Lucene search
K
OsvMost viewed

907650 matches found

OSV
OSV
•added 2008/10/20 12:0 a.m.•49 views

DSA-1656-1 cupsys - several vulnerabilities

Bulletin has no description...

10CVSS7.6AI score0.24132EPSS
Exploits1
OSV
OSV
•added 2008/05/05 12:0 a.m.•49 views

DSA-1568-1 b2evolution - cross site scripting

Bulletin has no description...

4.3CVSS6.4AI score0.01291EPSS
Exploits0
OSV
OSV
•added 2008/05/01 12:0 a.m.•49 views

DSA-1564-1 wordpress - several vulnerabilities

Bulletin has no description...

7.5CVSS5.9AI score0.07232EPSS
Exploits2
OSV
OSV
•added 2008/02/22 12:0 a.m.•49 views

DSA-1503-1 kernelimage-2.4.27 - several issues

Bulletin has no description...

7.8CVSS6.8AI score0.05605EPSS
Exploits9
OSV
OSV
•added 2007/11/09 12:0 a.m.•49 views

DSA-1406-1 horde3 - several vulnerabilities

Bulletin has no description...

6.8CVSS6AI score0.05154EPSS
Exploits2
OSV
OSV
•added 2007/08/26 12:0 a.m.•49 views

DSA-1358-1 asterisk

Bulletin has no description...

10CVSS7.4AI score0.3152EPSS
Exploits3
OSV
OSV
•added 2006/09/07 12:0 a.m.•49 views

DSA-1171 ethereal - several

Bulletin has no description...

7.5CVSS7.4AI score0.10826EPSS
Exploits0
OSV
OSV
•added 2006/07/18 12:0 a.m.•49 views

DSA-1112 mysql-dfsg-4.1 - several vulnerabilities

Bulletin has no description...

4CVSS7.9AI score0.26815EPSS
Exploits1
OSV
OSV
•added 2006/05/29 12:0 a.m.•49 views

DSA-1082-1 kernel-source-2.4.17 - several vulnerabilities

Bulletin has no description...

10CVSS6.1AI score0.04078EPSS
Exploits8
OSV
OSV
•added 2006/03/24 12:0 a.m.•49 views

DSA-1018-1 kernel-source-2.4.27 - several

Bulletin has no description...

7.8CVSS5.6AI score0.05357EPSS
Exploits11
OSV
OSV
•added 2025/12/05 10:52 p.m.•48 views

MAL-2025-192349 Malicious code in qt-main (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bd1f92a69928dc8fa2a6a50cfd596c34802bc68fc28dd5dd8508fc24344bbec9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSV
OSV
•added 2025/08/14 6:52 p.m.•48 views

MAL-2025-7121 Malicious code in @bmw-ds/components (npm)

The package @bmw-ds/components was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
•added 2025/07/30 7:18 a.m.•48 views

MAL-2025-6361 Malicious code in exceljs-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 542e79c60c18aa779332620c884952b318f885c798a0ac8c2d3bf87bfad26950 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
•added 2025/06/01 12:0 a.m.•48 views

ASB-A-303227969

In allowPackageAccess of multiple files, resource exhaustion is possible when repeatedly adding allowed packages. This could lead to a local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.5AI score0.0008EPSS
Exploits0References2
OSV
OSV
•added 2025/06/01 12:0 a.m.•48 views

ASB-A-301470262

In multiple functions of NdkMediaCodec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.3AI score0.00091EPSS
Exploits0References2
OSV
OSV
•added 2025/06/01 12:0 a.m.•48 views

ASB-A-391895923

In multiple functions of DexUseManagerLocal.java, there is a possible way to crash system server due to a logic error in the code. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.5AI score0.00092EPSS
Exploits0References4
OSV
OSV
•added 2025/04/11 5:58 a.m.•48 views

BELL-CVE-2025-32728

Bulletin has no description...

3.8CVSS5.5AI score0.0016EPSS
Exploits0References1
OSV
OSV
•added 2025/03/25 7:38 p.m.•48 views

GO-2025-3542 LocalAI Cross-Site Scripting (XSS) vulnerability in its search functionality in github.com/mudler/LocalAI

LocalAI Cross-Site Scripting XSS vulnerability in its search functionality in github.com/mudler/LocalAI. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

6.1CVSS5.2AI score0.00491EPSS
Exploits1References4
OSV
OSV
•added 2025/02/26 9:19 p.m.•48 views

PYSEC-2025-7 Posts scraped data to IP address associated with other malware distribution attacks.

