Lucene search
K
OsvMost viewed

907648 matches found

OSV
OSV
•added 2020/11/23 12:0 a.m.•51 views

DSA-4797-1 webkit2gtk - security update

Bulletin has no description...

8.8CVSS7.9AI score0.04528EPSS
Exploits2
OSV
OSV
•added 2020/11/17 12:0 a.m.•51 views

DSA-4792-1 openldap - security update

Bulletin has no description...

7.5CVSS7.7AI score0.02858EPSS
Exploits0
OSV
OSV
•added 2020/11/06 2:15 p.m.•51 views

PYSEC-2020-26

Synopsys hub-rest-api-python aka blackduck on PyPI version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases...

7.5CVSS3.4AI score0.01112EPSS
Exploits1References6
OSV
OSV
•added 2020/04/14 3:27 p.m.•51 views

GHSA-G2F6-V5QH-H2MQ Nexus Repository Manager 3 - Remote Code Execution

Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...

8.8CVSS8.7AI score0.99064EPSS
Exploits10References8
OSV
OSV
•added 2019/11/19 6:15 p.m.•51 views

CVE-2019-18934

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with --enable-ipsecmod support, and ipsecmod is enabled and used in the configuration...

7.3CVSS7.1AI score0.03212EPSS
Exploits1References7
OSV
OSV
•added 2019/08/24 12:0 a.m.•51 views

DLA-1896-1 commons-beanutils - security update

Bulletin has no description...

7.5CVSS7.5AI score0.28839EPSS
Exploits1
OSV
OSV
•added 2019/08/15 5:31 p.m.•51 views

ALSA-2019:2511 Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: mysql 8.0.17. Security Fixes: mysql: Server: Replication multiple unspecified vulnerabilities...

7.1CVSS7.8AI score0.04457EPSS
Exploits0References100
OSV
OSV
•added 2018/11/07 12:0 a.m.•51 views

DLA-1570-1 mariadb-10.0 - security update

Bulletin has no description...

6.5CVSS6.6AI score0.03968EPSS
Exploits0
OSV
OSV
•added 2018/07/27 12:0 a.m.•51 views

DLA-1445-1 busybox - security update

Bulletin has no description...

9.8CVSS7.3AI score0.32381EPSS
Exploits17
OSV
OSV
•added 2018/03/12 9:29 p.m.•51 views

CVE-2016-9953

The verifycertificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service crash, or possibly have unspecified other impact via a wildcard...

9.8CVSS9.2AI score0.01831EPSS
Exploits0References2
OSV
OSV
•added 2017/11/17 5:29 a.m.•51 views

CVE-2017-1000158

CPython aka Python up to 2.7.13 is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-based buffer overflow and possible arbitrary code execution...

9.8CVSS5.1AI score
Exploits0References9
OSV
OSV
•added 2017/08/04 12:0 a.m.•51 views

DSA-3925-1 qemu - security update

Bulletin has no description...

7.5CVSS6.5AI score0.04093EPSS
Exploits0
OSV
OSV
•added 2016/09/23 12:0 a.m.•51 views

DSA-3673-2 openssl - regression update

Bulletin has no description...

6.8AI score
Exploits0
OSV
OSV
•added 2016/06/08 12:0 a.m.•51 views

DLA-508-1 expat - security update

Bulletin has no description...

7.8CVSS7AI score0.06539EPSS
Exploits0
OSV
OSV
•added 2015/11/10 12:0 a.m.•51 views

DSA-3396-1 linux - security update

Bulletin has no description...

5.9CVSS7.4AI score0.00675EPSS
Exploits1
OSV
OSV
•added 2015/06/07 12:0 a.m.•51 views

DSA-3280-1 php5 - security update

Bulletin has no description...

7.5CVSS7.7AI score0.50129EPSS
Exploits7
OSV
OSV
•added 2015/05/02 12:0 a.m.•51 views

DSA-3245-1 ruby1.8 - security update

Bulletin has no description...

5.9CVSS6AI score0.02815EPSS
Exploits0
OSV
OSV
•added 2015/04/29 12:0 a.m.•51 views

DLA-212-1 php5 - security update

Bulletin has no description...

