Lucene search
K

12475 matches found

NVD
NVD
added 2026/05/11 9:18 p.m.9 views

CVE-2026-28906

This issue was addressed through improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An attacker may be able to track users through their IP address...

7.5CVSS0.0043EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/11 9:20 a.m.13 views

libXpm vulnerable to out-of-bounds read

Overview libXpm provided by X.Org Foundation incorrectly handles malformed XPM files, leading to an out-of-bounds read vulnerability. Out-of-bounds read CWE-125 - CVE-2026-4367 Naoki Wakamatsu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017504 advisory. curl 7.1.1 to and including 7.75.0 is vulnerable to an Exposure of Private Personal Information to an Unauthorized Actor by leaking credentials in the HTTP Referer:...

5.3CVSS6.8AI score0.05301EPSS
Exploits1References4
OSV
OSV
added 2026/05/09 12:33 p.m.6 views

OESA-2026-2261 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

7.8CVSS5.5AI score0.00364EPSS
Exploits1References2
Fedora
Fedora
added 2026/05/08 7:58 p.m.11 views

[SECURITY] Fedora 43 Update: nodejs22-22.22.2-2.fc43

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

9.8CVSS6AI score0.26356EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.6 views

Fedora 43 : perl-Starman (2026-b94aad33a5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b94aad33a5 advisory. Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes Content-Length over...

7.5CVSS5.9AI score0.00487EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/05 4:27 p.m.11 views

Important: Red Hat Security Advisory: RHACS 4.10.2 security and bug fix update

Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...

9.8CVSS6.8AI score0.01557EPSS
Exploits2References13
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/05 12:0 a.m.11 views

bubblewrap-0.11.2-1.1 on GA media (moderate)

bubblewrap-0.11.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10671-1 Rating: moderate Cross-References: CVE-2026-41163 CVSS scores: CVE-2026-41163 SUSE : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-41163 SUSE : 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N...

7.3CVSS5.8AI score0.00274EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.13 views

PT-2026-38198

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in Cast allows an attacker on the local network segment to bypass the same origin policy via malicious network traffic. The same origin policy...

9.6CVSS5.8AI score0.00344EPSS
Exploits0References137
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-38174

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An out of bounds read in Codecs allows a remote attacker to obtain potentially sensitive information from process memory by using a malicious file. An out of bounds read occurs when a...

9.6CVSS5.8AI score0.00344EPSS
Exploits0References136
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.6 views

PT-2026-36908

Name of the Vulnerable Software and Affected Versions Postfix versions prior to 3.8.16 Postfix versions 3.9 prior to 3.9.10 Postfix versions 3.10 prior to 3.10.9 Description A buffer over-read can occur, potentially leading to a process crash, when an enhanced status code is used that lacks text...

7.5CVSS6AI score0.00415EPSS
Exploits0References52
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.9 views

Debian dsa-6239 : chromium - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6239 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6239-1 [email protected]...

9.6CVSS6.2AI score0.00433EPSS
Exploits0References63
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.7 views

PT-2026-36537

Name of the Vulnerable Software and Affected Versions libModSecurity3 versions prior to 3.0.15 Description A segmentation fault occurs when a rule using the t:hexDecode transformation inspects a query string parameter containing a single character. This allows an attacker to crash worker processe...

8.2CVSS5.8AI score0.00435EPSS
Exploits1References11
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Medium: tomcat-native

Issue Overview: CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M7 through 10.1.52, from 9.0.83 through 9.0.115;...

9.1CVSS4.5AI score0.00715EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.4 views

Fedora 44 : mapserver (2026-b5a2da2c73)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b5a2da2c73 advisory. Update to mapserver 8.6.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

7.5CVSS5.5AI score0.00865EPSS
Exploits1References2
Fedora
Fedora
added 2026/04/28 1:14 a.m.7 views

[SECURITY] Fedora 42 Update: python3-docs-3.13.13-1.fc42

The python3-docs package contains documentation on the Python 3 programming language and interpreter...

7.5CVSS4.5AI score0.00621EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/25 7:22 a.m.5 views

CVE-2026-28525

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoosemultipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing...

8.2CVSS5.9AI score0.00316EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/23 7:57 a.m.8 views

Multiple vulnerabilities in LogonTracer

Overview LogonTracer provided by Japan Computer Emergency Response Team Coordination Center JPCERT/CC is a tool to investigate malicious Windows logons by visualizing and analyzing Windows event logs. LogonTracer contains multiple vulnerabilities listed below. OS command injection CWE-78 -...

8.8CVSS5.7AI score0.01213EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.5 views

Fedora 42 : pie (2026-3b2063832d)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3b2063832d advisory. Version 1.4.1 - Update bundled Composer to 2.9.7 ---- Version 1.4.0 New features! - Prompt to install missing system dependencies - Prompt to install build...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011076)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011076 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances...

7.1CVSS6.3AI score0.00149EPSS
Exploits0References4
Rows per page
Query Builder