Published in 2021, the imblog package is a Python library that scrapes data from a blog page to an IP address associated with other malware distribution attacks...

7AI score
Exploits0References2
OSV
OSV
•added 2025/02/19 5:57 a.m.•48 views

BELL-CVE-2025-26465

Bulletin has no description...

6.8CVSS7.2AI score0.06997EPSS
Exploits4References1
OSV
OSV
•added 2024/12/12 3:46 p.m.•48 views

GO-2024-3327 SiYuan has an arbitrary file read via /api/template/render in github.com/siyuan-note/siyuan/kernel

SiYuan has an arbitrary file read via /api/template/render in github.com/siyuan-note/siyuan/kernel...

8.7CVSS6.4AI score0.00717EPSS
Exploits0References2
OSV
OSV
•added 2024/12/11 12:0 a.m.•48 views

ALSA-2024:10952 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

9.8CVSS7.4AI score0.49336EPSS
Exploits13References24
OSV
OSV
•added 2024/11/04 6:15 p.m.•48 views

CVE-2024-51127

An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information...

7.1CVSS7AI score0.00699EPSS
Exploits1References2
OSV
OSV
•added 2024/09/30 2:48 p.m.•48 views

RHSA-2023:3914 Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Bulletin has no description...

8.1CVSS8.5AI score0.05623EPSS
Exploits2References42
OSV
OSV
•added 2024/09/17 12:54 a.m.•48 views

RLSA-2024:5814 Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import...

6.5CVSS6.4AI score0.01104EPSS
Exploits1References5
OSV
OSV
•added 2024/09/16 9:0 a.m.•48 views

RHSA-2022:8850 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-ujson) security update

Bulletin has no description...

7.5CVSS6.4AI score0.02283EPSS
Exploits1References13
OSV
OSV
•added 2024/09/15 8:47 p.m.•48 views

RHSA-2013:0770 Red Hat Security Advisory: java-1.6.0-openjdk security update

Bulletin has no description...

10CVSS7.4AI score0.86963EPSS
Exploits15References84
OSV
OSV
•added 2024/09/13 10:2 p.m.•48 views

RHSA-2019:3299 Red Hat Security Advisory: rh-php72-php security update

Bulletin has no description...

8.1CVSS7.9AI score0.9947EPSS
Exploits76References89
OSV
OSV
•added 2024/09/13 9:58 p.m.•48 views

RHSA-2017:1161 Red Hat Security Advisory: httpd24-httpd security, bug fix, and enhancement update

Bulletin has no description...

7.5CVSS6.8AI score0.7907EPSS
Exploits8References39
OSV
OSV
•added 2024/09/13 7:36 a.m.•48 views

RHEA-2013:1032 Red Hat Enhancement Advisory: Red Hat OpenShift Enterprise 1.2 Node Release Advisory

Bulletin has no description...

6.8CVSS6AI score0.06316EPSS
Exploits4References23
OSV
OSV
•added 2024/08/30 3:15 a.m.•48 views

CVE-2024-45490

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

7.5CVSS6.7AI score
Exploits0References9
OSV
OSV
•added 2024/08/22 8:3 p.m.•48 views

GO-2024-3076 Trufflehog vulnerable to Blind SSRF in some Detectors in github.com/trufflesecurity/trufflehog

Trufflehog vulnerable to Blind SSRF in some Detectors in github.com/trufflesecurity/trufflehog...

3.4CVSS3.6AI score0.00267EPSS
Exploits0References3
OSV
OSV
•added 2024/08/21 4:4 p.m.•48 views

GO-2022-1266 usememos/memos vulnerable to Improper Verification of Source of a Communication Channel in github.com/usememos/memos

usememos/memos vulnerable to Improper Verification of Source of a Communication Channel in github.com/usememos/memos...

8.6CVSS5.4AI score0.00528EPSS
Exploits1References4
OSV
OSV
•added 2024/08/21 4:4 p.m.•48 views

GO-2022-1248 usememos/memos vulnerable to Improper Authorization in github.com/usememos/memos

usememos/memos vulnerable to Improper Authorization in github.com/usememos/memos...

