Lucene search
K
OsvMost viewed

907649 matches found

OSV
OSV
•added 2020/07/22 12:0 a.m.•50 views

DLA-2286-1 tomcat8 - security update

Bulletin has no description...

7.5CVSS7.8AI score0.87553EPSS
Exploits1
OSV
OSV
•added 2020/07/11 12:0 a.m.•50 views

DLA-2277-1 openjpeg2 - security update

Bulletin has no description...

8.8CVSS7.3AI score0.04932EPSS
Exploits2
OSV
OSV
•added 2020/06/03 12:0 a.m.•50 views

DSA-4695-1 firefox-esr - security update

Bulletin has no description...

9.3CVSS7AI score0.01537EPSS
Exploits1
OSV
OSV
•added 2020/05/08 12:0 a.m.•50 views

DSA-4682-1 squid - security update

Bulletin has no description...

9.8CVSS7.8AI score0.7179EPSS
Exploits0
OSV
OSV
•added 2020/04/28 4:7 p.m.•50 views

ALSA-2020:1932 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Crafted input tar file may lead to local file overwrite during image build process CVE-2020-10696 For more details about the security issues, including the...

9.3CVSS8.7AI score0.02603EPSS
Exploits1References2
OSV
OSV
•added 2020/04/28 12:0 a.m.•50 views

DSA-4668-1 openjdk-8 - security update

Bulletin has no description...

8.3CVSS6.8AI score0.0623EPSS
Exploits0
OSV
OSV
•added 2020/02/24 7:12 p.m.•50 views

GHSA-7553-JR98-VX47 libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. The Nokogiri RubyGem has patched its vendored copy of libxml2 in order to prevent this issue from affecting nokogiri...

7.5CVSS7.7AI score0.07836EPSS
Exploits0References19
OSV
OSV
•added 2020/02/10 8:15 a.m.•50 views

CVE-2020-7059

When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash...

9.1CVSS6.3AI score
Exploits0References14
OSV
OSV
•added 2019/12/07 12:0 a.m.•50 views

DLA-2023-1 openjdk-7 - security update

Bulletin has no description...

6.8CVSS6.3AI score0.03749EPSS
Exploits0
OSV
OSV
•added 2019/11/06 1:15 p.m.•50 views

RLSA-2019:3735 Critical: php:7.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: underflow in envpathinfo in fpmmain.c CVE-2019-11043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.1CVSS9.6AI score0.9947EPSS
Exploits54References2
OSV
OSV
•added 2019/10/15 12:0 a.m.•50 views

DSA-4509-3 apache2 - security update

Bulletin has no description...

6.1CVSS7.4AI score0.81466EPSS
Exploits4
OSV
OSV
•added 2019/09/20 12:0 a.m.•50 views

DSA-4529-1 php7.0 - security update

Bulletin has no description...

9.8CVSS7.8AI score0.07031EPSS
Exploits6
OSV
OSV
•added 2019/06/19 12:0 a.m.•50 views

DLA-1828-1 python-urllib3 - security update

Bulletin has no description...

6.1CVSS6.8AI score0.02056EPSS
Exploits1
OSV
OSV
•added 2019/06/18 4:36 p.m.•50 views

ALSA-2019:1529 Important: pki-deps:10.6 security update

The Public Key Infrastructure PKI Deps module contains fundamental packages required as dependencies for the pki-core module by AlmaLinux Certificate System. Security Fixes: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up CVE-2018-8037 tomcat: Insecure...

9.8CVSS7.2AI score0.94494EPSS
Exploits3References5
OSV
OSV
•added 2019/05/15 12:0 a.m.•50 views

DLA-1789-1 intel-microcode - security update

Bulletin has no description...

5.9CVSS6.7AI score0.01553EPSS
Exploits0
OSV
OSV
•added 2019/04/03 12:0 a.m.•50 views

DLA-1748-1 apache2 - security update

Bulletin has no description...

