Lucene search
K

80 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.16 views

Unity Linux 20.1070e Security Update: mysql-connector-java (UTSA-2026-016694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016694 advisory. Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 8.0.15 and prior. Difficult to...

6.3CVSS6.7AI score0.00501EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.13 views

PT-2026-38473

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Libmodsecurity is one component of the ModSecurity v3 project. A segmentation fault occurs when a rule using the t:hexDecode transformation inspects a query string parameter containing a...

8.2CVSS5.5AI score0.00435EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/05 6:46 p.m.36 views

CVE-2026-30923 libModSecurity3 denial of service via segfault when using t:hexDecode on single-character query strings

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Libmodsecurity is one component of the ModSecurity v3 project. A segmentation fault occurs when a rule using the t:hexDecode transformation inspects a query string parameter containing a...

8.2CVSS0.00435EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2026/04/16 12:0 a.m.7 views

.NET 9.0 security update

9.0.116-1.0.1 - Add support for Oracle Linux 9.0.116-1 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163389...

7.5CVSS5.7AI score0.02279EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/04/02 2:38 p.m.6 views

CVE-2026-31937

Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15...

7.5CVSS5.2AI score0.00351EPSS
Exploits0
EUVD
EUVD
added 2026/04/02 2:38 p.m.4 views

EUVD-2026-18246

Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 2:16 p.m.6 views

CVE-2026-31933

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4...

7.5CVSS0.00351EPSS
Exploits0References2
OSV
OSV
added 2026/04/02 2:16 p.m.3 views

UBUNTU-CVE-2026-31932

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4...

7.5CVSS5.7AI score0.00267EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/02 2:2 p.m.1 views

CVE-2026-31932 Suricata krb5: quadratic complexity in krb5 buffering

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.6 views

Suricata 安全漏洞

Suricata is a network IDS, IPS, and NSM engine developed by the Open Information Security Foundation. Vulnerabilities existed in versions prior to Suricata 7.0.15 and 8.0.4. These vulnerabilities were caused by specially crafted traffic, which could slow down Suricata’s operation in IDS mode,...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.4 views

PT-2026-26942

Name of the Vulnerable Software and Affected Versions Suricata affected versions not specified Description Security issues have been resolved in the libsuricata8 0 4-8.0.4-1.1 package on openSUSE Tumbleweed. Recommendations At the moment, there is no information about a newer version that contain...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References11
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.5 views

CVE-2025-58190 affecting package telegraf for versions less than 1.31.0-15

CVE-2025-58190 affecting package telegraf for versions less than 1.31.0-15. A patched version of the package is available...

5.3CVSS5.8AI score0.00482EPSS
Exploits1
CNNVD
CNNVD
added 2026/03/08 12:0 a.m.7 views

ffmate 参数注入漏洞

ffmate is an automated media processing engine open sourced by We Love Media. Versions of ffmate 2.0.15 and earlier had a parameter injection vulnerability. This vulnerability stemmed from incorrect operations on the Execute function in the file /internal/service/ffmpeg/ffmpeg.go, which could lea...

6.5CVSS6.6AI score0.00232EPSS
Exploits0References5
CVE
CVE
added 2026/02/20 3:46 p.m.11 views

CVE-2025-68000

CVE-2025-68000 is a Missing Authorization (Broken Access Control) vulnerability in PickPlugins Testimonial Slider for WordPress, affecting version(s) up to 2.0.15. Public sources (NVD/Red Hat/CVE) confirm the issue and version range. PT-Security recommends upgrading to a version later than 2.0.15...

6.5CVSS5.5AI score0.00315EPSS
Exploits0References1
CVE
CVE
added 2026/01/17 6:42 a.m.28 views

CVE-2025-12984

The CVE-2025-12984 entry pertains to the WordPress plugin Advanced Ads – Ad Manager & AdSense. It describes an SQL Injection in the order parameter affecting all versions up to 2.0.15 due to insufficient escaping and inadequate query preparation. The vulnerability requires authenticated Administr...

4.9CVSS6.2AI score0.00325EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.9 views

Mozilla Firefox < 3.0.15

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 3.0.15. It is, therefore, affected by a vulnerability as referenced in the mfsa2009-55 advisory. - Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute...

9.3CVSS8.1AI score0.03985EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/21 6:33 p.m.10 views

CVE-2025-11979

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

6.5CVSS7AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.4 views

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions 7.0 up to and including 7.0.25, 8.0 up...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.3 views

Eclipse GlassFish 跨站脚本漏洞

Eclipse GlassFish is an open source application server from the Eclipse Foundation. A cross-site scripting vulnerability exists in Eclipse GlassFish version 7.0.15, which stems from a stored cross-site scripting attack risk in the management console...

6.1CVSS5.8AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:48 a.m.10 views

CVE-2023-32288

Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM file may lead to information disclosure and/or arbitrary code execution...

7.8CVSS7AI score0.00252EPSS
Exploits0References1
Rows per page
Query Builder