Lucene search
K

431 matches found

Cvelist
Cvelist
added 2026/02/18 1:14 p.m.24 views

CVE-2026-1441 Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface

Reflected Cross-Site Scripting XSS vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker ...

5.3CVSS0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/18 1:13 p.m.5 views

CVE-2026-1438 Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface

Reflected Cross-Site Scripting XSS vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker ...

5.3CVSS6.1AI score0.00178EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/02/04 12:25 a.m.5 views

SUSE CVE-2026-22780

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...

4.4CVSS5.5AI score0.00179EPSS
Exploits0References3
NVD
NVD
added 2026/02/02 11:16 p.m.12 views

CVE-2026-22780

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...

6.1CVSS0.00179EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/02 8:52 p.m.3 views

CVE-2026-22780

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...

4.4CVSS5.5AI score0.00179EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/02 8:52 p.m.3 views

CVE-2026-22780 Rizin has a heap overflow on mach0_chained_fixups.c

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...

4.4CVSS5.5AI score0.00179EPSS
Exploits0References6
OSV
OSV
added 2026/02/02 8:52 p.m.6 views

CVE-2026-22780 Rizin has a heap overflow on mach0_chained_fixups.c

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2...

4.4CVSS5.6AI score0.00179EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.13 views

PT-2026-5711

Name of the Vulnerable Software and Affected Versions Rizin versions prior to 0.8.2 Description Rizin, a reverse engineering framework, contains a flaw where a heap overflow can occur when processing maliciously crafted mach0 files with invalid dyld chained segment entries. This issue can be...

4.4CVSS5.4AI score0.00179EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004338 advisory. A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource...

5.5CVSS6.5AI score0.00281EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004461 advisory. A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource...

5.5CVSS6.5AI score0.00281EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/01/15 3:31 p.m.12 views

Keycloak has an improper input validation vulnerability

A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments,...

3.7CVSS6.6AI score0.00354EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/01/15 3:31 p.m.5 views

GHSA-V897-PV23-R8CW Keycloak has an improper input validation vulnerability

A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments,...

3.7CVSS5.9AI score0.00354EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/15 12:6 p.m.4 views

CVE-2026-0976

A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments,...

3.7CVSS5.5AI score0.00354EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/15 12:6 p.m.7 views

CVE-2026-0976

A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments,...

3.7CVSS6.7AI score0.00354EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.14 views

PT-2026-2984

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in Keycloak related to improper input validation. The software accepts RFC-compliant matrix parameters within URL path segments, which may be ignored or mishandled by common...

3.7CVSS6.3AI score0.00354EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:16 a.m.11 views

CVE-2019-2339

Out of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205...

7.8CVSS7.2AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:59 a.m.5 views

CVE-2020-7451

In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosin...

5.3CVSS6.8AI score0.0114EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.11 views

SUSE CVE-2023-54146

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...

6.3CVSS6.4AI score0.00168EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/24 3:30 p.m.5 views

EUVD-2023-60299

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...

5.9AI score0.00168EPSS
Exploits0References6
NVD
NVD
added 2025/12/24 1:16 p.m.5 views

CVE-2023-54146

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...

0.00168EPSS
Exploits0References5
Rows per page
Query Builder