Lucene search
K

13378 matches found

OSV
OSV
added 2026/04/21 5:8 p.m.15 views

CLSA-2026-1776791328 nginx: Fix of 5 CVEs

CVE-2017-7529: fix integer overflow in range filter - CVE-2018-16843: fix excessive memory consumption in HTTP/2 - CVE-2018-16844: fix excessive CPU usage in HTTP/2 - CVE-2019-9511: fix excessive memory growth via HTTP/2 DATA frame manipulation - CVE-2019-9513: fix excessive CPU usage via HTTP/2...

7.8CVSS7.3AI score0.82017EPSS
Exploits6References1
OSV
OSV
added 2026/04/21 12:1 p.m.7 views

BIT-AIRFLOW-2026-30898 Apache Airflow: Bad example of BashOperator shell injection via dag_run.conf

An example of BashOperator in Airflow documentation suggested a way of passing dagrun.conf in the way that could cause unsanitized user input to be used to escalate privileges of UI user to allow execute code on worker. Users should review if any of their own DAGs have adopted this incorrect advi...

8.8CVSS5.9AI score0.00771EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2026/04/21 11:36 a.m.11 views

USN-8191-1: Apache Commons IO vulnerability

It was discovered that Apache Commons IO's XmlStreamReader class could excessively consume CPU resources under certain circumstances. An attacker could possibly use this issue to cause Apache Commons IO to crash, resulting in a denial of service...

4.3CVSS5.8AI score0.01249EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/21 10:12 a.m.5 views

Android 17 ends all-or-nothing access to your contacts

Some of the apps on your phone want your contacts. Most don't need them all, but have been happily slurping up the lot for years. Google has decided to do something about that with the next version of Android. Android 17 currently in preview is introducing a new Contact Picker that lets users gra...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/21 9:43 a.m.5 views

OPENSUSE-SU-2026:20598-1 Security update for python-PyPDF2

This update for python-PyPDF2 fixes the following issues: Changes in python-PyPDF2: - CVE-2026-40260: crafted PDF can lead to large memory usage bsc1262284...

6.9CVSS5.7AI score0.00423EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.8 views

Flowise 操作系统命令注入漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Prior to Flowise 3.1.0, there was a vulnerability related to operating system command injection. This vulnerability stemmed from insecure serialization of printf commands in the MCP adapter,...

9.9CVSS6.1AI score0.01987EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-34227

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions 29.0 and earlier Description The CloneSite plugin contains a flaw where the 'cloneServer.json.php' endpoint constructs shell commands using the url parameter without proper sanitization. This input is directly concatenated...

9.8CVSS6.1AI score0.02221EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011235)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011235 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty listfirstentry never returns NULL - if...

7.1CVSS6.6AI score0.00152EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.11 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013141)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013141 advisory. In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AFRXRPC to provide a server, it...

5.5CVSS5.8AI score0.00135EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.9 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the IMAP/SMTP connection testing functionality in t...

4.1CVSS5.9AI score0.00291EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013050)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013050 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40evsirequestirqmsix error path If requestirq in i40evsirequestirqmsix...

7.8CVSS5.7AI score0.00147EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010714)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010714 advisory. A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernels BPF subsystem due to the way a...

7.8CVSS6.7AI score0.00346EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010829)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010829 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and...

5.6AI score0.0016EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010904)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010904 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic...

5.5CVSS6.4AI score0.00167EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.7 views

PT-2026-34532

It was discovered that Apache Commons IO's XmlStreamReader class could excessively consume CPU resources under certain circumstances. An attacker could possibly use this issue to cause Apache Commons IO to crash, resulting in a denial of service...

4.3CVSS6.6AI score0.01249EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010951)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010951 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP,...

5.8AI score0.00168EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011089 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pmruntimegetsync will increment pm...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010897)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010897 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...

5.9AI score0.00233EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011024)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011024 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedre...

7.8CVSS6.2AI score0.00182EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010970)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010970 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works...

5.5CVSS5.7AI score0.00149EPSS
Exploits0References4
Rows per page
Query Builder