7.5CVSS6.8AI score0.1786EPSS
Exploits0
OSV
OSV
•added 2019/03/25 12:0 a.m.•50 views

DLA-1728-1 openssh - security update

Bulletin has no description...

6.8CVSS6.3AI score0.58204EPSS
Exploits9
OSV
OSV
•added 2018/03/29 7:29 a.m.•50 views

CVE-2018-7600

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations...

9.8CVSS8.3AI score0.99993EPSS
Exploits46References21
OSV
OSV
•added 2017/10/24 6:33 p.m.•50 views

GHSA-4936-RJ25-6WM6 nori contains Improper Input Validation

The nori gem 2.0.x before 2.0.2, 1.1.x before 1.1.4, and 1.0.x before 1.0.3 for Ruby does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption involving...

7.5CVSS7.8AI score0.02312EPSS
Exploits0References12
OSV
OSV
•added 2017/09/20 12:0 a.m.•50 views

DSA-3980-1 apache2 - security update

Bulletin has no description...

7.5CVSS6.7AI score0.94999EPSS
Exploits9
OSV
OSV
•added 2017/01/01 12:0 a.m.•50 views

DLA-772-1 linux - security update

Bulletin has no description...

10CVSS7.3AI score0.11127EPSS
Exploits25
OSV
OSV
•added 2016/12/18 12:0 a.m.•50 views

DSA-3738-1 tomcat7 - security update

Bulletin has no description...

9.8CVSS8.2AI score0.90338EPSS
Exploits7
OSV
OSV
•added 2016/06/07 12:0 a.m.•50 views

DSA-3597-1 expat - security update

Bulletin has no description...

7.8CVSS7AI score0.06539EPSS
Exploits0
OSV
OSV
•added 2016/05/05 1:59 a.m.•50 views

CVE-2016-2109

The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service memory consumption via a short invalid encoding...

7.5CVSS5.8AI score
Exploits0References55
OSV
OSV
•added 2016/02/21 12:0 a.m.•50 views

DSA-3486-1 chromium-browser - security update

Bulletin has no description...

10CVSS6.7AI score0.02639EPSS
Exploits1
OSV
OSV
•added 2015/11/01 12:0 a.m.•50 views

DSA-3388-1 ntp - security update

Bulletin has no description...

9.8CVSS6.9AI score0.81762EPSS
Exploits7
OSV
OSV
•added 2015/07/04 12:0 a.m.•50 views

DSA-3300-1 iceweasel - security update

Bulletin has no description...

10CVSS5.7AI score0.9986EPSS
Exploits2
OSV
OSV
•added 2015/05/06 12:0 a.m.•50 views

DSA-3252-1 sqlite3 - security update

Bulletin has no description...

7.5CVSS7.6AI score0.05531EPSS
Exploits0
OSV
OSV
•added 2015/03/18 12:0 a.m.•50 views

DSA-3195-1 php5 - security update

Bulletin has no description...

7.5CVSS7.5AI score0.42593EPSS
Exploits18
OSV
OSV
•added 2014/11/18 12:0 a.m.•50 views

DSA-3074-1 php5 - security update

Bulletin has no description...

5CVSS8.4AI score0.14013EPSS
Exploits0
OSV
OSV
•added 2014/06/20 12:0 a.m.•50 views

DLA-0008-1 openssl - security update

Bulletin has no description...

7.4CVSS6.8AI score0.95326EPSS
Exploits11
OSV
OSV
•added 2013/08/02 12:0 a.m.•50 views

DSA-2733-1 otrs2 - SQL injection

Bulletin has no description...

8.8CVSS6.5AI score0.01322EPSS
Exploits0
OSV
OSV
•added 2013/02/17 12:0 a.m.•50 views

DSA-2626-1 lighttpd - several issues

Bulletin has no description...

