UBUNTU-CVE-2026-34986

Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption JWE object will panic if t...

Security Bulletin: IBM DevOps Plan REST APIs are vulnerable to exposure of sensitive data through request query parameters. (CVE-2025-36364)

Summary A vulnerability has been identified in IBM DevOps Plan REST APIs where sensitive data is transmitted via request query parameters. Vulnerability Details CVEID:CVE-2025-36364 DESCRIPTION: IBM DevOps Plan allows web page cache to be stored locally which can be read by another user on the...

MiracleLinux 9 : kernel-5.14.0-70.30.1.el9_0 (AXSA:2023-5105:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5105:05 advisory. posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

CVE-2021-3305

creationtimestamp| type| source ---|---|--- 2025-05-13 15:31:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16154...

WordPress plugin VForm 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-36388

MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function...

CVE-2023-3058

A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the publi...

SUSE CVE-2021-28275

A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a craftedfile...

CVE-2022-3053

creationtimestamp| type| source ---|---|--- 2022-09-26 20:22:54+00:00| seen| https://t.me/cibsecurity/50507...

CVE-2022-37175

Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet...

CVE-2022-30551

creationtimestamp| type| source ---|---|--- 2022-05-20 16:36:40+00:00| seen| https://t.me/cibsecurity/43049...

UBUNTU-CVE-2021-3605

There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...