Lucene search
+L

2396 matches found

CVE
CVE
added yesterday35 views

CVE-2026-49284

The CVE affects SimpleSAMLphp SP: the ACS path permits a response from an unexpected IdP when an unsigned Response/InResponseTo combines with a signed assertion lacking SubjectConfirmationData/InResponseTo. A response from IdP B can be bound to SP state created for IdP A, allowing bypass of IdP-s...

7.1CVSS5.3AI score
Exploits0References3
EUVD
EUVD
added 2026/07/06 7:54 p.m.7 views

EUVD-2026-24973

cut: -s only-delimited ignored when delimiter is a newline...

3.3CVSS6AI score0.00135EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/07/05 8:3 a.m.7 views

KVM: x86: Fix shadow paging use-after-free due to unexpected role

...

8.8CVSS6.1AI score0.00176EPSS
Exploits5
Debian CVE
Debian CVE
added 2026/07/04 11:51 a.m.12 views

CVE-2026-53359

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...

5.8AI score0.00176EPSS
Exploits5
NVD
NVD
added 2026/06/29 8:17 p.m.13 views

CVE-2026-43724

The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or write kernel memory...

7.8CVSS0.00142EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/29 7:42 p.m.27 views

CVE-2026-43724

The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or write kernel memory...

0.00142EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 12:0 a.m.4 views

ALSA-2026:30129 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: rxrpc: fix RESPONSE authenticator parser OOB read CVE-2026-31636 kernel: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach CVE-2026-43038 kernel: tcp: fix potential race in...

9.8CVSS5.8AI score0.00465EPSS
Exploits1References18
Snyk
Snyk
added 2026/06/24 11:17 p.m.4 views

Improper Handling of Unexpected Data Type

Overview Affected versions of this package are vulnerable to Improper Handling of Unexpected Data Type via the Link::isAllowedUri function when processing Tiptap JSON containing an attrs.href field set to an array instead of a string. An attacker can cause persistent server-side crashes by...

7.1CVSS5.8AI score0.00305EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/23 10:8 a.m.10 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00411EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.14 views

PT-2026-51575

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description When using the configparser module to write configuration files containing multi-line text values with carriage return characters r, the resulting file could be injected with unexpected keys a...

4.1CVSS5.7AI score0.00128EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2026/06/22 9:27 a.m.9 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00318EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:49 a.m.7 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.8AI score0.00462EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:49 a.m.7 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.8AI score0.00393EPSS
Exploits0References6
OSV
OSV
added 2026/06/19 11:3 a.m.6 views

SUSE-SU-2026:2467-1 Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: - CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239342. - CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs bsc1238702. ...

10CVSS7.2AI score0.00868EPSS
Exploits3References31
OSV
OSV
added 2026/06/18 9:37 a.m.2 views

SUSE-SU-2026:22158-1 Security update for python-ecdsa

This update for python-ecdsa fixes the following issue: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2026/06/17 12:3 p.m.11 views

webkit2gtk3 security update

An update is available for webkit2gtk3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WebKitGTK is the port of the portable web rendering engine WebKit to the...

8.8CVSS6.7AI score0.00693EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/15 6:47 a.m.12 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6.5AI score0.00602EPSS
Exploits0References5
CVE
CVE
added 2026/06/12 4:32 a.m.34 views

CVE-2026-45169

Idira Privileged Access Manager (PAM) Self-Hosted Vault is affected in versions prior to 15.0.3, 14.6.5, 14.2.7, and 14.0.8. The issue is a validation vulnerability where processing unexpected input under certain configurations can cause an unexpected service termination, leading to a localized D...

8.7CVSS5.5AI score0.0035EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/12 4:32 a.m.36 views

CVE-2026-45169 Idira Privileged Access Manager (PAM) Self-Hosted Vault: Denial of Service due to Unexpected Input Processing

Idira Privileged Access Manager PAM Self-Hosted Vault versions prior to 15.0.3, 14.6.5, 14.2.7, and 14.0.8 exhibit a validation vulnerability. Under specific circumstances and configuration scenarios, processing unexpected input could potentially lead to an unexpected service termination, resulti...

8.7CVSS0.0035EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/11 6:47 p.m.33 views

CVE-2025-24165

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination...

0.00121EPSS
Exploits0References3
Rows per page
Query Builder