Lucene search
K

15 matches found

CVE
CVE
added 2026/06/18 5:6 p.m.13 views

CVE-2026-48984

pam_usb for Linux (affected: v0.9.1 and earlier) has a memory handling flaw where xfree() frees buffers without zeroing contents, potentially leaving sensitive data (including one-time pad bytes) in freed heap memory. On systems with use-after-free or heap inspection capabilities, this could perm...

4.7CVSS5.6AI score0.00109EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/13 8:56 p.m.3 views

akurdyukov-tap-clickhouse (=0.0.1), asdjgasdghasdhjgasghd (=1.0.7) +81 more potentially affected by CVE-2026-32640 via simpleeval (>=0.9.1 <=1.0.4)

simpleeval PYPI version =0.9.1, =0.1.4, =0.1.0, =1.0.6, =0.0.5, =1.1.0, =0.1.3, =0.1.0, =0.3.0b1, =0.2.0, =0.1.0, =1.0.8 and more Source cves: CVE-2026-32640 Source advisory: OSV:GHSA-44VG-5WV2-H2HG...

9.8CVSS7.2AI score0.00512EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/02 4:52 p.m.6 views

1xn-vmcp (>=0.5.2 <=0.6.1), a2c-smcp (>=0.1.1rc0 <=0.1.5) +405 more potentially affected by CVE-2025-66416 via mcp (>=0.9.1 <=1.22.0)

mcp PYPI version =0.9.1, =0.5.2, =0.1.1rc0, =0.7.2, =1.1.0, =1.1.0, =1.0.0, =1.0.0, =0.4.0, =0.0.19, =1.0.0, =3.2.0, =3.2.0, =4.2.2, =4.3.3 and more Source cves: CVE-2025-66416 Source advisory: OSV:GHSA-9H52-P55H-VW2F...

8.1CVSS7.4AI score0.00463EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/06 12:23 a.m.11 views

CVE-2025-58355

Soft Serve is a self-hostable Git server for the command line. In versions 0.9.1 and below, attackers can create or override arbitrary files with uncontrolled data through its SSH API. This issue is fixed in version 0.10.0...

7.7CVSS7.2AI score0.00315EPSS
Exploits0References1
CVE
CVE
added 2025/09/03 11:52 p.m.31 views

CVE-2025-58355

CVE-2025-58355 affects Soft Serve (self-hosted Git server). In versions ≤0.9.1, an attacker can create or override arbitrary files with uncontrolled data via the SSH API. The issue is resolved in version 0.10.0. Evidence in the initial document notes vulnerable versions and the fixed release; no ...

7.7CVSS6.5AI score0.00315EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/31 12:0 a.m.3 views

Tapir 授权问题漏洞

Tapir is a private Terraform registry for PacoVK individual developers. An authorization issue vulnerability exists in Tapir version 0.9.0 and 0.9.1. An attacker exploiting this vulnerability could guess keys to gain write access to the registry...

8.7CVSS6.8AI score0.00362EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/13 8:42 p.m.4 views

WordPress glomex oEmbed plugin <= 0.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin glomex oEmbed versions = 0.9.1...

6.4CVSS5.7AI score0.00351EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/20 9:30 p.m.4 views

WordPress salavat counter Plugin plugin <= 0.9.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin salavat counter versions = 0.9.1...

6.1CVSS6.3AI score0.00536EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/25 12:0 a.m.5 views

PT-2024-29574 · Dompurify +2 · Dompurify +2

Name of the Vulnerable Software and Affected Versions: OpenObserve versions through 0.9.1 Description: The OpenObserve open-source observability platform has a security issue where it does not sanitize user input in the filter selection menu, potentially leading to complete account takeover. The...

8.8CVSS6.4AI score0.00528EPSS
Exploits1References5
Patchstack
Patchstack
added 2024/06/27 1:6 p.m.5 views

WordPress Progress Planner plugin <= 0.9.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Djennez Patchstack Alliance in WordPress Plugin Progress Planner versions = 0.9.1...

5.3CVSS7AI score0.00385EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/12/31 12:0 a.m.4 views

memos 跨站脚本漏洞

memos is an open source hosted memo center with knowledge management and social features. A cross-site scripting vulnerability exists in memos versions prior to 0.9.1, which stems from stored cross-site scripting XSS...

9.8CVSS7.9AI score0.00991EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/31 12:0 a.m.3 views

memos 跨站脚本漏洞

memos is an open source hosted memo center with knowledge management and social features. A cross-site scripting vulnerability exists in memos versions prior to 0.9.1, which stems from stored cross-site scripting XSS...

9CVSS7.4AI score0.00991EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/12/28 12:0 a.m.3 views

PT-2022-28109 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue concerns Improper Privilege Management in the GitHub repository usememos/memos. Recommendations: For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue...

8.8CVSS5AI score0.00421EPSS
Exploits1References11
OSV
OSV
added 2022/05/24 4:51 p.m.12 views

GHSA-R9PV-HG64-JQRP Exposure of Sensitive Information in Apache Storm Logviewer

The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these endpoints...

7.5CVSS7.2AI score0.02043EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/12/28 12:0 a.m.19 views

[SA18229] Ethereal GTP Dissector Denial of Service Vulnerability

TITLE: Ethereal GTP Dissector Denial of Service Vulnerability SECUNIA ADVISORY ID: SA18229 VERIFY ADVISORY: http://secunia.com/advisories/18229/ CRITICAL: Not critical IMPACT: DoS WHERE: From remote SOFTWARE: Ethereal 0.x http://secunia.com/product/1228/ DESCRIPTION: A vulnerability has been...

0.6AI score
Exploits0
Rows per page
Query Builder