Lucene search
K

38460 matches found

Snyk
Snyk
added 2026/03/17 7:42 p.m.3 views

Incorrect Implementation of Authentication Algorithm

Overview Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm due to an error in the protocol implementation when handling the User Supplied Secret USS digest in the LoadApp function. An attacker can cause the Compound Device Identifier CDI to b...

7.6CVSS5.9AI score0.00246EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/17 7:41 p.m.2 views

CVE-2026-25936 GLPI Vulnerable to Authenticated SQL Injection

GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, an authenticated user can perfom a SQL injection. Version 11.0.6 fixes the issue...

6.5CVSS5.8AI score0.00339EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/17 6:26 p.m.12 views

mysql: Optimizer unspecified vulnerability (CPU Jan 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00337EPSS
Exploits0References6
CVE
CVE
added 2026/03/17 6:0 p.m.11 views

CVE-2026-21570

The CVE-2026-21570 entry describes a high-severity remote code execution in Atlassian Bamboo Data Center. Affected releases include 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0. An authenticated attacker can execute code on the remote system (CVSS v4.0 base score 8.6, attack ...

8.6CVSS6.1AI score0.00507EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/17 5:20 p.m.14 views

glibc: glibc: Information disclosure via zero-valued network query

A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...

7.5CVSS5.8AI score0.00564EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/17 5:12 p.m.5 views

Out-of-bounds Write

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References2
OSV
OSV
added 2026/03/17 5:12 p.m.4 views

GHSA-GC62-2V5P-QPMP ImageMagick has a heap-buffer-overflow in NewXMLTree which could result in crash

The NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte...

5.3CVSS5.8AI score0.00475EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/17 5:12 p.m.6 views

ImageMagick has a heap-buffer-overflow in NewXMLTree which could result in crash

The NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References5Affected Software19
RedHat Linux
RedHat Linux
added 2026/03/17 3:0 p.m.5 views

kernel: svcrdma: use rc_pageoff for memcpy byte offset

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

5.7AI score0.00166EPSS
Exploits0References5
HackRead
HackRead
added 2026/03/17 1:17 p.m.7 views

Enterprise Cloud Network Solutions for Multi-Cloud Environments: Top Platforms

Enterprise Cloud Network Solutions secure multi-cloud environments with Zero Trust, visibility, and threat prevention across users, apps, and distributed data systems...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/03/17 12:0 p.m.9 views

Insufficient validation of PAX extensions during extraction

In versions 0.5.6 and earlier of astral-tokio-tar, malformed PAX extensions were silently skipped when parsing tar archives. This silent skipping rather than rejection of invalid PAX extensions could be used as a building block for a parser differential, for example by silently skipping a malform...

6.3CVSS5.7AI score0.00249EPSS
Exploits0Affected Software1
HackRead
HackRead
added 2026/03/17 10:49 a.m.5 views

New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit

The new infostealer campaign spreads Vidar 2.0 via fake game cheats on GitHub and Reddit, stealing crypto, login tokens, and files while targeting young gamers ignoring security warnings...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/17 10:35 a.m.9 views

Security Bulletin: IBM Informix 12.10.xC16W6 updated to use the latest version of Java to address the Java vulnerabilities.

Summary IBM's Java version has been updated to 8.0.8.60 with Informix 12.10.xC16W6 to address multiple IBM Java vulnerabilities Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all...

9.8CVSS6.3AI score0.00864EPSS
Exploits1Affected Software1
EUVD
EUVD
added 2026/03/17 6:31 a.m.5 views

EUVD-2026-12536

A security flaw has been discovered in frdel/agent0ai agent-zero 0.9.7-10. The impacted element is the function getabspath of the file python/helpers/files.py. The manipulation results in path traversal. The attack can be executed remotely. The exploit has been released to the public and may be...

5.3CVSS5.5AI score0.00357EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 6:31 a.m.12 views

EUVD-2026-12538

A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/17 6:25 a.m.6 views

Malicious code in whatfix-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 003442c235ba313d832b958d8170e59f28d9af34abdd1f33a832c6c2cd263696 The package whatfix-icons was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/03/17 4:45 a.m.4 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the uclobjectemit function when operating in UCLPARSERZEROCOPY mode and processing input containing a key with an embedded null byte. An attacker can cause a segmentation fault and disrupt service by submitting...

8.3CVSS5.8AI score0.00387EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/17 4:2 a.m.4 views

CVE-2026-4308

A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/17 4:2 a.m.3 views

CVE-2026-4308 frdel/agent0ai agent-zero document_query.py handle_pdf_document server-side request forgery

A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/17 4:2 a.m.36 views

CVE-2026-4308 frdel/agent0ai agent-zero document_query.py handle_pdf_document server-side request forgery

A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...

6.5CVSS0.00201EPSS
Exploits0References5
Rows per page
Query Builder