Lucene search
K

7921 matches found

OSV
OSV
added 2026/03/20 10:32 a.m.4 views

MAL-2026-1988 Malicious code in dataflux-pytorch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 486e56ad4de2a59b9c8890d854505075b556ca6920be97f850a14c7d648f7f3b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 10:31 a.m.10 views

Malicious code in mcp-transport-proto (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a40306e4035df29c739d5073ccb341685275d5cebba588b7014898229752e11f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 10:30 a.m.8 views

Malicious code in cloud-datasets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7cbbef34e9c8a9e6db79ffb59dde86dafe9734166f201aae8a5d1837ac262fc0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/20 10:30 a.m.3 views

MAL-2026-1986 Malicious code in cloud-datasets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7cbbef34e9c8a9e6db79ffb59dde86dafe9734166f201aae8a5d1837ac262fc0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/20 10:28 a.m.2 views

MAL-2026-1985 Malicious code in azure-eventhub-checkpointstoretable (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e41a629242e28270fbee568718ddef63da1e359ad5a5a1401ed85c48ef870d73 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 10:28 a.m.5 views

Malicious code in azure-eventhub-checkpointstoretable (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e41a629242e28270fbee568718ddef63da1e359ad5a5a1401ed85c48ef870d73 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
Patchstack
Patchstack
added 2026/03/20 10:21 a.m.6 views

WordPress KiviCare plugin <= 4.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard vulnerability

Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard vulnerability discovered by WordFence in WordPress Plugin KiviCare versions = 4.1.2...

8.2CVSS5.8AI score0.00248EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/20 9:32 a.m.4 views

EUVD-2026-13611

In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...

5.6AI score0.00121EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/20 9:32 a.m.5 views

EUVD-2026-13600

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

3.1CVSS5.2AI score0.00219EPSS
Exploits0References4
NVD
NVD
added 2026/03/20 9:16 a.m.4 views

CVE-2026-23275

In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...

7.8CVSS0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/03/20 8:8 a.m.25 views

CVE-2026-23275

CVE-2026-23275 (Linux kernel, io_uring): The issue arises when DEFER_TASKRUN | SETUP_TASKRUN are used and task work is added while the ring is resized, allowing an overlap window where IORING_SQ_TASKRUN could be OR’ed on the old/new rings during swapping. The fix adds a 2nd rings pointer, →rings_...

7.8CVSS5.6AI score0.00121EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2026/03/20 12:0 a.m.4 views

CVE-2026-23275

In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...

7.8CVSS5.7AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/03/19 6:16 p.m.9 views

CVE-2025-67115

A path traversal vulnerability in /ftl/web/setup.cgi in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote authenticated users to read arbitrary files from the filesystem via crafted values in the logtype parameter to /logsave.htm...

6.5CVSS0.00405EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/19 2:20 p.m.9 views

CVE-2023-43010

A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4: evolution-data-server,...

8.8CVSS6.2AI score0.00885EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/19 12:27 a.m.4 views

SUSE CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/19 12:27 a.m.5 views

SUSE CVE-2026-23256

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The current cleanup loop whilei-- skip the failing index i, causing a...

5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/19 12:27 a.m.2 views

SUSE CVE-2026-23257

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The current cleanup loop whilei-- skip the failing index i, causing a...

5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/19 12:27 a.m.2 views

SUSE CVE-2026-23258

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this structure is stored in oct-propsi.netdev only after the calls to...

5.7AI score0.00114EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.7 views

Sercomm SCE4255W 安全漏洞

Sercomm SCE4255W is a broadband gateway device produced by Sercomm in Taiwan, China. Previous versions of Sercomm SCE4255W DG3934v3@2308041842 had security vulnerabilities. These vulnerabilities stemmed from path traversal vulnerabilities in the /ftl/web/setup.cgi file, which could allow...

6.5CVSS5.9AI score0.00405EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/03/18 6:33 p.m.129 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

Security Engineer — Test Task A self-contained Docker environ...

10CVSS7AI score0.99654EPSS
Exploits31
Rows per page
Query Builder