Lucene search
K

49 matches found

Wolfi
Wolfi
added yesterday3 views

GHSA-6CV4-3H2G-632H vulnerabilities

Vulnerabilities for packages: firefox...

5.8AI score
Exploits0
Wolfi
Wolfi
added yesterday3 views

GHSA-V4QX-H7R5-6QC8 vulnerabilities

Vulnerabilities for packages: firefox...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 3 days ago5 views

CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.0012EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53113

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...

5.7AI score0.00159EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/12 5:31 p.m.9 views

CVE-2026-44169

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been...

4.3CVSS5.2AI score0.00161EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/11 5:13 p.m.14 views

CVE-2026-49261

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with wsrepnotifycmd enabled would execute shell commands embedded in the name of the joiner node. This is fixed in...

10CVSS5.6AI score0.00998EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/10 2:46 a.m.9 views

CVE-2026-42502 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-42502 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

6.1CVSS5.4AI score0.00178EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/08 3:20 p.m.8 views

CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

7.5CVSS5.6AI score0.00687EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/02 7:17 p.m.6 views

GHSA-X8MH-94WC-33GV vulnerabilities

Vulnerabilities for packages: airflow...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 2026/06/01 7:20 a.m.10 views

CVE-2026-49157

Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin low-privilege web-login accounts access to Jolokia operations which allowed executing broker...

8.8CVSS5.8AI score0.00424EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/23 1:18 a.m.8 views

GHSA-8Q93-326V-3M7G vulnerabilities

Vulnerabilities for packages: synapse...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/14 1:18 a.m.9 views

GHSA-7G25-3CHF-PPWR vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware...

5.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/12 4:16 p.m.9 views

CVE-2026-31221

PyTorch-Lightning versions 2.6.0 and earlier contain an insecure deserialization vulnerability CWE-502 in the checkpoint loading mechanism. The LightningModule.loadfromcheckpoint method, which is commonly used to load saved model states, internally calls torch.load without setting the...

8.8CVSS6.3AI score0.00385EPSS
Exploits1References1
Wolfi
Wolfi
added 2026/04/22 7:48 a.m.11 views

GHSA-HX6P-XPX3-JVVV vulnerabilities

Vulnerabilities for packages: wizer, wasmcloud, zed, yara-x...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 2026/04/22 7:34 a.m.6 views

CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.3AI score0.00085EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/04/21 9:16 p.m.4 views

CVE-2026-35250

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

2.3CVSS7.2AI score0.0011EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/04/21 9:16 p.m.3 views

CVE-2026-35248

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

5CVSS7.2AI score0.00096EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/21 9:16 p.m.5 views

CVE-2026-35251

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

7.5CVSS7.2AI score0.00107EPSS
Exploits0References1
Chainguard
Chainguard
added 2026/04/11 2:18 p.m.6 views

GHSA-67JX-R9PV-98RJ vulnerabilities

Vulnerabilities for packages: traefik-fips, traefik...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.4 views

GHSA-56P5-8MHR-2FPH vulnerabilities

Vulnerabilities for packages: kibana...

5.9AI score
Exploits0
Rows per page
Query Builder