Lucene search
+L

196 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-57217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and...

7CVSS5.4AI score0.00321EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-57215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destination...

8.8CVSS5.4AI score0.00349EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-59948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a maliciously crafted package from an untrusted repository other than...

7CVSS6.1AI score0.00132EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/08 12:10 a.m.5 views

CVE-2026-55431

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, coder open app opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the $SESSIONTOKEN placeholder the...

7.7CVSS6AI score0.00336EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-50229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apac...

6.1CVSS6.1AI score0.02569EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-55677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Echo is a Go web framework. Prior to 4.15.3 and 5.2.0, Echo's router and static file handler disagree on URL path decoding. The router matches routes using the...

7.5CVSS6.1AI score0.0043EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-54268

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, an...

8.2CVSS6.1AI score0.00331EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 8:46 p.m.7 views

CVE-2026-45013 Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation

ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 have a password reset flow that constructs the reset URL using req.hostname, which is derived directly from the attacker-controlled HTTP Host header when apos.baseUrl is not explicitly configure...

8.1CVSS6AI score0.0025EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-48043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. In netty-codec- http2 prior to versions 4.1.135.Final and 4.2.15.Final...

7.5CVSS5.5AI score0.00594EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-52726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5,...

9CVSS8.2AI score0.25334EPSS
Exploits32References4
Vulnrichment
Vulnrichment
added 2026/06/09 1:23 p.m.9 views

CVE-2026-47899 Arbitrary File Read, Write, Rename, and Delete in Logseq

The Electron preload script in Logseq exposes an API method that allows the renderer process to invoke IPC handlers without proper path validation. An attacker with JavaScript execution in the renderer e.g. via XSS or a malicious plugin, can read, write, or delete arbitrary files on the user's...

8.7CVSS5.8AI score0.00137EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-41178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenTelemetry-Go is the Go implementation of OpenTelemetry. Versions 1.41.0 and 1.43.0 removed raw-length rejection and it causes Parse to process arbitrarily...

5.3CVSS5.5AI score0.00237EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2026/05/30 12:34 a.m.11 views

CVE-2026-27136 affecting package docker-compose for versions less than 2.27.0-11

CVE-2026-27136 affecting package docker-compose for versions less than 2.27.0-11. A patched version of the package is available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-42580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's chunk size parser silently overflows int,...

6.5CVSS6.8AI score0.00364EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/05/13 8:2 p.m.11 views

Strapi: Password Reset Does Not Revoke Existing Refresh Sessions

Summary of CVE-2026-22706 Vulnerability Details - CVE: CVE-2026-22706 - CVSS v3.1 Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N 2.1 — Low - Affected Versions: @strapi/admin and @strapi/plugin-users-permissions =5.33.3 Description of CVE-2026-22706 In Strapi versions prio...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-42310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang...

5.5CVSS7AI score0.00126EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-42154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint /api/v1/read does not...

7.5CVSS6.1AI score0.00761EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-42041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution Gadget...

8.2CVSS5.8AI score0.00611EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-27890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCTspecificdata segments during...

8.2CVSS6.9AI score0.00465EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/17 6:14 p.m.4 views

CVE-2026-27890 Firebird has Pre-Auth DOS when Processing Out of Order CNCT_specific_data Segments

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCTspecificdata segments during authentication, the server assumes segments arrive in strictly ascending order. If segments arrive out of order, the Array class's grow...

8.2CVSS5.7AI score0.00465EPSS
Exploits1References4
Rows per page
Query Builder