Lucene search
K

91392 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2026:2410-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2410-1 advisory. This update for openssl-11-livepatches fixes the following issues - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Tenable has...

8.8CVSS7.1AI score0.02719EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/19 3:41 p.m.9 views

User Impersonation

Overview silverstripe/framework is a PHP framework forming the base for the SilverStripe CMS. Affected versions of this package are vulnerable to User Impersonation via insufficient validation of proxy-related HTTP headers. An attacker can spoof client IP addresses, hostnames, or protocols by...

5.3CVSS5.9AI score
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.20 views

Astra Linux – Vulnerability in busybox

Busybox contains a vulnerability related to SSL certificate validation. This vulnerability exists in the “busybox wget” applet, and it can lead to the execution of arbitrary code. This vulnerability appears to be exploitable by simply downloading any file over an HTTPS connection using “busybox...

8.1CVSS7AI score0.02462EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Maven

Apache Maven will no longer follow repositories that are defined in a dependency’s Project Object Model pom, which may be surprising to some users. This change introduces potential risks if a malicious actor takes control of such repositories or gains access to pretend to be those repositories...

9.1CVSS6.7AI score0.08691EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.12 views

netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers

A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...

8.7CVSS5.6AI score0.00606EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 3:51 p.m.8 views

Security Bulletin: Vulnerability in edk2 affects IBM Netezza Appliance

Summary The edk2 package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9230 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigge...

7.5CVSS6.7AI score0.01744EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/17 3:45 p.m.9 views

netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers

A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...

8.7CVSS5.6AI score0.00606EPSS
Exploits0References7
OSV
OSV
added 2026/06/17 6:0 a.m.5 views

RLSA-2026:26275 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Use After Free with SSLfreebuffers CVE-2024-4741 openssl: Heap Use-After-Free in OpenSSL...

8.1CVSS5.4AI score0.02945EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/17 1:55 a.m.11 views

Important: Red Hat Security Advisory: 389-ds-base security, bug fix, and enhancement update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS5.4AI score0.00815EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/16 12:46 p.m.9 views

openssl: Use After Free with SSL_free_buffers

A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSLfreebuffers function may cause memory to be accessed that was previously freed in some situations...

7.5CVSS6.6AI score0.02945EPSS
Exploits0References5
OSV
OSV
added 2026/06/16 12:37 p.m.4 views

BIT-DISCOURSE-2026-44784 Discourse: Non-staff group owners can see email password in plaintext through group history

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.4, 2026.3.0 to before 2026.3.1, and 2026.4.0 to before 2026.4.1, group owners who are not necessarily admins or moderators can view a group's outgoing email/SMTP credentials in plaintext via the group history...

6.5CVSS5.4AI score0.00231EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.71 views

Fortinet FortiOS - Credentials Disclosure

Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests due to improper limitation of a...

9.8CVSS8.4AI score0.99999EPSS
Exploits22References3
SUSE CVE
SUSE CVE
added 2026/06/16 2:20 a.m.9 views

SUSE CVE-2026-44893

Netty is a network application framework for development of protocol servers and clients. In netty-codec-haproxy prior to versions 4.1.135.Final and 4.2.15.Final, when decoding a PP2TYPESSL TLV, HAProxyMessage.readNextTLV first calls header.retainedSliceheader.readerIndex, length and only then...

7.5CVSS5.5AI score0.00594EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/16 2:20 a.m.9 views

SUSE CVE-2026-45416

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS5.5AI score0.00461EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.26 views

RHEL 8 : openssl (RHSA-2026:26275)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26275 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

8.8CVSS6.9AI score0.02945EPSS
Exploits0References6
NVD
NVD
added 2026/06/15 9:17 p.m.13 views

CVE-2026-48970

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

8.1CVSS0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.44 views

CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

8.1CVSS0.00322EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.32 views

CVE-2026-48970

The CVE affects WordPress the Really Simple SSL plugin (versions

8.1CVSS5.2AI score0.00322EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.6 views

CVE-2026-48970 WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

8.1CVSS5.2AI score0.00322EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.7 views

EUVD-2026-36866

Unauthenticated Broken Authentication in Really Simple SSL = 9.5.10 versions...

8.1CVSS5.2AI score0.00322EPSS
Exploits0References1
Rows per page
Query Builder