Lucene search
K

743 matches found

NVD
NVD
added 2026/01/24 1:15 a.m.6 views

CVE-2026-24399

ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an payload containing a javascript: URI can be processed and executed in the browser context. This allow...

9.3CVSS0.00302EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/19 10:45 a.m.9 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle January 2026 Critical Patch Update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impac...

7.5CVSS6.9AI score0.00633EPSS
Exploits0Affected Software2
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.9 views

CVE-2022-37939

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has made the following software to resolve the vulnerability in HPE Superdome Flex Servers v3.65.8 and...

5.5CVSS6.8AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.8 views

CVE-2019-11996

Potential security vulnerabilities have been identified with HPE Nimble Storage systems in multi array group configurations. The vulnerabilities could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a...

10CVSS7.5AI score0.01464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.9 views

CVE-2022-23565

Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a SavedModel on disk such that AttrDefs of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on...

6.5CVSS6.7AI score0.00469EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:11 a.m.9 views

CVE-2025-1700

A DLL hijacking vulnerability was reported in the Motorola Software Fix Rescue and Smart Assistant installer that could allow a local attacker to escalate privileges during installation of the software...

7.1CVSS7.2AI score0.00148EPSS
Exploits0References1
OSV
OSV
added 2026/01/02 4:16 p.m.4 views

CVE-2025-48721

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Q...

6.5CVSS6AI score0.00385EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-26141

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cram decode slice function called while reading CRAM records, validation of the reference id field occurred too late, allowing two out of bounds...

8.2CVSS5.7AI score0.00373EPSS
Exploits0References8
NVD
NVD
added 2025/12/12 9:15 p.m.4 views

CVE-2025-43393

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox...

5.2CVSS0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.4 views

PT-2025-51016

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.7.3 Description A flaw exists in macOS on Intel-based Mac computers related to code-signing restrictions. This could allow an application to access user-sensitive data. Recommendations Update to macOS version 15.7.3 ...

6.5AI score0.00111EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/10 11:37 p.m.5 views

CVE-2025-67644 LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

7.3CVSS7.4AI score0.02073EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/12/10 6:4 p.m.30 views

CVE-2025-65199 Windscribe for Linux 'changeMTU' local privilege escalation

A command injection vulnerability exists in Windscribe for Linux Desktop App that allows a local user who is a member of the windscribe group to execute arbitrary commands as root via the 'adapterName' parameter of the 'changeMTU' function. Fixed in Windscribe v2.18.3-alpha and v2.18.8...

7.8CVSS0.01094EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/08 10:36 p.m.4 views

EUVD-2025-201838

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. Th...

4.6CVSS6.2AI score0.00124EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/02 5:25 p.m.12 views

CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

4.5CVSS0.00137EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 8:44 a.m.5 views

Security Bulletin: Vulnerabilities in pam library (CVE-2025-6020, CVE-2025-8941) affect Power HMC.

Summary The pam library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-6020 DESCRIPTION: A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing...

7.8CVSS6AI score0.00399EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/11/07 6:30 p.m.4 views

EUVD-2025-38282

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

7.1CVSS6.4AI score0.00452EPSS
Exploits0References2
CVE
CVE
added 2025/11/07 3:10 p.m.11 views

CVE-2025-58463

CVE-2025-58463 affects QNAP Download Station and is a relative path traversal vulnerability. The issue can be exploited by a remote attacker who has an administrator account to read contents of unexpected files or system data. The vulnerability is triggered via a path traversal flaw in the downlo...

6.3CVSS6.5AI score0.00455EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/04 2:15 a.m.3 views

UBUNTU-CVE-2025-43441

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

8.8CVSS6.4AI score0.00909EPSS
Exploits0References2
OSV
OSV
added 2025/10/21 7:15 a.m.4 views

UBUNTU-CVE-2025-12004

Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation Mediawiki - Lockdown Extension allows Privilege Abuse. Fixed in Mediawiki Core Action APIThis issue affects Mediawiki - Lockdown Extension: from master before 1.42...

10CVSS5.8AI score0.00289EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-9225

Malware in sbrugna...

7.5CVSS7.5AI score0.01086EPSS
Exploits0References2
Rows per page
Query Builder