9.8CVSS7.4AI score0.87264EPSS
Exploits16
OSV
OSV
•added 2013/02/13 12:0 a.m.•50 views

DSA-2622-1 polarssl - several

Bulletin has no description...

4.3CVSS6.6AI score0.35584EPSS
Exploits1
OSV
OSV
•added 2011/11/07 12:0 a.m.•50 views

DSA-2340-1 postgresql - weak password hashing

Bulletin has no description...

5CVSS7.2AI score0.04972EPSS
Exploits0
OSV
OSV
•added 2011/05/10 12:0 a.m.•50 views

DSA-2235-1 icedove - several

Bulletin has no description...

10CVSS9.7AI score0.73655EPSS
Exploits19
OSV
OSV
•added 2011/01/30 12:0 a.m.•50 views

DSA-2154-1 exim4 - privilege escalation

Bulletin has no description...

7.8CVSS7.4AI score0.17794EPSS
Exploits4
OSV
OSV
•added 2009/11/05 12:0 a.m.•50 views

DSA-1928-1 linux-2.6.24 - several vulnerabilities

Bulletin has no description...

7.8CVSS7AI score0.12461EPSS
Exploits32
OSV
OSV
•added 2009/10/22 12:0 a.m.•50 views

DSA-1915-1 linux-2.6 - several vulnerabilities

Bulletin has no description...

7.8CVSS7AI score0.12461EPSS
Exploits20
OSV
OSV
•added 2009/08/24 12:0 a.m.•50 views

DSA-1872-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities

Bulletin has no description...

7.8CVSS6.9AI score0.08156EPSS
Exploits22
OSV
OSV
•added 2009/05/05 12:0 a.m.•50 views

DSA-1790-1 xpdf - multiple vulnerabilities

Bulletin has no description...

10CVSS7.7AI score0.07347EPSS
Exploits1
OSV
OSV
•added 2008/08/21 12:0 a.m.•50 views

DSA-1630-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities

Bulletin has no description...

7.8CVSS6.7AI score0.02452EPSS
Exploits11
OSV
OSV
•added 2008/02/24 12:0 a.m.•50 views

DSA-1506-1 iceape - several vulnerabilities

Bulletin has no description...

9.3CVSS9.7AI score0.08633EPSS
Exploits6
OSV
OSV
•added 2007/06/07 12:0 a.m.•50 views

DSA-1300-1 iceape

Bulletin has no description...

9.3CVSS8.2AI score0.07831EPSS
Exploits1
OSV
OSV
•added 2006/09/25 12:0 a.m.•50 views

DSA-1184-2 kernel-source-2.6.8 - several vulnerabilities

Bulletin has no description...

7.8CVSS7.6AI score0.20561EPSS
Exploits5
OSV
OSV
•added 2006/05/20 12:0 a.m.•50 views

DSA-1067-1 kernel-source-2.4.16 - several

Bulletin has no description...

10CVSS6.1AI score0.04078EPSS
Exploits8
OSV
OSV
•added 2006/05/20 12:0 a.m.•50 views

DSA-1069-1 kernel-source-2.4.18 - several

Bulletin has no description...

10CVSS6.1AI score0.04078EPSS
Exploits8
OSV
OSV
•added 2005/02/04 12:0 a.m.•50 views

DSA-667-1 squid - several

Bulletin has no description...

10CVSS6AI score0.40977EPSS
Exploits0
OSV
OSV
•added 2026/05/29 12:4 a.m.•49 views

OSV-2026-823 Heap-buffer-overflow in ihevcd_fmt_conv_422sp_to_420p

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517027631 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcdfmtconv422spto420p ihevcdfmtconv ihevcddecode...

5.8AI score
Exploits0References1
OSV
OSV
•added 2026/05/18 8:57 a.m.•49 views

BIT-TOMCAT-2022-25762 Response mix-up with WebSocket concurrent send and close

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling...

8.6CVSS6.7AI score0.07538EPSS
Exploits0References4
Total number of security vulnerabilities5000