7.5CVSS7.8AI score0.38434EPSS
Exploits12
OSV
OSV
•added 2014/11/28 12:0 a.m.•51 views

DLA-96-1 openjdk-6 - security update

Bulletin has no description...

9.3CVSS5AI score0.06118EPSS
Exploits0
OSV
OSV
•added 2014/07/31 12:0 a.m.•51 views

DLA-17-1 tor - new upstream version

Bulletin has no description...

5.8CVSS7.4AI score0.03146EPSS
Exploits0
OSV
OSV
•added 2014/05/16 12:0 a.m.•51 views

DSA-2929-1 ruby-actionpack-3.2 - security update

Bulletin has no description...

7.5CVSS6.8AI score0.53703EPSS
Exploits2
OSV
OSV
•added 2013/10/10 12:0 a.m.•51 views

DSA-2774-1 gnupg2 - several

Bulletin has no description...

5.8CVSS7.8AI score0.0503EPSS
Exploits0
OSV
OSV
•added 2012/05/09 12:0 a.m.•51 views

DSA-2465-1 php5 - several

Bulletin has no description...

9.8CVSS10AI score0.99998EPSS
Exploits44
OSV
OSV
•added 2011/12/18 12:0 a.m.•51 views

DSA-2365-1 dtc - several

Bulletin has no description...

6.5CVSS6AI score0.01555EPSS
Exploits0
OSV
OSV
•added 2010/11/01 12:0 a.m.•51 views

DSA-2123-1 nss - cryptographic weaknesses

Bulletin has no description...

7.5CVSS8.8AI score0.02408EPSS
Exploits0
OSV
OSV
•added 2008/11/17 12:0 a.m.•51 views

DSA-1666-1 libxml2 - several vulnerabilities

Bulletin has no description...

10CVSS6.5AI score0.04051EPSS
Exploits1
OSV
OSV
•added 2008/09/16 12:0 a.m.•51 views

DSA-1638-1 openssh - denial of service

Bulletin has no description...

9.3CVSS8.3AI score0.44963EPSS
Exploits7
OSV
OSV
•added 2008/09/11 12:0 a.m.•51 views

DSA-1636-1 linux-2.6.24 - several vulnerabilities

Bulletin has no description...

9.3CVSS6AI score0.04353EPSS
Exploits12
OSV
OSV
•added 2007/04/26 12:0 a.m.•51 views

DSA-1282-1 php4

Bulletin has no description...

7.8CVSS7.7AI score0.40435EPSS
Exploits12
OSV
OSV
•added 2005/09/19 12:0 a.m.•51 views

DSA-816-1 xfree86 - integer overflow

Bulletin has no description...

5.1CVSS6.2AI score0.03923EPSS
Exploits0
OSV
OSV
•added 2003/06/09 12:0 a.m.•51 views

DSA-312 kernel-patch-2.4.18-powerpc - several vulnerabilities

Bulletin has no description...

10CVSS5.2AI score0.73006EPSS
Exploits20
OSV
OSV
•added 2026/04/22 2:16 p.m.•50 views

DEBIAN-CVE-2026-31488

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes in DSC validation Starting with commit 17ce8a6907f7 "drm/amd/display: Add dsc pre-validation in atomic check", amdgpu resets the CRTC state modechanged flag to false when...

7.8CVSS5.4AI score0.00135EPSS
Exploits0References1
OSV
OSV
•added 2025/07/17 8:9 a.m.•50 views

BIT-TOMCAT-2024-23672 Apache Tomcat: WebSocket DoS with incomplete closing handshake

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0 through 11.0.0, from 10.1.0 through 10.1.18, from 9.0.0 through...

