Lucene search
K

558 matches found

CVE
CVE
added 1 hour ago4 views

CVE-2026-62350

TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, a user with create udf privilege could upload a crafted shared library and install it as a user-defined function, such as eval, then execute arbitrary C code on the TDengine server side...

7.2CVSS6.3AI score
Exploits0References1
OSV
OSV
added 2026/06/30 11:34 a.m.3 views

OPENSUSE-SU-2026:21180-1 Security update for mupdf

This update for mupdf fixes the following issues: Changes in mupdf: - Build and ship MuPDF as a shared library make shared=yes instead of static-only: New subpackage libmupdf272 carries libmupdf.so.27.2 the SONAME tracks the upstream minor.patch version. Replaced the static-only mupdf-devel-stati...

7.5CVSS6AI score0.00477EPSS
Exploits1References5
OSV
OSV
added 2026/06/30 2:16 a.m.4 views

DEBIAN-CVE-2026-58302

rtapiapp in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to lo...

8.4CVSS5.9AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2026-38641

An issue in the DSO::mmapandcopy function of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via loading a crafted shared library...

7.5CVSS0.00446EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 7:23 a.m.2 views

OPENSUSE-SU-2026:21062-1 Security update for capnproto

This update for capnproto fixes the following issues: Update to version 1.4.0. Security issues fixed: - CVE-2026-32239: negative Content-Length conversion treated as impossibly large length by KJ-HTTP can lead to HTTP smuggling bsc1259638. - CVE-2026-32240: integer overflow when KJ-HTTP...

6.5CVSS6AI score0.00207EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.23 views

CVE-2026-38641

An issue in the DSO::mmapandcopy function of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via loading a crafted shared library...

0.00446EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.5 views

CVE-2026-38641

An issue in the DSO::mmapandcopy function of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via loading a crafted shared library...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/10 7:46 p.m.9 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS6.5AI score0.00529EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/05/01 3:56 p.m.7 views

CVE-2026-22165

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

8.1CVSS5.8AI score0.00346EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.12 views

PT-2026-36497

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A web page containing unusual WebGPU content loaded into the GPU GLES render process can trigger a write Use-After-Free UAF crash in the GPU GLES user-space shar...

8.1CVSS5.7AI score0.00346EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/20 1:8 p.m.18 views

CVE-2026-40342

A flaw was found in Firebird, an open-source relational database management system. An authenticated user with CREATE FUNCTION privileges can exploit a path traversal vulnerability in the external engine plugin loader. This allows an attacker to use a crafted engine name to load an arbitrary shar...

9.9CVSS6.4AI score0.00692EPSS
Exploits1References2
NVD
NVD
added 2026/04/17 8:16 p.m.10 views

CVE-2026-40342

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE...

9.9CVSS0.00692EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/17 7:22 p.m.2 views

CVE-2026-40342

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE...

9.9CVSS6.2AI score0.00692EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2026/04/17 7:22 p.m.5 views

CVE-2026-40342

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE...

9.9CVSS6.2AI score0.00692EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/16 10:46 p.m.8 views

@agent-analytics/paperclip-live-analytics-plugin (>=0.1.1 <=0.1.11), @clawjedi/paperclip-plugin-chat (>=1.0.0 <=1.0.4) +16 more potentially affected by unknown CVE via @paperclipai/shared (>=2026.318.0-canary.0 <=2026.416.0-canary.1)

@paperclipai/shared NPM version =2026.318.0-canary.0, =0.1.1, =1.0.0, =0.0.1, =0.3.3, =0.1.0, =0.1.9, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.407.0-canary.5, =2026.3.17-canary.0, =2026.3.17-canary.2, =0.1.0, =2026.324.0-canary.0, =2026.325.0-canary.3 - corporateai =2026.328.0-canary.0 -...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/16 10:45 p.m.9 views

@agent-analytics/paperclip-live-analytics-plugin (>=0.1.1 <=0.1.11), @bbengamin/paperclip-mcp-server (=0.1.0) +21 more potentially affected by unknown CVE via @paperclipai/shared (>=0.2.2 <=2026.416.0-canary.1)

@paperclipai/shared NPM version =0.2.2, =0.1.1, =1.0.0, =0.0.1, =0.3.1, =0.1.45, =0.1.0, =0.1.9, =2026.3.17-canary.0, =0.2.2, =0.1.0, =2026.3.17-canary.0, =0.2.2, =0.1.0, =0.4.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-3PW3-V88X-XJ24...

5.7AI score
Exploits0
Fedora
Fedora
added 2026/04/13 9:7 p.m.10 views

[SECURITY] Fedora 44 Update: libpasraw-1.3.0-22.fc44

Provides shared library to interface Pascal program with libraw...

9.8CVSS5.8AI score0.00735EPSS
Exploits3
Cvelist
Cvelist
added 2026/04/08 9:35 p.m.26 views

CVE-2026-40031 MemProcFS < 5.17 DLL/Shared Library Hijacking

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

8.5CVSS0.00142EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.17 views

HDF5 Plugin 2.17.0 Path Audit

This script demonstrates a controlled security audit scenario targeting the HDF5 dynamic plugin loading mechanism. It compiles a shared C library that mimics a legitimate HDF5 filter plugin by implementing the required H5Zclass2t structure and registration functions H5PLgetplugintype,...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.9 views

CVE-2021-28249

CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is ru...

8.8CVSS7.1AI score0.00415EPSS
Exploits1References1
Rows per page
Query Builder