Lucene search
K

37 matches found

Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-54898

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...

2.1CVSS5.9AI score0.00117EPSS
Exploits0
OSV
OSV
added 2026/05/08 5:45 a.m.8 views

BIT-JRE-2023-42950

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.1AI score0.01069EPSS
Exploits0References12
NVD
NVD
added 2026/03/12 1:15 a.m.7 views

CVE-2023-43010

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption...

8.8CVSS0.00885EPSS
Exploits0References19
CVE
CVE
added 2026/03/12 12:52 a.m.47 views

CVE-2023-43010

CVE-2023-43010 stems from a WebKit/Web content memory handling issue that could lead to memory corruption. Affected products include Apple WebKit/WebKit-based components in iOS, iPadOS, and macOS (e.g., Safari) with reported impact when processing malicious web content. The issue is mitigated by ...

8.8CVSS5.8AI score0.00885EPSS
Exploits0References19Affected Software4
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.6 views

Apple多款产品 安全漏洞

Apple Safari, among others, are products of the American company Apple. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad...

8.8CVSS6.9AI score0.00885EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/11 2:54 p.m.5 views

EUVD-2026-10937

Umbraco Affected by Vertical Privilege Escalation via Missing Authorization Checks...

7.2CVSS5.8AI score0.00257EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.8 views

PT-2026-24901

Name of the Vulnerable Software and Affected Versions Apple products affected versions not specified iOS versions prior to 17.2 iPadOS versions prior to 17.2 macOS Sonoma versions prior to 14.2 Safari versions prior to 17.2 iOS versions prior to 16.7.15 iPadOS versions prior to 16.7.15 iOS versio...

10CVSS6.7AI score0.01481EPSS
Exploits4References104
NVD
NVD
added 2026/03/10 10:16 p.m.4 views

CVE-2026-31833

Umbraco is an ASP.NET CMS. From 16.2.0 to before 16.5.1 and 17.2.2, An authenticated backoffice user with access to Settings can inject malicious HTML into property type descriptions. Due to an overly permissive attributeNameCheck configuration /.+/ in the UFM DOMPurify instance, event handler...

6.7CVSS0.0026EPSS
Exploits0References1
NVD
NVD
added 2026/03/10 10:16 p.m.4 views

CVE-2026-31834

Umbraco is an ASP.NET CMS. From 15.3.1 to before 16.5.1 and 17.2.2, A privilege escalation vulnerability has been identified in Umbraco CMS. Under certain conditions, authenticated backoffice users with permission to manage users, may be able to elevate their privileges due to insufficient...

7.2CVSS0.00257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.6 views

PT-2026-24485

Name of the Vulnerable Software and Affected Versions Umbraco versions 14.0.0 through 16.5.0 Umbraco version 17.2.2 Description Umbraco, an ASP.NET CMS, contains a flaw in a backoffice API endpoint related to object-level authorization. Authenticated users can assign domain-related data to conten...

5.4CVSS5.8AI score0.00179EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/28 6:7 p.m.6 views

EUVD-2026-4877

OpenProject is an open-source, web-based project management software. To enable the real time collaboration on documents, OpenProject 17.0 introduced a synchronization server. The OpenPrioject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a share...

8.9CVSS5.9AI score0.00159EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001919)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001919 advisory. kernel/trace/tracesyscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local...

7.8CVSS6.4AI score0.00568EPSS
Exploits1References12
OSV
OSV
added 2025/11/09 12:0 a.m.6 views

OPENSUSE-SU-2025:15721-1 incus-6.17-2.1 on GA media

These are all security issues fixed in the incus-6.17-2.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.8AI score0.00526EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/11 11:24 p.m.14 views

CVE-2025-59039

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

9.3CVSS6.8AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 11:15 p.m.12 views

CVE-2025-59039

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

9.3CVSS0.00312EPSS
Exploits0References2
OSV
OSV
added 2024/03/28 4:15 p.m.3 views

CVE-2023-42962

This issue was addressed with improved checks This issue is fixed in iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. A remote attacker may be able to cause a denial-of-service...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/28 12:0 a.m.3 views

PT-2024-13070 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.2 iPadOS versions prior to 17.2 iOS version 16.7.3 iPadOS version 16.7.3 Description: A remote attacker may be able to cause a denial-of-service. This issue was addressed with improved checks. Recommendations: For iOS...

7.5CVSS6AI score0.00805EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/03/28 12:0 a.m.3 views

Apple iOS 和 iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.2 and iPadOS version 17.2, which originates from handling...

8.8CVSS7.3AI score0.01069EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.2 views

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.2 and iPadOS version 17.2, which arises from applications that may...

5.5CVSS4.5AI score0.00303EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.3 views

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.2 and iPadOS version 17.2, which stems from Processing a...

5.5CVSS4.7AI score0.00473EPSS
Exploits0References12
Rows per page
Query Builder