Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-59868

A flaw was found in js-yaml, a JavaScript YAML parser and dumper. When merge keys are enabled, a remote attacker could exploit this vulnerability by crafting a YAML document where a chain of mappings uses merge keys, each merging the previous one. This can lead to a significant increase in CPU ti...

7.5CVSS6AI score0.00291EPSS
Exploits0References6
Snyk
Snyk
added 2026/03/27 10:21 p.m.3 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the image upload process due to improper validation of the return value from the getimagesize function. An attacker can cause persistent application crashes and denial of service b...

7.1CVSS5.9AI score0.00445EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/23 9:33 p.m.8 views

Security Bulletin: IBM Watsonx BI is affected by use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP).

Summary Watsonx BI use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in...

9.4CVSS6.5AI score0.01735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/26 6:0 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jinja2-3.1.5-py3-none-any.whl

Summary IBM Watson Discovery Cartridge contains a vulnerable version of jinja2-3.1.5-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filt...

8.8CVSS7.7AI score0.00476EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2025/05/01 6:28 a.m.1 views

External Control of System or Configuration Setting

Overview django-stubs is a Mypy stubs for Django Affected versions of this package are vulnerable to External Control of System or Configuration Setting via the inclusion of type stubs for deprecated and insecure password hashers such as MD5PasswordHasher, SHA1PasswordHasher, and...

9CVSS7.1AI score
Exploits0References3
OSV
OSV
added 2023/01/11 3:15 p.m.4 views

DEBIAN-CVE-2020-36649

A vulnerability was found in mholt PapaParse up to 5.1.x. It has been classified as problematic. Affected is an unknown function of the file papaparse.js. The manipulation leads to inefficient regular expression complexity. Upgrading to version 5.2.0 is able to address this issue. The name of the...

7.5CVSS4.1AI score0.01388EPSS
Exploits1References1
Rows per page
Query Builder