Lucene search
K

74121 matches found

Fedora
Fedora
added 2026/04/04 1:3 a.m.11 views

[SECURITY] Fedora 42 Update: python3.9-3.9.25-7.fc42

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

7.1CVSS6AI score0.00308EPSS
Exploits0
Fedora
Fedora
added 2026/04/04 12:49 a.m.7 views

[SECURITY] Fedora 43 Update: python3.9-3.9.25-7.fc43

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

7.1CVSS6AI score0.00308EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/04 12:0 a.m.4 views

openSUSE 16 Security Update : kea (openSUSE-SU-2026:20452-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20452-1 advisory. Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message...

7.5CVSS5.9AI score0.01361EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.1 views

Defending Buffer Overflows in WebAssembly: A Transpiler Approach

WebAssembly is quickly becoming a popular compilation target for a variety of code. However, vulnerabilities in the source languages translate to vulnerabilities in the WebAssembly binaries. This work proposes a methodology and a WebAssembly transpiler to prevent buffer overflows in the unmanaged...

6AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/04/03 9:45 p.m.6 views

SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser

Summary The @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions e.g., 2000 nested parentheses, causing a RangeError:...

7.5CVSS6.1AI score0.00395EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/03 9:45 p.m.3 views

GHSA-8PFC-JJGW-6G26 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser

Summary The @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions e.g., 2000 nested parentheses, causing a RangeError:...

6.9CVSS6.1AI score0.00395EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/03 9:31 p.m.6 views

EUVD-2020-31212

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

8.7CVSS6AI score0.00921EPSS
Exploits0References3
NVD
NVD
added 2026/04/03 9:17 p.m.3 views

CVE-2020-37216

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

8.7CVSS0.00921EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/03 7:49 p.m.5 views

CVE-2026-23451

A flaw was found in the Linux kernel's bonding component. When a specific network configuration involving a stack of two bonding devices is set up, the bondheaderparse function can enter an infinite loop. This vulnerability can lead to a Denial of Service DoS, making the affected system...

7.5CVSS5.9AI score0.00446EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/03 5:10 p.m.4 views

CVE-2026-23446

A flaw was found in the Linux kernel's aqc111 USB network driver. When the aqc111suspend function is called, it incorrectly attempts to perform Power Management PM operations. This leads to a situation where a task hangs, preventing other critical networking operations and causing a Denial of...

5.8AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/03 4:59 p.m.7 views

CVE-2026-5349

A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function addapcdb of the file /setup.cgi. The manipulation of the argument macpcdba leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be...

9CVSS7.8AI score0.00772EPSS
Exploits1References1
OSV
OSV
added 2026/04/03 1:36 p.m.9 views

CLSA-2026-1775121288 ImageMagick: Fix of 7 CVEs

CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDoubleToLong - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...

8.1CVSS6AI score0.00594EPSS
Exploits0References1
OSV
OSV
added 2026/04/03 1:34 p.m.5 views

CLSA-2026-1775148022 binutils: Fix of 3 CVEs

CVE-2025-66862: fix heap-buffer-overflow in gnuspecial in cplus-dem.c - CVE-2025-66863: fix SEGV in ddiscriminator in cp-demangle.c - CVE-2025-66865: fix stack overflow in dprintcomp in cp-demangle.c...

7.5CVSS6.1AI score0.00323EPSS
Exploits3References1
CloudLinux
CloudLinux
added 2026/04/03 1:34 p.m.8 views

binutils: Fix of 3 CVEs

CVE-2025-66862: fix heap-buffer-overflow in gnuspecial in cplus-dem.c - CVE-2025-66863: fix SEGV in ddiscriminator in cp-demangle.c - CVE-2025-66865: fix stack overflow in dprintcomp in cp-demangle.c...

7.5CVSS5.8AI score0.00323EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/04/03 5:8 a.m.4 views

CVE-2026-32928

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...

8.4CVSS6.7AI score0.00209EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/03 4:2 a.m.3 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 4:2 a.m.2 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 4:2 a.m.1 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 4:2 a.m.1 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the handling of inter-Node Pod traffic when dual-stack networking is configured with IPsec encryption enabled. An attacker can intercept and read sensitive IPv6 Pod traffic by monitoring network...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/03 4:2 a.m.8 views

Antrea has Missing Encryption of Sensitive Data

Impact This is a missing encryption vulnerability CWE-311 affecting inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fails to apply encryption for IPv6 Pod traffic. While the IPv4 traffic is correctl...

7.5CVSS5.8AI score0.00121EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder