Lucene search
K
OsvMost viewed

908024 matches found

OSV
OSV
•added 2010/08/19 12:0 a.m.•47 views

DSA-2094-1 linux-2.6 - several issues

Bulletin has no description...

10CVSS6.7AI score0.08984EPSS
Exploits12
OSV
OSV
•added 2010/05/25 12:0 a.m.•47 views

DSA-2053-1 linux-2.6 - several issues

Bulletin has no description...

7.8CVSS7AI score0.21312EPSS
Exploits19
OSV
OSV
•added 2009/12/29 12:0 a.m.•47 views

DSA-1958-1 libtool - privilege escalation

Bulletin has no description...

6.9CVSS7.8AI score0.00394EPSS
Exploits1
OSV
OSV
•added 2009/12/15 12:0 a.m.•47 views

DSA-1952-1 asterisk - several vulnerabilities

Bulletin has no description...

7.5CVSS9.4AI score0.13355EPSS
Exploits4
OSV
OSV
•added 2009/08/16 12:0 a.m.•47 views

DSA-1864-1 linux-2.6.24 - privilege escalation

Bulletin has no description...

7.8CVSS8AI score0.14749EPSS
Exploits17
OSV
OSV
•added 2009/04/29 12:0 a.m.•47 views

DSA-1783-1 mysql-dfsg-5.0 - several vulnerabilities

Bulletin has no description...

4CVSS9.5AI score0.07049EPSS
Exploits3
OSV
OSV
•added 2008/05/12 12:0 a.m.•47 views

DSA-1575-1 linux-2.6 - denial of service

Bulletin has no description...

6.9CVSS7.5AI score0.00406EPSS
Exploits1
OSV
OSV
•added 2008/04/24 12:0 a.m.•47 views

DSA-1534-2 iceape - regression

Bulletin has no description...

9.3CVSS9.8AI score0.06055EPSS
Exploits4
OSV
OSV
•added 2007/11/27 12:0 a.m.•47 views

DSA-1415-1 tk8.4 - buffer overflow

Bulletin has no description...

4.3CVSS9.4AI score0.02643EPSS
Exploits0
OSV
OSV
•added 2007/08/31 12:0 a.m.•47 views

DSA-1363-1 linux-2.6

Bulletin has no description...

4.7CVSS5.9AI score0.02624EPSS
Exploits0
OSV
OSV
•added 2007/05/17 12:0 a.m.•47 views

DSA-1294-1 xfree86

Bulletin has no description...

9.3CVSS7.7AI score0.05586EPSS
Exploits0
OSV
OSV
•added 2006/11/15 12:0 a.m.•47 views

DSA-1212 openssh

Bulletin has no description...

9.3CVSS8.3AI score0.44963EPSS
Exploits8
OSV
OSV
•added 2006/10/04 12:0 a.m.•47 views

DSA-1189-1 openssh-krb5

Bulletin has no description...

9.3CVSS8.3AI score0.44963EPSS
Exploits8
OSV
OSV
•added 2005/09/08 12:0 a.m.•47 views

DSA-805-1 apache2 - several

Bulletin has no description...

10CVSS9.6AI score0.30576EPSS
Exploits1
OSV
OSV
•added 2004/10/20 12:0 a.m.•47 views

DSA-570-1 libpng - integer overflow

Bulletin has no description...

5CVSS6AI score0.062EPSS
Exploits1
OSV
OSV
•added 2026/06/05 12:2 a.m.•46 views

OSV-2026-850 Heap-buffer-overflow in opus_repacketizer_out_range_impl

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519646826 Crash type: Heap-buffer-overflow WRITE Crash state: opusrepacketizeroutrangeimpl opusrepacketizeroutrange codecparse...

5.4AI score
Exploits0References1
OSV
OSV
•added 2026/06/01 1:3 p.m.•46 views

USN-8352-1 libreoffice vulnerability

Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched encryption salt parameters in crafted OOXML documents. An attacker could use this issue to cause LibreOffice to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6.1AI score0.00078EPSS
Exploits0References2
OSV
OSV
•added 2026/04/21 3:20 p.m.•46 views

GHSA-665X-PPC4-685W OpenMage LTS: Cross-user wishlist import leads to private option & file disclosure

Cross-user wishlist item import via shared wishlist code, leading to private option disclosure and file-disclosure variant Summary The shared wishlist add-to-cart endpoint authorizes access with a public sharingcode, but loads the acted-on wishlist item by a separate global wishlistitemid and nev...

