Lucene search
K

1634 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/25 9:0 p.m.10 views

CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS5.4AI score0.00143EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/25 9:0 p.m.24 views

CVE-2026-9503

Summary: CVE-2026-9503 affects GNU LibreDWG up to v0.14, specifically the DWG File Handler’s dwg_next_entity function in src/decode.c. The issue is a null pointer dereference arising from the function’s handling of certain DWG entities, with exploitation requiring local access. The exploit has be...

4.8CVSS5.4AI score0.00143EPSS
Exploits0References7
OSV
OSV
added 2026/05/21 8:43 p.m.9 views

GHSA-2FFM-HXRQ-QQMM @hulumi/drift: Orphan reconciler accepted externally supplied execute plans

Impact: @hulumi/drift versions before 1.3.2 could accept externally supplied execute plans without sufficient provenance checks, allowing unsafe reconciliation input to be treated as trusted. Patched in 1.3.2: execute-plan handling now validates provenance and rejects untrusted plans, with...

8.7CVSS5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Thunderbird

matrix-js-sdk is a client-server SDK for the Matrix messaging protocol, designed for JavaScript. In versions prior to 19.4.0, events sent with special strings in key locations could temporarily disrupt or hinder the proper functioning of matrix-js-sdk, potentially affecting the consumer’s ability...

8.2CVSS6.4AI score0.0094EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contains a “Out of Bound Read” issue in the xrdpmmtransprocessdrdynvcchannelclose function. There are no known solutions to this problem. Users are advis...

9.1CVSS7.6AI score0.00892EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions, a missing offset validation may lead to an Out Of Bound Read error in the gdimultiopaquerect function. Specifically, there is no code to validate whether the value...

9.1CVSS7.1AI score0.01529EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.16 views

Astra Linux – Vulnerability in xrdp

XRDPT is an open-source remote desktop protocol RDP server. In affected versions, an integer underflow leading to a heap overflow in the SESMAN server allows any unauthenticated attacker who can access the SESMAN server locally to execute code as root. This vulnerability has been patched in versi...

7.8CVSS7.5AI score0.00485EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a buffer overflow in the xrdpmmchandatain function. There are no known workarounds for this issue. Users are advised to upgrade...

9.8CVSS8AI score0.00847EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions may experience invalid offset validation, leading to Out Of Bound Write errors. This issue can occur when the values rect-left and rect-top are exactly equal to surface-width...

9.8CVSS6.7AI score0.01297EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk.Authenticated users can issue HRANDFIELD or ZRANDMEMBER commands with specially crafted arguments to trigger a denial-of-service attack, causing Redis to crash due to an assertion failure. This vulnerability affects Redis versions 6.2 or...

5.5CVSS5.8AI score0.69355EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. A authenticated user can use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. This issue exists in all versions of Redis that support L...

8.8CVSS6.6AI score0.04488EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Twisted

Twisted is an event-driven networking engine written in Python. In affected versions, Twisted exposes cookies and authorization headers when performing cross-origin redirects. This issue is present in the twited.web.RedirectAgent and twisted.web.BrowserLikeRedirectAgent functions. Users are advis...

7.5CVSS7.2AI score0.01381EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are subject to an Out-of-Bounds Read in the generalLumaToYUV444 function. This Out-of-Bounds Read occurs because processing is performed on the in variable without checkin...

9.1CVSS7AI score0.01247EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libhttp-daemon-perl

HTTP::Daemon is a simple HTTP server class written in Perl. Versions prior to 6.15 are vulnerable to a vulnerability that could potentially be exploited to gain privileged access to APIs or corrupt intermediate caches. It’s unclear how severe the risks are; most Perl-based applications are served...

7.3CVSS6.6AI score0.02108EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.15 views

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain an integer overflow in the xrdpmmprocessrailupdatewindowtext function. There are no known solutions to this issue. Users are...

9.8CVSS6.9AI score0.00724EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to an Out-of-Bounds Write vulnerability in the progressivedecompress function. This issue is likely due to incorrect calculations of the nXSrc and nYSrc...

9.8CVSS7.3AI score0.01106EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. Upon startup, Redis begins listening on Unix sockets before adjusting its permissions to the configuration provided by the user. If a permissive umask value is used, this can create a race condition that allows another process to establis...

3.6CVSS6.6AI score0.00444EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a bug in the xrdpmmtransprocessdrdynvcchannelopen function. There are no known solutions to this issue. Users are advised to...

9.8CVSS7.5AI score0.00799EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Puma

Puma is a Ruby/Rack web server designed for parallelism. Prior to versions 6.3.1 and 5.6.7, Puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers, which could allow HTTP request smuggling. The severity of this issue heavily depends ...

9.8CVSS6.7AI score0.00738EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a buffer overflow in the devredirprocclientdevlistannouncereq function. There are no known workarounds for this issue. Users are...

9.8CVSS7.2AI score0.00847EPSS
Exploits0References2
Rows per page
Query Builder