Lucene search
K

13 matches found

CNNVD
CNNVD
added 2026/03/27 12:0 a.m.11 views

pypdf 安全漏洞

pypdf is an open-source, free, and pure Python PDF library developed by py-pdf. It allows for splitting, merging, cropping, and converting pages of PDF files. Prior to version 6.9.2, pypdf had a security vulnerability that could be exploited by attackers to create PDF files that led to infinite...

8.2CVSS5.8AI score0.00455EPSS
Exploits0References3
OSV
OSV
added 2026/03/26 11:58 p.m.6 views

CVE-2026-33699 pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider...

8.2CVSS5.8AI score0.00455EPSS
Exploits0References5
NVD
NVD
added 2026/03/25 5:17 p.m.9 views

CVE-2026-32523

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through = 6.9.2...

9.9CVSS0.00319EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 4:15 p.m.7 views

CVE-2026-32523

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through = 6.9.2...

5.8AI score0.00319EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.4 views

Fedora 43 : wordpress (2026-5774d46593)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5774d46593 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...

4.3CVSS5.9AI score0.00305EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.3 views

Fedora 44 : wordpress (2026-bf984d4931)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bf984d4931 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...

4.3CVSS5.9AI score0.00305EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

WordPress 6.0 < 6.9.2

WordPress versions 6.0 6.9.2 are affected by one or more vulnerabilities %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from WordPress Security Advisory wordpress-6-9-2-release. include'compat.inc'; if description scriptid301728;...

5.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 3 : kernel-2.6.18-128.9AXS3 (AXSA:2009-387:10)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-387:10 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security bugs fixed by this release: CVE-2009-2692 The Linux...

7.8CVSS6.9AI score0.14749EPSS
Exploits34References3
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.4 views

Johnson Controls iSTAR Ultra 安全漏洞

Johnson Controls iSTAR Ultra is an access controller from Johnson Controls, Inc. It provides network resiliency and faster processing speeds. A security vulnerability exists in Johnson Controls iSTAR Ultra versions 6.9.2 and earlier, which stems from incomplete firmware validation and could lead ...

9.3CVSS6.7AI score0.00096EPSS
Exploits0References2
OSV
OSV
added 2025/05/12 3:16 p.m.3 views

CVE-2025-46610

ARTEC EMA Mail 6.92 allows CSRF...

8.8CVSS5.8AI score0.0023EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 2:15 p.m.4 views

AZL-34865 CVE-2023-6111 affecting package kernel for versions less than 6.6.29.1-4

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possible to free a...

7.8CVSS7AI score0.00319EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/09/08 10:6 a.m.3 views

oniguruma: Use-after-free in onig_new_deluxe() in regext.c

A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

9.8CVSS7.8AI score0.04047EPSS
Exploits0References4
CNVD
CNVD
added 2019/07/11 12:0 a.m.3 views

Oniguruma Memory Misreference Vulnerability

Oniguruma is a BSD-licensed regular expression library that supports multiple character encodings. A memory misreference vulnerability exists in onignewdeluxe in regext.c in Oniguruma 6.9.2, which can be exploited by an attacker to obtain information, execute code, or cause a denial of service by...

9.8CVSS7.9AI score0.04047EPSS
Exploits0References1
Rows per page
Query Builder