Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/19 8:5 a.m.5 views

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2026-27142 DESCRIPTION: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an...

8.2CVSS8AI score0.00728EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : rh-nodejs12-nodejs-12.16.1-1.el7 (AXSA:2020-4480:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4480:02 advisory. nodejs: HTTP request smuggling using malformed Transfer-Encoding header CVE-2019-15605 nodejs: Remotely trigger an assertion on a TLS server with a...

9.8CVSS8.4AI score0.57132EPSS
Exploits2References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-48291

Malicious code in bioql PyPI...

6.5CVSS7.8AI score0.00369EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32802

Malicious code in bioql PyPI...

4.8CVSS5AI score0.00426EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/07/07 12:0 a.m.4 views

FreeBSD : firefox -- multiple vulnerabilities (a55d2120-58cf-11f0-b4ad-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a55d2120-58cf-11f0-b4ad-b42e991fc52e advisory. [email protected] reports: An attacker was able to bypass the connect-src directive of a...

9.8CVSS7AI score0.02855EPSS
Exploits0References13
Mozilla
Mozilla
added 2025/07/02 12:0 a.m.23 views

Security Vulnerabilities fixed in Thunderbird 140 — Mozilla

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. Th...

9.8CVSS7.6AI score0.03057EPSS
Exploits0References12Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/24 1:50 p.m.6 views

CVE-2025-6032

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack. Mitigation Download the VM image manually with another tool that verifies the TLS certificate and...

8.3CVSS7AI score0.00397EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/19 12:0 a.m.4 views

PT-2025-17396 · Ssl.Com · Ssl.Com

Name of the Vulnerable Software and Affected Versions: SSL.com versions prior to 2025-04-19 Description: The issue arises when domain validation method 3.2.2.4.14 is used, allowing a trusted TLS certificate to be issued for the domain name of a requester's email address, even if the requester doe...

6.4CVSS6.5AI score0.00089EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2023/02/16 12:0 a.m.8 views

CVE-2022-48308

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...

6.3CVSS6.7AI score0.00191EPSS
Exploits0References1
Rows per page
Query Builder