Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/03/09 6:31 p.m.3 views

CVE-2026-30851

A flaw was found in the Caddy server platform, specifically within its reverse proxy module. The 'forwardauth copyheaders' functionality fails to properly strip client-supplied headers. This oversight allows a remote attacker to inject malicious headers, leading to identity injection and...

8.8CVSS5.6AI score0.00249EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/02/20 11:49 p.m.7 views

CVE-2026-2492

A flaw was found in TensorFlow. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code. The flaw exists within the HDF5 library's handling of plugins, which are loaded from an unsecured location. An attacker with low-privileged code execution can exploit this...

7.8CVSS7.4AI score0.00252EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/17 8:37 p.m.4 views

CVE-2025-60360

radare2 v5.9.8 and before contains a memory leak in the function r2rsubprocessinit. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread...

5.5CVSS6.4AI score0.00151EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/13 5:27 a.m.3 views

CVE-2025-8879

A flaw was found in chromium-browser. A heap buffer overflow exists within the libaom library, allowing a remote attacker to potentially trigger heap corruption through a crafted sequence of gestures. This vulnerability allows an attacker to manipulate memory via a specially designed input. The...

8.8CVSS7.7AI score0.00265EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/13 5:16 a.m.3 views

CVE-2025-8881

A flaw was found in chromium-browser. A coding error within the file picker component allows a remote attacker to trigger a cross-origin data leak by manipulating user interface gestures through a specially crafted HTML page. This manipulation allows the attacker to access data from other origins...

6.5CVSS6.6AI score0.0023EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/11 6:31 p.m.9 views

CVE-2025-8864

Shared Access Signature token is not masked in the backup configuration response and is also exposed in the ybbackup logs Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...

6.8CVSS7.1AI score0.00156EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/07 5:15 p.m.7 views

CVE-2025-3264

A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library. This vulnerability may allow an attacker to induce a denial of service in the application using the Transformers library. Mitigation Mitigation for this issue is either not availabl...

5.3CVSS5AI score0.00431EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/06/19 4:19 a.m.4 views

CVE-2025-50182

A flaw was found in urllib3. The library fails to properly validate redirect URLs, allowing an attacker to manipulate redirect chains when used in environments like Pyodide utilizing the JavaScript Fetch API. This lack of validation can enable a remote attacker to control the redirect destination...

5.3CVSS5AI score0.00313EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/21 5:27 a.m.18 views

CVE-2025-43929

A flaw was found in kitty. This vulnerability allows arbitrary code execution via execution of a locally linked executable without user confirmation. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

4.1CVSS5.9AI score0.00167EPSS
Exploits1References6
Rows per page
Query Builder