Lucene search
+L

26 matches found

OSV
OSV
added 2026/07/06 8:3 a.m.5 views

PYSEC-2026-972 Core dump when loading TFLite models with quantization in TensorFlow

Impact Certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling. Thus, since code was calling...

5.5CVSS6AI score0.00316EPSS
Exploits1References12
NVD
NVD
added 2026/06/17 10:16 p.m.15 views

CVE-2026-50200

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Management.Endpoint prior to version 4.2.0 and Steeltoe.Management.EndpointCore prior to version 3.4.0, the Sanitizer component in the Environment actuator...

7.5CVSS0.00185EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/12 2:16 p.m.45 views

CVE-2026-45673 Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entrop...

6.8CVSS0.00256EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:51 a.m.8 views

CVE-2026-42277

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the GET /chat/file/fileid endpoint allows any authenticated user to download any other user's uploaded files by providing the file UUID. The endpoint verifies the caller is authenticated but never checks that the file...

6.5CVSS5.7AI score0.00201EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/02 7:15 p.m.20 views

CVE-2026-34838 Group-Office: Authenticated Remote Code Execution via PHP Insecure Deserialization in `AbstractSettingsCollection`

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.156, 25.0.90, and 26.0.12, a vulnerability in the AbstractSettingsCollection model leads to insecure deserialization when these settings are loaded. By injecting a serialized FileCookieJar...

9.9CVSS0.01026EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/25 12:25 a.m.8 views

SUSE CVE-2026-25576

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larg...

5.1CVSS5.9AI score0.00181EPSS
Exploits0References7
EUVD
EUVD
added 2026/02/24 1:2 a.m.5 views

EUVD-2026-7442

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted imag...

7.5CVSS5.4AI score0.00429EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-2419

Malware in sbrugna...

7.5CVSS7.4AI score0.44824EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-2791

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.01074EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-43650

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00809EPSS
Exploits0References4
CBLMariner
CBLMariner
added 2025/08/06 9:13 p.m.5 views

CVE-2025-38004 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38004 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

7.1CVSS8.3AI score0.00205EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/07/17 9:12 p.m.6 views

CVE-2025-6395 affecting package gnutls for versions less than 3.8.3-6

CVE-2025-6395 affecting package gnutls for versions less than 3.8.3-6. A patched version of the package is available...

6.5CVSS7.3AI score0.00619EPSS
Exploits0
Patchstack
Patchstack
added 2025/06/05 12:7 a.m.12 views

WordPress Team Showcase plugin < 25.05.13 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Team Showcase versions 25.05.13...

4.3CVSS6.7AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/05 12:6 a.m.9 views

WordPress Testimonials Showcase plugin <= 1.9.16 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Testimonials Showcase versions = 1.9.16...

4.3CVSS6.7AI score0.00241EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 9:36 p.m.10 views

CVE-2021-43836

Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18...

8.8CVSS7.6AI score0.01981EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/04/08 9:12 p.m.9 views

CVE-2023-32611 affecting package glib for versions less than 2.71.0-4

CVE-2023-32611 affecting package glib for versions less than 2.71.0-4. A patched version of the package is available...

5.5CVSS7AI score0.00376EPSS
Exploits0
CVE
CVE
added 2025/03/19 5:36 p.m.116 views

CVE-2025-29925

XWiki Platform REST API vulnerability CVE-2025-29925: the /rest/wikis/[wikiName]/pages endpoint could disclose information about protected/private pages to unauthenticated users before fixes. The issue occurs because the endpoint listed pages even when the user had no view rights, notably when th...

8.7CVSS6.3AI score0.00906EPSS
In wildExploits1References5Affected Software1
CBLMariner
CBLMariner
added 2025/03/07 4:7 p.m.10 views

CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15

CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15. A patched version of the package is available...

7.5CVSS7.7AI score0.00868EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/01/31 4:8 p.m.9 views

CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38

CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38. A patched version of the package is available...

5.3CVSS6.2AI score0.04459EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/12/26 6:43 p.m.7 views

CVE-2023-38469 affecting package avahi for versions less than 0.8-3

CVE-2023-38469 affecting package avahi for versions less than 0.8-3. A patched version of the package is available...

6.2CVSS7AI score0.00308EPSS
Exploits0
Rows per page
Query Builder