Lucene search
K
OsvMost viewed

907558 matches found

OSV
OSV
added 2021/06/27 12:0 a.m.54 views

DLA-2692-1 bluez - security update

Bulletin has no description...

5.7CVSS6.4AI score0.00872EPSS
Exploits0
OSV
OSV
added 2021/06/05 12:0 a.m.54 views

DLA-2677-1 libwebp - security update

Bulletin has no description...

9.8CVSS7.5AI score0.02662EPSS
Exploits0
OSV
OSV
added 2021/05/11 4:43 p.m.54 views

GHSA-3Q6F-8GRX-PR4V Cross-site scripting in jspdf

It's possible to use nested script tags in order to bypass the filtering regex...

6.1CVSS6.2AI score0.01573EPSS
Exploits1References8
OSV
OSV
added 2021/04/05 12:0 a.m.54 views

DSA-4885-1 netty - security update

Bulletin has no description...

9.1CVSS7.5AI score0.18891EPSS
Exploits4
OSV
OSV
added 2021/02/16 5:15 p.m.54 views

CVE-2021-23839

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...

3.7CVSS1.9AI score
Exploits0References10
OSV
OSV
added 2021/02/06 12:0 a.m.54 views

DLA-2546-1 intel-microcode - security update

Bulletin has no description...

5.5CVSS6.2AI score0.0051EPSS
Exploits0
OSV
OSV
added 2020/04/29 9:15 p.m.54 views

CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. This problem is patched in jQuery 3.5.0...

6.1CVSS6.4AI score0.8383EPSS
Exploits6References67
OSV
OSV
added 2019/11/20 1:39 a.m.54 views

GHSA-VVWV-H69M-WG6F XXE in PHPSpreadsheet due to incomplete fix for previous encoding issue

PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...

8.8CVSS8.5AI score0.0135EPSS
Exploits1References8
OSV
OSV
added 2019/05/25 12:0 a.m.54 views

DLA-1804-1 curl - security update

Bulletin has no description...

7.8CVSS7.8AI score0.49739EPSS
Exploits1
OSV
OSV
added 2019/04/24 12:0 a.m.54 views

DLA-1762-1 systemd - security update

Bulletin has no description...

7.8CVSS7.4AI score0.01217EPSS
Exploits6
OSV
OSV
added 2019/01/22 12:0 a.m.54 views

DLA-1638-1 libjpeg-turbo - security update

Bulletin has no description...

8.8CVSS7.5AI score0.04898EPSS
Exploits3
OSV
OSV
added 2019/01/09 5:29 a.m.54 views

CVE-2018-20676

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute...

6.1CVSS5.8AI score
Exploits0References13
OSV
OSV
added 2018/07/14 12:0 a.m.54 views

DLA-1423-1 linux-4.9 - security update

Bulletin has no description...

7.8CVSS7.8AI score0.93838EPSS
Exploits25
OSV
OSV
added 2018/07/05 6:39 a.m.54 views

SUSE-SU-2018:1886-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2018-12882: exifreadfromimpl allowed attackers to trigger a use-after-free in exifreadfromfile because it closed a stream that it is not responsible for closing bsc1099098...

9.8CVSS8.5AI score0.068EPSS
Exploits0References3
OSV
OSV
added 2018/04/01 12:0 a.m.54 views

DSA-4161-1 python-django - security update

Bulletin has no description...

5.3CVSS5.5AI score0.04772EPSS
Exploits0
OSV
OSV
added 2018/03/28 12:0 a.m.54 views

DLA-1325-1 drupal7 - security update

Bulletin has no description...

9.8CVSS9.9AI score0.99993EPSS
Exploits46
OSV
OSV
added 2018/03/26 12:0 a.m.54 views

DLA-1317-1 net-snmp - security update

Bulletin has no description...

9.8CVSS7.9AI score0.40002EPSS
Exploits2
OSV
OSV
added 2018/01/09 12:0 a.m.54 views

DSA-4082-1 linux - security update

Bulletin has no description...

7.8CVSS8.1AI score0.84172EPSS
Exploits11
OSV
OSV
added 2017/10/24 6:33 p.m.54 views

GHSA-PCHC-949F-53M5 Improper Input Validation in multi_xml

multixml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption involvin...

7.5CVSS7.8AI score0.03655EPSS
Exploits0References7
OSV
OSV
added 2017/10/24 6:33 p.m.54 views

GHSA-JMGW-6VJG-JJWG actionpack Improper Input Validation vulnerability

activesupport/coreext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a...

7.5CVSS7.7AI score0.99449EPSS
Exploits21References16
OSV
OSV
added 2017/07/02 12:0 a.m.54 views

DLA-1009-1 apache2 - security update

Bulletin has no description...

9.8CVSS8.8AI score0.57472EPSS
Exploits4
OSV
OSV
added 2017/02/28 12:0 a.m.54 views

DLA-842-1 qemu-kvm - security update

Bulletin has no description...

9.9CVSS7.2AI score0.03648EPSS
Exploits0
OSV
OSV
added 2016/12/18 12:0 a.m.54 views

DLA-753-1 tomcat7 - security update

Bulletin has no description...

7.8CVSS7AI score0.00747EPSS
Exploits0
OSV
OSV
added 2016/06/28 12:0 a.m.54 views

DSA-3607-1 linux - security update

Bulletin has no description...

10CVSS7.7AI score0.2593EPSS
Exploits50
OSV
OSV
added 2016/03/01 12:0 a.m.55 views

DSA-3500-1 openssl - security update

Bulletin has no description...