9.1CVSS5.3AI score0.00568EPSS
Exploits1References4
OSV
OSV
•added 2024/08/21 3:11 p.m.•48 views

GO-2022-0480 Node DOS by way of memory exhaustion through ExecSync request in CRI-O in github.com/cri-o/cri-o

Node DOS by way of memory exhaustion through ExecSync request in CRI-O in github.com/cri-o/cri-o...

7.8CVSS7.6AI score0.02827EPSS
Exploits1References4
OSV
OSV
•added 2024/08/20 8:31 p.m.•48 views

GO-2023-1871 SpiceDB's LookupResources may return partial results in github.com/authzed/spicedb

SpiceDB's LookupResources may return partial results in github.com/authzed/spicedb...

5.3CVSS4.5AI score0.00448EPSS
Exploits0References4
OSV
OSV
•added 2024/08/20 8:26 p.m.•48 views

GO-2023-1552 Answer has Cross-site Scripting vulnerability in github.com/answerdev/answer

Answer has Cross-site Scripting vulnerability in github.com/answerdev/answer...

9CVSS8.8AI score0.00871EPSS
Exploits1References4
OSV
OSV
•added 2024/08/08 12:0 a.m.•48 views

DSA-5742-1 odoo - security update

Bulletin has no description...

8.8CVSS8.4AI score0.72648EPSS
Exploits15
OSV
OSV
•added 2024/07/11 12:0 a.m.•48 views

DSA-5729-1 apache2 - security update

Bulletin has no description...

9.8CVSS7.5AI score0.99957EPSS
Exploits2
OSV
OSV
•added 2024/07/09 9:14 p.m.•48 views

GHSA-HH2W-P6RV-4G7W Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0. This advisory also provides guidance on what developers can do to update their applications t...

8.7CVSS7.6AI score0.02915EPSS
Exploits0References4
OSV
OSV
•added 2024/07/03 7:17 a.m.•48 views

BIT-APACHE-2024-38472

SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...

7.5CVSS8.3AI score0.6795EPSS
Exploits1References2
OSV
OSV
•added 2024/07/03 7:17 a.m.•48 views

BIT-APACHE-2024-38473 Apache HTTP Server proxy encoding problem

Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

8.1CVSS7.6AI score0.25878EPSS
Exploits1References4
OSV
OSV
•added 2024/06/25 1:7 p.m.•48 views

MAL-2024-3288 Malicious code in updated-tricks-roblox-robux-generator-2023-de-asw3er2 (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
•added 2024/06/15 12:0 a.m.•48 views

OPENSUSE-SU-2024:10290-1 apache2-mod_php7-7.0.14-1.4 on GA media

These are all security issues fixed in the apache2-modphp7-7.0.14-1.4 package on the GA media of openSUSE Tumbleweed...

10CVSS9.2AI score0.99998EPSS
Exploits180References70
OSV
OSV
•added 2024/06/15 12:0 a.m.•48 views

OPENSUSE-SU-2024:11167-1 php7-7.4.24-1.1 on GA media

These are all security issues fixed in the php7-7.4.24-1.1 package on the GA media of openSUSE Tumbleweed...

10CVSS8.9AI score0.9947EPSS
Exploits86References44
OSV
OSV
•added 2024/06/05 3:11 p.m.•48 views

GO-2024-2775 IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax

IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax...

8.8CVSS9AI score0.30082EPSS
Exploits0References5
OSV
OSV
•added 2024/06/02 12:0 a.m.•48 views

DSA-5703-1 linux - security update

Bulletin has no description...

9.8CVSS7.8AI score0.01305EPSS
Exploits2
OSV
OSV
•added 2024/05/24 12:0 a.m.•48 views

DLA-3818-1 apache2 - security update

Bulletin has no description...

7.5CVSS6.8AI score0.91327EPSS
Exploits3
OSV
OSV
•added 2024/05/23 12:0 a.m.•48 views

ALSA-2024:3339 Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc: Ou...

8.1CVSS7.7AI score0.8833EPSS
Exploits16References12
OSV
OSV
•added 2024/05/17 12:0 a.m.•48 views

DLA-3816-1 bind9 - security update

Bulletin has no description...

7.5CVSS7.2AI score0.99995EPSS
Exploits1
Total number of security vulnerabilities5000