Lucene search
K

38442 matches found

UbuntuCve
UbuntuCve
added 2026/03/25 12:0 a.m.3 views

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS7.3AI score0.0036EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.5 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. Vulnerabilities exist in versions 9.20.0 to 9.20.20, 9.21.0 to 9.21.19, and 9.20.9-S1 to 9.20.20-S1 of ISC BIND 9. These vulnerabilities stem from the reuse of resources after handling DNS queries signed with SIG0; thi...

5.4CVSS7.5AI score0.0036EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.4 views

PT-2026-27827

Name of the Vulnerable Software and Affected Versions Elated-Themes Amoli versions through 1.0 Description A flaw exists in Elated-Themes Amoli that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This issue enables the inclusion of local...

8.1CVSS5.9AI score0.00504EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/25 12:0 a.m.3 views

Security update for protobuf (moderate)

openSUSE security update: security update for protobuf ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20390-1 Rating: moderate References: bsc1244663 bsc1244918 bsc1257173 Cross-References: CVE-2025-4565 CVE-2026-0994 CVSS scores: CVE-2025-4565 SUS...

8.2CVSS6.8AI score0.00613EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-21714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak occurs in Node.js HTTP/2 servers when a client sends WINDOWUPDATE frames on stream 0 connection-level that cause the flow control window to exceed...

5.3CVSS6.6AI score0.00454EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-23298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-28156

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, missing authorization in the AJAX deletion endpoint interface/forms/procedure order/handle deletions.php allows any authenticated user, regardless of role, to...

7.1CVSS5.8AI score0.00415EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.7 views

PT-2026-27927

Name of the Vulnerable Software and Affected Versions eyecix Addon Jobsearch Chat versions through 3.0 Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-Site Scripting XSS. This issue impacts the Addon Jobsearc...

7.1CVSS5.9AI score0.00175EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.9 views

PT-2026-28175

Name of the Vulnerable Software and Affected Versions PrestaShop versions prior to 8.2.5 PrestaShop versions prior to 9.1.0 Description PrestaShop, an open source e-commerce web application, experiences an issue due to improper use of its validation framework. No workarounds are currently...

2CVSS5.8AI score0.00237EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

WordPress plugin Kiddy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-23379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quan...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.13 views

ISC BIND 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Vulnerability (cve-2026-3591)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3591 advisory. - A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a...

5.4CVSS5.9AI score0.0036EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.5 views

WordPress plugin Print Invoice & Delivery Notes for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of zero-length messages. This vulnerability could lead to infinite loops and...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-28369

Name of the Vulnerable Software and Affected Versions: Grafana versions 11.6.0 through 11.6.14, 12.0.0 through 12.1.10, 12.2.0 through 12.2.8, 12.3.0 through 12.3.6, and 12.4.0 through 12.4.2. Description: A chained attack involving SQL Expressions and a Grafana Enterprise plugin can lead to remo...

9.1CVSS6.7AI score0.01929EPSS
Exploits0References119
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.9 views

PT-2026-27986

Name of the Vulnerable Software and Affected Versions magepeopleteam Bus Ticket Booking with Seat Reservation versions through 5.6.0 Description The software contains a flaw related to the deserialization of untrusted data, which allows for object injection. This issue impacts Bus Ticket Booking...

9.8CVSS5.9AI score0.00375EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-33102

Name of the Vulnerable Software and Affected Versions xwayland versions prior to 24.1.9-2.1 xorg-x11-server versions prior to 21.1.21-5.1 Description Security issues were identified in xwayland and xorg-x11-server. Recommendations Update xwayland to version 24.1.9-2.1. Update xorg-x11-server to...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References145
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by a zero overflow error, which may lead to kernel crashes...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-27970

Name of the Vulnerable Software and Affected Versions uxper Golo versions through 1.7.0 Description An incorrect privilege assignment exists in uxper Golo, allowing for privilege escalation. Recommendations Update uxper Golo to a version later than 1.7.0...

9.8CVSS5.9AI score0.00321EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-26209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial ...

7.5CVSS7.2AI score0.00417EPSS
Exploits1References3
Rows per page
Query Builder