6.3CVSS6.6AI score0.02313EPSS
Exploits0References7
OSV
OSV
•added 2025/06/01 12:0 a.m.•50 views

ASB-A-388828203

In multiple functions of LocationProviderManager.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7AI score0.00086EPSS
Exploits0References2
OSV
OSV
•added 2025/06/01 12:0 a.m.•50 views

ASB-A-367274727

In addattr of sdpdiscovery.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS6.4AI score0.00262EPSS
Exploits0References2
OSV
OSV
•added 2025/06/01 12:0 a.m.•50 views

ASB-A-387498139

In multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.6AI score0.00076EPSS
Exploits0References2
OSV
OSV
•added 2025/03/21 9:42 p.m.•50 views

CVE-2025-30204 jwt-go allows excessive memory allocation during header parsing

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

7.5CVSS6.5AI score0.00693EPSS
Exploits0References6
OSV
OSV
•added 2024/10/21 10:15 p.m.•50 views

RHSA-2019:1529 Red Hat Security Advisory: pki-deps:10.6 security update

Bulletin has no description...

9.1CVSS6.8AI score0.94494EPSS
Exploits3References26
OSV
OSV
•added 2024/10/02 12:13 a.m.•50 views

RHSA-2023:1325 Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Bulletin has no description...

8.2CVSS8.6AI score0.05623EPSS
Exploits1References84
OSV
OSV
•added 2024/10/01 5:13 p.m.•50 views

RHSA-2019:4126 Red Hat Security Advisory: httpd24-httpd security, bug fix, and enhancement update

Bulletin has no description...

7.1CVSS7AI score0.81466EPSS
Exploits4References36
OSV
OSV
•added 2024/09/30 2:43 p.m.•50 views

RHSA-2023:1744 Red Hat Security Advisory: rh-nodejs14-nodejs security, bug fix, and enhancement update

Bulletin has no description...

8.6CVSS7AI score0.24928EPSS
Exploits3References27
OSV
OSV
•added 2024/09/16 2:9 a.m.•50 views

RHBA-2019:0326 Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update

Bulletin has no description...

8.8CVSS6.4AI score0.98428EPSS
Exploits17References106
OSV
OSV
•added 2024/09/14 2:10 a.m.•50 views

RHSA-2024:4312 Red Hat Security Advisory: openssh security update

Bulletin has no description...

8.1CVSS7.9AI score0.99506EPSS
Exploits68References10
OSV
OSV
•added 2024/09/10 6:50 p.m.•50 views

CVE-2024-45409 The Ruby SAML library vulnerable to a SAML authentication bypass via Incorrect XPath selector

The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document by the IdP can thus forge a SAML...

10CVSS9.4AI score0.10684EPSS
Exploits3References10
OSV
OSV
•added 2024/08/20 8:31 p.m.•50 views

GO-2023-1912 mx-chain-go's relayed transactions always increment nonce in github.com/multiversx/mx-chain-go

mx-chain-go's relayed transactions always increment nonce in github.com/multiversx/mx-chain-go...

7.1CVSS5.8AI score0.0107EPSS
Exploits0References5
OSV
OSV
•added 2024/07/16 12:0 a.m.•50 views

DSA-5731-1 linux - security update

Bulletin has no description...

7.8CVSS7.7AI score0.00322EPSS
Exploits2
OSV
OSV
•added 2024/07/02 12:0 a.m.•50 views

ALSA-2024:4211 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack CVE-2020-26555 kernel:TCP-spoofed ghost ACKs and leak leak initial sequence number...

9.1CVSS7.8AI score0.01401EPSS
Exploits1References124
OSV
OSV
•added 2024/06/04 3:19 p.m.•50 views

GO-2024-2645 Nuclei allows unsigned code template execution through workflows in github.com/projectdiscovery/nuclei

Nuclei allows unsigned code template execution through workflows in github.com/projectdiscovery/nuclei...

7.4CVSS7.5AI score0.00411EPSS
Exploits0References7
OSV
OSV
•added 2024/05/24 8:44 p.m.•50 views

CVE-2024-35232 github.com/huandu/facebook may expose access_token in error message

github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. accesstoken can be exposed in error message on fail in HTTP request. This issue has been patched in version 2.7.2...

3.7CVSS4.8AI score0.00504EPSS
Exploits0References7
OSV
OSV
•added 2024/05/24 7:19 a.m.•50 views

BIT-GIT-2024-32002 Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a .git/ directory...

9CVSS9.1AI score0.25334EPSS
Exploits32References9
Total number of security vulnerabilities5000