Lucene search
K

17 matches found

NVD
NVD
added 2026/06/18 4:16 p.m.12 views

CVE-2025-27511

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.27.0 of the GeoServer DB2 DataStore Extension, an administrator can perform a JNDI attack through specially crafted DB2 jdbc url leading to to Remote Code Execution RCE. Version 2.27.0 fixes...

7.2CVSS0.00582EPSS
Exploits0References4
CBLMariner
CBLMariner
added 2026/06/10 2:46 a.m.11 views

CVE-2026-39833 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-39833 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

9.1CVSS5.4AI score0.0036EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/02 5:50 p.m.3 views

CVE-2026-34606 Stored XSS in Frappe LMS

Frappe Learning Management System LMS is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0...

6.9CVSS5.8AI score0.00189EPSS
Exploits0References4
OSV
OSV
added 2026/02/13 1:15 p.m.6 views

OESA-2026-1342 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. Algorithmic complexity in django.core.serializers.xmlserializer.getInnerText allows a remote...

7.5CVSS5.4AI score0.02143EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/02 3:15 p.m.10 views

CVE-2025-64460 Potential denial-of-service vulnerability in XML serializer text extraction

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. Algorithmic complexity in django.core.serializers.xmlserializer.getInnerText allows a remote attacker to cause a potential denial-of-service attack triggering CPU and memory exhaustion via specially crafted XML...

0.02143EPSS
Exploits0References3
NVD
NVD
added 2025/11/04 9:15 p.m.26 views

CVE-2025-47776

Mantis Bug Tracker MantisBT is an open source issue tracker. Due to incorrect use of loose == instead of strict === comparison in the authentication code in versions 2.27.1 and below.PHP type juggling will cause certain MD5 hashes matching scientific notation to be interpreted as numbers. Instanc...

9.1CVSS0.00326EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.20 views

Baicells多款产品 安全漏洞

Baicells Nova 436Q and others are products of Baicells, Inc.Baicells Nova 436Q is an advanced dual-carrier outdoor eNodeB eNB. Baicells Nova 227 and others are products of the company.Baicells Nova 227 is a miniature base station.Baicells NEUTRINO430 is an LTE base station. A security vulnerabili...

9.8CVSS6.6AI score0.00319EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3557

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

6.8CVSS6.4AI score0.02879EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.4 views

PT-2023-19365 · Baicells · Baicells Nova 233 +2

Name of the Vulnerable Software and Affected Versions: Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 Description: The issue concerns hardcoded credentials in the firmware of the affected devices. These credentials are easily discoverable a...

10CVSS9.2AI score0.01557EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/04/15 12:0 a.m.6 views

stb 资源管理错误漏洞

stb is a single-file public domain library for C/C ++. A security vulnerability exists in nothings stb version 2.27, which stems from a heap-based post-release reuse issue in the function stbijpeghuffdecode in the file stbimage.h. The vulnerability is caused by a heap-based post-release reuse iss...

8.8CVSS7.7AI score0.01598EPSS
Exploits1References9
vulnersOsv
vulnersOsv
added 2022/04/13 12:0 a.m.7 views

aimmo (>=0.61.9 <=1.4.11), ambition-edc (>=0.3.68 <=0.3.72) +75 more potentially affected by CVE-2022-28347 via django (>=2.2.0 <=2.2.27)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2022-28347 Source advisory: OSV:GHSA-W24H-V9QH-8GXJ...

9.8CVSS7AI score0.02919EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2020/12/28 7:15 p.m.4 views

CVE-2020-26290

Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the underlying Go library...

9.6CVSS9.7AI score0.00977EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2020/01/16 12:0 a.m.8 views

PT-2020-2006 · Php +7 · Php +7

Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x through 7.2.26 PHP versions 7.3.x through 7.3.13 PHP versions 7.4.x through 7.4.1 Description: The issue is related to the fgetss function in PHP, which can be exploited to read past the allocated buffer when used to read...

9.8CVSS6.8AI score0.9947EPSS
Exploits103References436
CNVD
CNVD
added 2018/05/22 12:0 a.m.3 views

GNU C Library Arbitrary Code Execution Vulnerability

The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A security vulnerability exists in the stdlib/canonicalize.c file in GNU C Library version 2.27 and earlier. An attacker can exploit this vulnerability to execute arbitrary code...

9.8CVSS7.5AI score0.074EPSS
Exploits0References1
OSV
OSV
added 2018/05/18 4:29 p.m.0 views

DEBIAN-CVE-2018-11237

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library aka glibc or libc6 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in mempcpyavx512novzeroupper...

7.8CVSS7.4AI score0.00858EPSS
Exploits3References1
CNVD
CNVD
added 2017/11/01 12:0 a.m.6 views

GNU C Library 'glob' Function Buffer Overflow Vulnerability

The GNU C Library aka glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A buffer overflow vulnerability exists in the 'glob' function of the glob.c file in versions of the GNU C Library prior to 2.27. A remote attacker could exploit this vulnerability to...

5.9CVSS7.2AI score0.01431EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/26 12:0 a.m.3 views

GNU C Library Buffer Overflow Vulnerability

The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A buffer overflow vulnerability exists in the 'glob' function of the glob.c file in versions of the GNU C Library prior to 2.27. A remote attacker could exploit this vulnerability to...

9.8CVSS9.7AI score0.02801EPSS
Exploits0References1
Rows per page
Query Builder