Lucene search
+L

2398 matches found

RedHat Linux
RedHat Linux
added 2026/04/30 2:2 p.m.8 views

Apache Tomcat: Apache Tomcat: Improper Input Validation vulnerability due to incomplete fix

A flaw was found in Apache Tomcat. This improper input validation vulnerability stems from an incomplete fix for a previous security issue CVE-2025-66614. This flaw may allow an attacker to bypass security controls or cause unexpected behavior within the application...

9.1CVSS6.8AI score0.00307EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/30 3:33 a.m.19 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS6.6AI score0.00632EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/29 2:31 p.m.10 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS6.6AI score0.00632EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/27 2:17 a.m.12 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS6.6AI score0.00632EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2026/04/23 4:0 a.m.9 views

CVE-2026-41988

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue...

3.2CVSS5.3AI score0.00181EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2026/04/23 12:0 a.m.7 views

CVE-2026-41988

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue...

3.2CVSS5.8AI score0.00181EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the netfs mechanism’s issue during retries when reading abandoned files. This issue may lead to...

8.8CVSS7.1AI score0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/20 9:31 p.m.6 views

EUVD-2026-23944

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

5.7AI score0.00448EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/15 3:24 p.m.4 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS5.9AI score0.00632EPSS
Exploits1References8
SUSE Linux
SUSE Linux
added 2026/04/15 2:28 p.m.7 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. CVE-2025-31223: processing maliciously crafted web content may lead to memory corruption...

8.8CVSS5.8AI score0.01481EPSS
Exploits4References100
OSV
OSV
added 2026/04/15 2:27 p.m.4 views

SUSE-SU-2026:1364-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.0. Security issues fixed: - CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. - CVE-2025-31223: processing maliciously crafted web content may lead to memory corruptio...

8.8CVSS5.8AI score0.01481EPSS
Exploits4References51
RedHat Linux
RedHat Linux
added 2026/04/10 7:11 a.m.2 views

poppler: Use-After-Free in StructTreeRoot class

A use-after-free vulnerability has been identified in Poppler’s StructTreeRoot class when processing specially crafted PDF documents. An attacker could exploit this flaw by persuading a user to open a malicious PDF file, or by placing such a file on a share that is later previewed, causing the...

8.6CVSS6.8AI score0.00159EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/07 11:32 p.m.4 views

CVE-2026-33815

A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

9.8CVSS5.8AI score0.00605EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/07 6:31 p.m.5 views

EUVD-2026-19640

A native messaging host vulnerability in Pega Browser Extension PBE affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension. A bad actor could create a website that contains malicious code that targets PBE. The vulnerability could occur if a user navigat...

6CVSS6AI score0.0026EPSS
Exploits0References2
NVD
NVD
added 2026/04/07 4:16 p.m.9 views

CVE-2026-1079

A native messaging host vulnerability in Pega Browser Extension PBE affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension. A bad actor could create a website that contains malicious code that targets PBE. The vulnerability could occur if a user navigat...

6CVSS0.0026EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/07 3:17 p.m.18 views

CVE-2026-1079 A native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension.

A native messaging host vulnerability in Pega Browser Extension PBE affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension. A bad actor could create a website that contains malicious code that targets PBE. The vulnerability could occur if a user navigat...

6CVSS0.0026EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 3:17 p.m.3 views

CVE-2026-1079 A native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension.

A native messaging host vulnerability in Pega Browser Extension PBE affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension. A bad actor could create a website that contains malicious code that targets PBE. The vulnerability could occur if a user navigat...

6CVSS6AI score0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30847

A native messaging host vulnerability in Pega Browser Extension PBE affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension. A bad actor could create a website that contains malicious code that targets PBE. The vulnerability could occur if a user navigat...

6CVSS6AI score0.0026EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/03 11:2 p.m.18 views

CVE-2025-43238

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination...

6.2CVSS5.8AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/04/02 7:20 p.m.6 views

CVE-2025-43236

A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination...

3.3CVSS0.00173EPSS
Exploits0References3
Rows per page
Query Builder