Lucene search
K

126 matches found

EUVD
EUVD
added 2026/05/27 2:13 p.m.17 views

EUVD-2026-32510

Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation...

6.6CVSS5.8AI score0.0027EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in binutils

A vulnerability has been discovered in GNU Binutils 2.45. The affected element is the function elfswapshdr in the bfd/elfcode.h library of the Linker component. Manipulation of this function leads to a heap-based buffer overflow. This attack must be carried out locally. The exploit has been...

7.8CVSS6AI score0.00235EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/05/11 5:0 a.m.9 views

CVE-2026-8275

A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogodippprimitives.go of the component zerogod IPP Service. Performing a manipulation results in integer coercion error. The attack can be...

6.3CVSS5.1AI score0.00523EPSS
Exploits0
OSV
OSV
added 2026/05/07 9:2 p.m.5 views

GHSA-CWFQ-RFCR-8HMP Zebra's Transparent SIGHASH_SINGLE Handling Diverges from zcashd for Corresponding Outputs

Zebra Transparent SIGHASHSINGLE Corresponding-Output Handling Diverges From zcashd Summary For V5+ transparent spends, Zebra and zcashd disagree on the same consensus rule: SIGHASHSINGLE must fail when the input index has no corresponding output. zcashd treats this as consensus-invalid under...

9.2CVSS5.9AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/20 8:37 p.m.6 views

CVE-2026-5358

REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such this makes the API provisional and unused. Secondly it has been discovered that the NIS+ cold start cache...

5.6AI score0.0004EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of the ungetwc function on character sets with...

7.5CVSS5.8AI score0.00345EPSS
Exploits1References1
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.9 views

CVE-2025-11839 affecting package binutils for versions less than 2.41-11

CVE-2025-11839 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

5.5CVSS6AI score0.00251EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.7 views

CVE-2025-69649 affecting package binutils for versions less than 2.41-11

CVE-2025-69649 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

7.5CVSS5.7AI score0.00256EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.8 views

CVE-2025-69647 affecting package binutils for versions less than 2.41-11

CVE-2025-69647 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

6.2CVSS5.7AI score0.00152EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.5 views

CVE-2025-69648 affecting package binutils for versions less than 2.41-11

CVE-2025-69648 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

6.2CVSS4.7AI score0.00176EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.8 views

CVE-2025-1147 affecting package binutils for versions less than 2.41-11

CVE-2025-1147 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

5.3CVSS6.3AI score0.00619EPSS
Exploits1
NVD
NVD
added 2026/04/08 9:16 p.m.3 views

CVE-2026-39415

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...

5.3CVSS0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 8:7 p.m.4 views

EUVD-2026-20603

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/02 5:50 p.m.17 views

CVE-2026-34606 Stored XSS in Frappe LMS

Frappe Learning Management System LMS is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0...

6.9CVSS0.00189EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/02 5:50 p.m.3 views

CVE-2026-34606 Stored XSS in Frappe LMS

Frappe Learning Management System LMS is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0...

6.9CVSS5.8AI score0.00189EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/20 9:31 p.m.6 views

EUVD-2026-13798

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

5.8AI score0.00189EPSS
Exploits1References2
CVE
CVE
added 2026/03/20 7:59 p.m.36 views

CVE-2026-4438

The CVE-2026-4438 issue affects the GNU C Library (glibc) gethostbyaddr/gethostbyaddr_r when NSSwitch DNS backend is configured; versions 2.34–2.43 may return invalid DNS hostnames. Impact per sources is a DNS-spec violation; no exploitation details are provided in the documents. A patched versio...

5.4CVSS5.8AI score0.00189EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/20 7:59 p.m.13 views

CVE-2026-4438

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

5.8AI score0.00189EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/20 7:59 p.m.44 views

CVE-2026-4437

CVE-2026-4437 concerns glibc’s DNS response parsing. According to the initial document, calling gethostbyaddr/gethostbyaddr_r with a configured nsswitch.conf DNS backend in GNU C Library versions 2.34–2.43 can yield a crafted DNS response that violates the DNS specification, causing the applicati...

7.5CVSS5.8AI score0.00292EPSS
Exploits1References1Affected Software1
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2026/03/19 7:6 p.m.4 views

[R1] Stand-alone Security Patch Available for Tenable OT version 4.2.40: tenable-ot-platform-137

R1 Stand-alone Security Patch Available for Tenable OT version 4.2.40: tenable-ot-platform-137 Jason Schavel Thu, 03/19/2026 - 15:06 An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts...

5.8AI score
Exploits0
Rows per page
Query Builder