10CVSS6.5AI score0.53655EPSS
Exploits1
OSV
OSV
added 2015/04/24 12:0 a.m.54 views

DSA-3235-1 openjdk-7 - security update

Bulletin has no description...

10CVSS5.7AI score0.07224EPSS
Exploits0
OSV
OSV
added 2015/04/12 12:0 a.m.54 views

DSA-3223-1 ntp - security update

Bulletin has no description...

7.5CVSS6.3AI score0.05292EPSS
Exploits0
OSV
OSV
added 2014/11/04 12:0 a.m.54 views

DSA-3064-1 php5 - security update

Bulletin has no description...

7.5CVSS7.8AI score0.28862EPSS
Exploits4
OSV
OSV
added 2014/07/08 12:0 a.m.54 views

DSA-2974-1 php5 - security update

Bulletin has no description...

7.5CVSS7.7AI score0.30128EPSS
Exploits6
OSV
OSV
added 2014/04/24 12:0 a.m.54 views

DSA-2912-1 openjdk-6 - security update

Bulletin has no description...

10CVSS7.3AI score0.0751EPSS
Exploits0
OSV
OSV
added 2013/12/12 12:0 a.m.54 views

DSA-2816-1 php5 - several

Bulletin has no description...

7.5CVSS7.4AI score0.35635EPSS
Exploits8
OSV
OSV
added 2013/01/09 12:0 a.m.54 views

DSA-2604-1 rails - insufficient input validation

Bulletin has no description...

7.5CVSS7.4AI score0.99449EPSS
Exploits21
OSV
OSV
added 2009/06/28 12:0 a.m.54 views

DSA-1845-1 linux-2.6 - several vulnerabilities

Bulletin has no description...

7.2CVSS6.5AI score0.00594EPSS
Exploits4
OSV
OSV
added 2008/05/13 12:0 a.m.54 views

DSA-1571-1 openssl - predictable random number generator

Bulletin has no description...

9.3CVSS6.9AI score0.70721EPSS
Exploits9
OSV
OSV
added 2008/02/10 12:0 a.m.54 views

DSA-1489-1 iceweasel - several vulnerabilities

Bulletin has no description...

9.3CVSS9.7AI score0.08633EPSS
Exploits5
OSV
OSV
added 2007/07/23 12:0 a.m.54 views

DSA-1338-1 iceweasel

Bulletin has no description...

9.3CVSS9.6AI score0.04618EPSS
Exploits3
OSV
OSV
added 2006/08/29 12:0 a.m.54 views

DSA-1160 mozilla - several

Bulletin has no description...

9.3CVSS6.4AI score0.0747EPSS
Exploits0
OSV
OSV
added 2006/08/02 12:0 a.m.54 views

DSA-1137-1 tiff - several vulnerabilities

Bulletin has no description...

7.8CVSS6.5AI score0.53046EPSS
Exploits13
OSV
OSV
added 2006/07/22 12:0 a.m.54 views

DSA-1118 mozilla - several

Bulletin has no description...

9.3CVSS6.8AI score0.07251EPSS
Exploits0
OSV
OSV
added 2005/12/14 12:0 a.m.54 views

DSA-922-1 kernel-source-2.6.8 - several

Bulletin has no description...

7.5CVSS5.6AI score0.04626EPSS
Exploits7
OSV
OSV
added 2004/04/14 12:0 a.m.54 views

DSA-479 linux-kernel-2.4.18-alpha+i386+powerpc - several vulnerabilities

Bulletin has no description...

7.2CVSS6.2AI score0.02603EPSS
Exploits0
OSV
OSV
added 2026/05/08 10:5 a.m.53 views

RHSA-2026:14823 Red Hat Security Advisory: kernel security update

Bulletin has no description...

7.8CVSS5.7AI score0.0049EPSS
Exploits0References12
OSV
OSV
added 2025/06/01 12:0 a.m.53 views

ASB-A-386950836

In AccessibilityServiceConnection.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7AI score0.00079EPSS
Exploits0References2
OSV
OSV
added 2024/10/02 5:7 a.m.53 views

RHSA-2024:7001 Red Hat Security Advisory: kernel-rt security update

Bulletin has no description...

7.8CVSS7.7AI score0.01028EPSS
Exploits2References653
OSV
OSV
added 2024/10/02 5:6 a.m.53 views

RHSA-2024:5101 Red Hat Security Advisory: kernel security update

Bulletin has no description...

7.8CVSS8AI score0.08555EPSS
Exploits3References863
OSV
OSV
added 2024/09/30 4:32 p.m.53 views

RHSA-2023:1044 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8

Bulletin has no description...

9.8CVSS8.1AI score0.99615EPSS
Exploits41References147
OSV
OSV
added 2024/09/30 2:24 a.m.53 views

RHSA-2022:8840 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update

Bulletin has no description...

9.8CVSS8.9AI score0.95764EPSS
Exploits14References87
OSV
OSV
added 2024/09/16 12:41 p.m.53 views

RHSA-2023:6535 Red Hat Security Advisory: webkit2gtk3 security, bug fix, and enhancement update

Bulletin has no description...

9.8CVSS7.2AI score0.01356EPSS
Exploits0References101
OSV
OSV
added 2024/08/08 12:0 a.m.53 views

ALSA-2024:5102 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: tracing: Restructure traceclockglobal to...

9.8CVSS8.7AI score0.08555EPSS
Exploits3References300
OSV
OSV
added 2024/07/03 7:17 a.m.53 views

BIT-APACHE-2024-38475 Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.

Improper escaping of output in modrewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure...

9.1CVSS9.8AI score0.99957EPSS
Exploits1References8
Total number of security vulnerabilities5000