5.4CVSS5.7AI score0.00176EPSS
Exploits1References5
OSV
OSV
•added 2026/04/04 10:1 a.m.•46 views

RHSA-2023:5809 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.2.2 Product Security and Bug Fix Update

Bulletin has no description...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References12
OSV
OSV
•added 2026/01/28 9:9 p.m.•46 views

PYSEC-2026-1 A single post-release of dydx-v4-client contained obfuscated multi-stage loader

A PyPI user account compromised by an attacker and was able to upload a malicious version 1.1.5.post1 of the dydx-v4-client package. This version contains a highly obfuscated multi-stage loader that ultimately executes malicious code on the host system. While the final payload is not visible...

5.8AI score
Exploits0References1
OSV
OSV
•added 2025/12/18 6:30 p.m.•46 views

GHSA-F6MR-38G8-39RG Ollama Platform has missing authentication enabling attackers to perform model management operations

A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management operations...

9.3CVSS7.2AI score0.00632EPSS
Exploits0References4
OSV
OSV
•added 2025/07/31 2:34 p.m.•46 views

PYSEC-2025-72 After a successful phishing attack, new versions of `num2words` were published containing malware.

The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code. The affected versions have been removed from PyPI, and users are advised to remove the affected versions from their environments...

7.1AI score
Exploits0References2
OSV
OSV
•added 2025/06/01 12:0 a.m.•46 views

ASB-A-388828859

In offerNetwork of ConnectivityService.java, there is a possible leak of sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6AI score0.00074EPSS
Exploits0References2
OSV
OSV
•added 2025/03/10 7:1 p.m.•46 views

GO-2025-3505 Fleet has SAML authentication vulnerability due to improper SAML response validation in github.com/fleetdm/fleet

Fleet has SAML authentication vulnerability due to improper SAML response validation in github.com/fleetdm/fleet. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

9.3CVSS6.5AI score0.00623EPSS
Exploits0References4
OSV
OSV
•added 2025/02/11 4:15 p.m.•46 views

CVE-2024-12797

Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...

6.3CVSS4.4AI score
Exploits0References7
OSV
OSV
•added 2024/12/16 1:56 p.m.•46 views

BIT-NODE-MIN-2023-46809

Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...

7.4CVSS6.6AI score0.01302EPSS
Exploits0References4
OSV
OSV
•added 2024/11/17 12:30 p.m.•46 views

GHSA-HVW5-3MGW-7RCF Debezium database connector has a script injection vulnerability

A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data...

5.9CVSS5.6AI score0.0038EPSS
Exploits0References5
OSV
OSV
•added 2024/11/11 9:29 a.m.•46 views

SUSE-RU-2024:3971-1 Recommended update for mojo-parent

This update for mojo-parent fixes the following issues: xalan-j2 was updated from version 2.7.2 to 2.7.3: - Security issues fixed: CVE-2022-34169: Fixed integer truncation issue when processing malicious XSLT stylesheets bsc1201684 - Changes and Bugs fixed: Java 8 is now the minimum requirement...

7.5CVSS8.4AI score0.17673EPSS
Exploits2References2
OSV
OSV
•added 2024/11/02 4:56 p.m.•46 views

MGASA-2024-0344 Updated kernel-linus packages fix security vulnerabilities

Vanilla upstream kernel version 6.6.58 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...

9.1CVSS6.9AI score0.01367EPSS
Exploits2References8
OSV
OSV
•added 2024/10/22 4:3 a.m.•46 views

RHSA-2024:0894 Red Hat Security Advisory: mysql:8.0 security update

Bulletin has no description...

7.5CVSS5.9AI score0.01782EPSS
Exploits0References355
OSV
OSV
•added 2024/10/22 1:46 a.m.•46 views

RHSA-2023:5849 Red Hat Security Advisory: nodejs:18 security update

Bulletin has no description...

7.5CVSS8.1AI score0.99999EPSS
Exploits19References26
OSV
OSV
•added 2024/10/07 7:51 p.m.•46 views

CVE-2024-31228 Denial-of-service due to unbounded pattern matching in Redis

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST and ACL definitions. Matching of extremel...

5.5CVSS4.7AI score0.01009EPSS
Exploits0References5
OSV
OSV
•added 2024/10/04 4:38 p.m.•46 views

BIT-PYTHON-2022-45061

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...

7.5CVSS7.8AI score0.02453EPSS
Exploits1References38
OSV
OSV
•added 2024/10/02 11:28 a.m.•46 views

RHSA-2023:6171 Red Hat Security Advisory: Red Hat Product OCP Tools 4.11 Openshift Jenkins security update

Bulletin has no description...

9.8CVSS8.2AI score0.99999EPSS
Exploits67References53
OSV
OSV
•added 2024/10/02 5:7 a.m.•46 views

RHSA-2024:7000 Red Hat Security Advisory: kernel security update

Bulletin has no description...

