Models LLMs are increasingly being studied for Software Vulnerability Detection SVD and Repair SVR. Individual LLMs have demonstrated code understanding abilities, but they frequently struggle when identifying complex vulnerabilities and generating fixes. This study presents...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/10 7:22 p.m.6 views

CVE-2025-9613

A vulnerability was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completion...

6.5CVSS7AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 9:31 p.m.3 views

EUVD-2025-202314

A vulnerability was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completion...

6.5AI score0.00201EPSS
Exploits0References3
NVD
NVD
added 2025/12/09 7:15 p.m.5 views

CVE-2025-9613

A vulnerability was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completion...

6.5CVSS0.00201EPSS
Exploits0References2
Rows per page
Query Builder