Lucene search
K

726 matches found

UbuntuCve
UbuntuCve
added 2026/02/02 11:16 p.m.9 views

CVE-2025-6596

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/portlets.Js, resources/skins.Vector.Legacy.Js/portlets.Js. This issue affects Vecto...

5.9AI score0.00386EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/02 11:16 p.m.3 views

CVE-2025-6592

Vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue affects AbuseFilter: from fe0b1cb9e9691faf4d8d9bd80646589f6ec37615 before 1.43.2, 1.44.0...

2.1CVSS5.9AI score0.00359EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/02 11:16 p.m.4 views

CVE-2025-6927

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php, includes/api/ApiQueryBlocks.Php. This issue affects MediaWiki: from = 1.42.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

2.3CVSS5.9AI score0.00454EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/02 11:16 p.m.4 views

CVE-2025-6594

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandbox.Js. This issue affects MediaWiki: from 1.27.0 before...

4.7CVSS5.9AI score0.0027EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/02/02 11:3 p.m.11 views

CVE-2025-6590

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php. This issue affects MediaWiki: from through 1.39.12, 1.42.76 1.43.1, 1.44.0...

4.6CVSS5.2AI score0.00325EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/02 11:2 p.m.5 views

CVE-2025-6592

Vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue affects AbuseFilter: from fe0b1cb9e9691faf4d8d9bd80646589f6ec37615 before 1.43.2, 1.44.0...

2.1CVSS5.2AI score0.00359EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/02 11:1 p.m.7 views

CVE-2025-6593

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php. This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

2.1CVSS5.2AI score0.00396EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/02 10:59 p.m.6 views

CVE-2025-6595

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from before 1.39.13, 1.42.7, 1.43.2, 1.44.0...

4.7CVSS5.2AI score0.0027EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/02 10:58 p.m.5 views

CVE-2025-6596

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/portlets.Js, resources/skins.Vector.Legacy.Js/portlets.Js. This issue affects Vecto...

5.3AI score0.00386EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/02 10:55 p.m.8 views

CVE-2025-6927

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php, includes/api/ApiQueryBlocks.Php. This issue affects MediaWiki: from = 1.42.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

2.3CVSS5.2AI score0.00454EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/01/16 6:16 p.m.9 views

CVE-2025-31510

In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting XSS allows remote attackers to inject arbitrary web script or HTML into the login page via the tab parameter, for Choice authentication...

7.2CVSS5.9AI score0.00378EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/08/07 1:30 a.m.8 views

CVE-2025-8582

Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

4.3CVSS4.9AI score0.00223EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/08/05 12:0 a.m.5 views

CVE-2025-8584

A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function avbufferunref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to null pointer dereference. Local access is required to approach this...

4.8CVSS4.9AI score0.00206EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2025/08/02 11:15 p.m.3 views

CVE-2023-32253

A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service...

5.9CVSS6.2AI score0.00298EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/08/01 6:15 p.m.3 views

CVE-2023-32256

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

7.5CVSS7AI score0.00526EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/07/31 8:15 p.m.9 views

CVE-2025-45770

jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant ...

7CVSS5.8AI score0.00124EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/07/30 3:15 p.m.2 views

CVE-2025-53112

GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.1.0 through 10.0.18, a lack of permission checks can result in unauthorized removal of some specific resources. This is fixed in version 10.0.1...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/28 7:15 p.m.2 views

CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

3.7CVSS5.8AI score0.0029EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/07/28 12:15 p.m.3 views

CVE-2025-38490

In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate pagepoolputfullpage pagepoolputfullpage should only be invoked when freeing Rx buffers or building a skb if the size is too short. At other times, the pages need to be reused. So remove the redundant...

7.8CVSS6.4AI score0.00151EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2025/07/28 12:15 p.m.3 views

CVE-2025-38480

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insnrwemulatebits For Comedi INSNREAD and INSNWRITE instructions on "digital" subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevice drive...

5.5CVSS6.1AI score0.00158EPSS
Exploits0References38
Rows per page
Query Builder