Lucene search
+L

14 matches found

cvelist
cvelist
added 2026/06/25 4:50 p.m.33 views

CVE-2026-50573 pnpm: Unsafe default behavior breaks integrity check

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm install in non-frozen mode can accept new remote package content after detecting that the downloaded tarball does not match the integrity recorded in pnpm-lock.yaml. When a package is already locked with an integrity value, and the...

6.8CVSS0.00113EPSS
Exploits1References1
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27007

Malware in sbrugna...

5.4CVSS5.6AI score0.00521EPSS
Exploits0References2
veeam
veeam
added 2025/06/04 12:0 a.m.32 views

Dell Unity Storage - "Unable to validate the specified certificate (Error Code: 0x1000100)"

Challenge When attempting to add a Dell Unity Storage Appliance that has been upgraded to firmware version 5.5 to Veeam Backup & Replication or operate backups to such storage, the following error occurs: Unable to validate the specified certificate Error Code: 0x1000100 Cause An investigation by...

6.7AI score
Exploits0Affected Software1
nessus
nessus
added 2025/05/29 12:0 a.m.12 views

Amazon Linux 2 : ImageMagick (ALAS-2025-2857)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2857 advisory. In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...

7.5CVSS4.9AI score0.0051EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/05/22 11:10 p.m.6 views

CVE-2022-36046

Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.2.3, Node.js version above v15.0.0 being used with strict unhandledRejection exiting AND using next start or a custom server...

5.3CVSS6.7AI score0.00999EPSS
Exploits0
github
github
added 2025/04/23 2:5 p.m.13 views

pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting

The path shortening function is used in pnpm: export function depPathToFilename depPath: string, maxLengthWithoutHash: number: string let filename = depPathToFilenameUnescapeddepPath.replace/\/:?"|/g, '+' if filename.includes'' filename = filename .replace/$/, '' .replace/\||/g, '' if...

6.5CVSS6.7AI score0.00204EPSS
Exploits1References3Affected Software1
redhatcve
redhatcve
added 2025/03/07 1:58 a.m.9 views

CVE-2025-27640

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows SQL Injection V-2024-012...

9.8CVSS8.5AI score0.00682EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/01/17 12:0 a.m.4 views

PT-2023-33615 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to conflicts with built-in functions in bpf iter ksym. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...

7.1AI score
Exploits0References1
citrix
citrix
added 2022/11/22 12:0 a.m.10 views

ADC-13.0-Issue is with unable to upgrade ADC VPX

During Upgrade of VPX you are faced with error message, "License server version 11.14.0.2 not compatible with client version 11.16.6.0 Either upgrade the ADM to ensure that it is running", during upgrade process...

7AI score
Exploits0
osv
osv
added 2020/08/17 2:19 p.m.4 views

OPENSUSE-SU-2020:1228-1 Security update for postgresql, postgresql96, postgresql10, postgresql12

This update for postgresql, postgresql96, postgresql10, postgresql12 fixes the following issues: Postgresql12 was updated to 12.3 bsc1171924. - https://www.postgresql.org/about/news/2038/ - https://www.postgresql.org/docs/12/release-12-3.html - Let postgresqlXX conflict with postgresql-noarch...

7.3CVSS7.2AI score0.02235EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2020/07/13 9:15 p.m.38 views

CVE-2020-14298

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the...

8.8CVSS7.1AI score0.00321EPSS
Exploits0References1
oraclelinux
oraclelinux
added 2020/02/19 12:0 a.m.92 views

sudo security update

1.8.23-4.0.2.2 - Bump release to avoid conflict with previous Orace Linux errata 1.8.23-4.2 - RHEL 7.7.z - fixed CVE-2019-18634 Resolves: rhbz1798094 1.8.23-4.1 - RHEL-7.7.z - fixed CVE-2019-14287 Resolves: rhbz1760694...

9CVSS1.6AI score0.63917EPSS
Exploits21
nessus
nessus
added 2017/04/21 12:0 a.m.15 views

Debian DLA-904-1 : uzbek-wordlist update

The dictionary provided by this package had an unnecessary unversioned conflict against the thunderbird package which recently got reintroduced into Wheezy. For Debian 7 'Wheezy', this problem has been fixed in version 0.6-3.2+deb7u1. We recommend that you upgrade your uzbek-wordlist packages...

5.3AI score
Exploits0References2
veeam
veeam
added 2011/10/07 12:0 a.m.22 views

Return argument has an invalid type

Challenge Veeam Backup Enterprise Manager fails to collect data from a Veeam Backup server with the following error: Return argument has an invalid type. The following error can be seen in VeeamBES.log: timestamp Info Reporting data were successfully collected from the server server.local timesta...

6.9AI score
Exploits0
Rows per page
Query Builder