Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
•added 4 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-47240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw data...

5.8CVSS6AI score0.00491EPSS
Exploits0References3
NVD
NVD
•added 2026/06/22 9:16 p.m.•9 views

CVE-2026-47240

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing...

5.8CVSS0.00491EPSS
Exploits0References1
CVE
CVE
•added 2026/06/22 8:17 p.m.•38 views

CVE-2026-47240

Summary of CVE-2026-47240 (Net::IMAP, Ruby) : The vulnerability affects Net::IMAP’s IMAP client in Ruby, where several commands accept a ā€œraw dataā€ argument that is validated but could still be exploited if a server does not support non-synchronizing literals. In that case, a server may interpret...

5.8CVSS6AI score0.00491EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/22 8:17 p.m.•22 views

CVE-2026-47240 Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing...

5.8CVSS0.00491EPSS
Exploits0References1
Github Security Blog
Github Security Blog
•added 2026/06/09 6:36 p.m.•13 views

Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument

Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...

9.8CVSS5.7AI score0.00491EPSS
Exploits0References3Affected Software1
OSV
OSV
•added 2026/06/09 6:36 p.m.•17 views

GHSA-8P34-64R3-MWG8 Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument

Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...

5.8CVSS5.7AI score0.00491EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2026/06/09 12:0 a.m.•12 views

PT-2026-48340

Name of the Vulnerable Software and Affected Versions Net::IMAP versions prior to 0.6.5 Net::IMAP versions prior to 0.5.15 Description Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Certain commands accept a raw data argument that is sent verbatim after...

5.8CVSS6AI score0.00491EPSS
Exploits0References8
RubySec
RubySec
•added 2026/06/09 12:0 a.m.•8 views

Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument

Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...

5.8CVSS5.7AI score0.00491EPSS
Exploits0References1Affected Software1
OSV
OSV
•added 2025/07/28 12:15 p.m.•1 views

DEBIAN-CVE-2025-38485

In the Linux kernel, the following vulnerability has been resolved: iio: accel: fxls8962af: Fix use after free in fxls8962affifoflush fxls8962affifoflush uses indiodev-activescanmask with iioforeachactivechannel without making sure the indiodev stays in buffer mode. There is a race if indiodev...

7.8CVSS5.9AI score0.00151EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•4 views

i40e: Fix macvlan leak by synchronizing access to mac_filter_hash

...

5.5CVSS6.8AI score0.00219EPSS
Exploits0
RedhatCVE
RedhatCVE
•added 2024/06/20 3:28 p.m.•28 views

CVE-2024-38582

A flaw was found in the Linux kernel. A potential hang in nilfsdetachlogwriter may lead to compromised availability...

5.5CVSS9AI score0.00861EPSS
Exploits0References4
Cvelist
Cvelist
•added 2023/03/23 5:13 p.m.•29 views

CVE-2023-1603

Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision...

6.7AI score0.00618EPSS
Exploits0References1
CNVD
CNVD
•added 2023/03/17 12:0 a.m.•30 views

Adobe Creative Cloud Desktop Application Code Execution Vulnerability

Adobe Creative Cloud Desktop Application is a suite of applications for managing applications and services in the Creative Cloud Membership Management Center from Adobe USA. The program supports synchronizing and sharing files, managing fonts, and accessing asset libraries for commercial...

8.6CVSS7.9AI score0.00355EPSS
Exploits0References1
Huntr
Huntr
•added 2022/01/01 12:37 p.m.•9 views

Cross-site Scripting (XSS) - Stored in cacti/cacti

Description Hi there cacti maintainer team, I would like to report a stored XSS in cacti source code. It is due to unsanitized error message in synchronizing aggregates for color. Proof of Concept 1. Install a cacti instance in your local 2. Go to Color and create a color with name 3. Back to col...

Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2009/02/20 12:0 a.m.•17 views

Dropbox Software Detection

Dropbox is installed on the remote host. Dropbox is an application for storing and synchronizing files between computers, possibly outside the organization. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid35717;...

5.6AI score
Exploits0References1
Rows per page
Query Builder