Lucene search
K

4 matches found

OSV
OSV
added 2026/04/01 9:26 a.m.3 views

CLEANSTART-2026-JJ09127 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-33186 applied in versions: 0.28.7-r1, 0.29.0-r0, 0.30.0-r0

Multiple security vulnerabilities affect the step-cli package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS7.1AI score0.01557EPSS
Exploits3References21
OSV
OSV
added 2026/03/19 8:37 p.m.10 views

CVE-2026-30836 Step CA: Unauthenticated Certificate Issuance via SCEP UpdateReq (MessageType=18)

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through the SCEP UpdateReq. This issue has been fixed in version 0.30.0...

10CVSS6.2AI score0.00296EPSS
Exploits0References5
RubySec
RubySec
added 2026/02/03 12:0 a.m.8 views

Decidim's private data exports can lead to data leaks

Impact Private data exports can lead to data leaks in cases where the UUID generation causes collisions for the generated UUIDs. The bug was introduced by 13571 and affects Decidim versions 0.30.0 or newer currently 2025-09-23. This issue was discovered by running the following spec several times...

8.2CVSS5.5AI score0.00262EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.75 views

Wasmtime 缓冲区错误漏洞

Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. Wasmtime suffers from a buffer error vulnerability that stems from an invalid free and out-of-bounds read/write error when running Wasm due to a memory unsoundness vulnerability in...

6.3CVSS6.6AI score0.00291EPSS
Exploits0References7
Rows per page
Query Builder