Lucene search
K

487 matches found

CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

@apollo/server 安全漏洞

@apollo/server is a JavaScript code package open-sourced by Apollo GraphQL. Versions prior to 3.13.0, 4.13.0, and 5.4.0 of @apollo/server contain security vulnerabilities. These vulnerabilities stem from improper handling of encoded requests using special character sets in the default...

7.5CVSS5.9AI score0.00628EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/01/29 10:35 a.m.7 views

Security update for abseil-cpp

This update for abseil-cpp fixes the following issues: CVE-2025-0838: Fixed heap buffer overflow in sized constructors, reserve, and rehash methods of absl:flat,nodehashset,map bsc1237543. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

5.9CVSS6AI score0.00563EPSS
Exploits0References4
NVD
NVD
added 2026/01/28 7:16 p.m.8 views

CVE-2025-68660

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, an endpoint lets any authenticated user bypass the aidiscoverpersona access controls and gain ongoing DM access to personas that may be wired to staff-only categories, RAG document set...

5.4CVSS0.00216EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/28 4:33 p.m.6 views

Malicious Package

Overview cml-tt-sets is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.9AI score
Exploits0References2
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.56 views

Suricata security vulnerabilities

Suricata is a network IDS, IPS, and NSM engine developed by the Open Information Security Foundation. Vulnerabilities exist in versions of Suricata prior to 8.0.3 and 7.0.14. These vulnerabilities stem from the use of a stack buffer for storing data sets; if the data size is too large, it may lea...

9.8CVSS6AI score0.00467EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2026/01/20 12:0 a.m.0 views

Stegano 2.1.0

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.5 views

CVE-2020-10611

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this...

9.8CVSS8AI score0.05226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.3 views

OWASP CRS 安全漏洞

OWASP CRS is an open source attack detection rule set from the CRS Project. A security vulnerability exists in OWASP CRS versions prior to 4.22.0 and prior to 3.3.8, which stems from a flaw in rule 922110 when processing multipart requests, which could lead to malicious character sets being ignor...

9.3CVSS6.5AI score0.13124EPSS
Exploits4References8
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.8 views

PT-2026-29086

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.43 and earlier Description The iconv function in the GNU C Library may experience a crash due to an assertion failure when processing inputs from the IBM1390 or IBM1399 character sets. This could potentially be exploit...

7.8CVSS5.7AI score0.00357EPSS
Exploits1References60
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992811)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992811 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check numvalidsets before accessing readerwmsets WHY & HOW numvalidsets needs to...

7.8CVSS6.1AI score0.00263EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/12/19 12:0 a.m.5 views

GRAudit Grep Auditing Tool 4.0

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/11/26 11:5 p.m.5 views

EUVD-2025-199771

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...

7.5CVSS6.5AI score0.00306EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990875)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990875 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check numvalidsets before accessing readerwmsets WHY & HOW numvalidsets needs to...

7.8CVSS6.1AI score0.00263EPSS
Exploits0References3
Fedora
Fedora
added 2025/11/06 2:24 a.m.4 views

[SECURITY] Fedora 42 Update: qt5-qtvirtualkeyboard-5.15.18-1.fc42

The Qt Virtual Keyboard project provides an input framework and reference key board frontend for Qt 5. Key features include: Customizable keyboard layouts and styles with dynamic switching. Predictive text input with word selection. Character preview and alternative character view. Automatic...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989827)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989827 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinn...

7.8CVSS5.7AI score0.00281EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/10/28 12:31 a.m.9 views

Liferay Portal Vulnerable to DoS via Crafted Headless API Request

Liferay Portal 7.4.0 through 7.4.3.99, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number of objects returned from Headless API requests, which allows remote attackers to perform denial-of-servi...

7.5CVSS7AI score0.00351EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-5c7374bfdb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS6.8AI score0.0034EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-53701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: deactivate anonymous set from preparation phase backport for 4.14 of...

5.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.3 views

Siemens SIMATIC Devices Improper Control of Resource Identifiers (CVE-2023-52620)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

2.5CVSS5.9AI score0.0024EPSS
Exploits0References2
OSV
OSV
added 2025/10/22 8:15 p.m.2 views

DEBIAN-CVE-2023-53701

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: deactivate anonymous set from preparation phase backport for 4.14 of c1592a89942e9678f7d9c8030efa777c0d57edab Toggle deleted anonymous sets as inactive in the next generation, so users cannot perform any upda...

5.9AI score
Exploits0References1
Rows per page
Query Builder