7.8CVSS7.7AI score0.01028EPSS
Exploits2References763
OSV
OSV
•added 2024/09/24 2:26 p.m.•46 views

RHSA-2024:4352 Red Hat Security Advisory: kernel-rt security and bug fix update

Bulletin has no description...

7CVSS7.9AI score0.01401EPSS
Exploits1References295
OSV
OSV
•added 2024/09/16 7:52 a.m.•46 views

RHSA-2022:1445 Red Hat Security Advisory: java-17-openjdk security and bug fix update

Bulletin has no description...

7.5CVSS6.8AI score0.46677EPSS
Exploits6References30
OSV
OSV
•added 2024/09/16 6:30 a.m.•46 views

RHSA-2022:1988 Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Bulletin has no description...

8.2CVSS7.7AI score0.06846EPSS
Exploits14References366
OSV
OSV
•added 2024/09/16 2:33 a.m.•46 views

RHSA-2020:0912 Red Hat Security Advisory: tomcat6 security update

Bulletin has no description...

7.6CVSS9.3AI score0.9927EPSS
Exploits45References14
OSV
OSV
•added 2024/09/15 11:51 p.m.•46 views

RHSA-2018:0479 Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.1 on RHEL 6

Bulletin has no description...

8.6CVSS7.9AI score0.49727EPSS
Exploits3References38
OSV
OSV
•added 2024/09/13 7:52 p.m.•46 views

RHSA-2019:2343 Red Hat Security Advisory: httpd security and bug fix update

Bulletin has no description...

7.1CVSS6.7AI score0.1786EPSS
Exploits0References14
OSV
OSV
•added 2024/09/13 4:50 p.m.•46 views

RHSA-2018:0275 Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update

Bulletin has no description...

8.1CVSS6.9AI score0.99988EPSS
Exploits28References19
OSV
OSV
•added 2024/09/13 4:50 p.m.•46 views

RHSA-2018:0268 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.19 security update

Bulletin has no description...

8.1CVSS6.9AI score0.99988EPSS
Exploits28References20
OSV
OSV
•added 2024/08/21 4:3 p.m.•46 views

GO-2022-1217 usememos/memos makes Incorrect Use of Privileged APIs in github.com/usememos/memos

usememos/memos makes Incorrect Use of Privileged APIs in github.com/usememos/memos...

8.1CVSS8.1AI score0.00633EPSS
Exploits1References4
OSV
OSV
•added 2024/08/21 4:3 p.m.•46 views

GO-2022-1200 Elrond-GO processing: fallback search of SCRs when not found in the main cache in github.com/ElrondNetwork/elrond-go

Elrond-GO processing: fallback search of SCRs when not found in the main cache in github.com/ElrondNetwork/elrond-go...

7.2CVSS6.6AI score0.00724EPSS
Exploits0References4
OSV
OSV
•added 2024/08/21 4:3 p.m.•46 views

GO-2022-1100 Vela Insecure Defaults in github.com/go-vela/server

Vela Insecure Defaults in github.com/go-vela/server...

9.9CVSS9.4AI score0.01067EPSS
Exploits0References11
OSV
OSV
•added 2024/08/21 4:3 p.m.•46 views

GO-2022-1099 OpenFGA Authorization Bypass in github.com/openfga/openfga

OpenFGA Authorization Bypass in github.com/openfga/openfga...

9.8CVSS9.4AI score0.0042EPSS
Exploits0References4
OSV
OSV
•added 2024/08/21 3:28 p.m.•46 views

GO-2022-0781 Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788) in github.com/goharbor/harbor

Harbor is vulnerable to a limited Server-Side Request Forgery SSRF CVE-2020-13788 in github.com/goharbor/harbor...

4.3CVSS4.4AI score0.01278EPSS
Exploits1References4
OSV
OSV
•added 2024/08/21 3:11 p.m.•46 views

GO-2022-0500 CloudCore UDS Server: Malicious Message can crash CloudCore in github.com/kubeedge/kubeedge

CloudCore UDS Server: Malicious Message can crash CloudCore in github.com/kubeedge/kubeedge...

5.7CVSS5.5AI score0.00614EPSS
Exploits1References3
OSV
OSV
•added 2024/08/21 2:30 p.m.•46 views

GO-2023-2084 OpenFGA Vulnerable to DoS from circular relationship definitions in github.com/openfga/openfga

OpenFGA Vulnerable to DoS from circular relationship definitions in github.com/openfga/openfga...

5.9CVSS5.5AI score0.00751EPSS
Exploits0References3
Total number of security vulnerabilities5000