Lucene search
K
OsvMost viewed

908419 matches found

OSV
OSV
•added 2016/05/05 1:59 a.m.•47 views

CVE-2016-2105

Integer overflow in the EVPEncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of binary data...

7.5CVSS5.5AI score
Exploits0References61
OSV
OSV
•added 2016/04/14 12:0 a.m.•47 views

DSA-3548-2 samba - regression update

Bulletin has no description...

6.8AI score
Exploits0
OSV
OSV
•added 2016/02/27 12:0 a.m.•47 views

DLA-435-1 tomcat6 - security update

Bulletin has no description...

8.8CVSS6.9AI score0.1838EPSS
Exploits0
OSV
OSV
•added 2016/02/08 12:0 a.m.•47 views

DSA-3469-1 qemu - security update

Bulletin has no description...

9CVSS7.5AI score0.0773EPSS
Exploits1
OSV
OSV
•added 2015/12/04 12:0 a.m.•47 views

DSA-3413-1 openssl - security update

Bulletin has no description...

7.5CVSS6.9AI score0.44016EPSS
Exploits1
OSV
OSV
•added 2015/12/03 12:0 a.m.•47 views

DLA-358-1 openssl - security update

Bulletin has no description...

5.3CVSS6.7AI score0.38709EPSS
Exploits1
OSV
OSV
•added 2015/11/29 12:0 a.m.•47 views

DLA-355-1 libxml2 - security update

Bulletin has no description...

6.4CVSS6.7AI score0.05907EPSS
Exploits1
OSV
OSV
•added 2015/10/28 12:0 a.m.•47 views

DLA-335-1 ntp - security update

Bulletin has no description...

9.8CVSS6.9AI score0.81762EPSS
Exploits7
OSV
OSV
•added 2015/09/03 12:0 a.m.•47 views

DSA-3351-1 chromium-browser - security update

Bulletin has no description...

7.5CVSS9.2AI score0.0224EPSS
Exploits2
OSV
OSV
•added 2015/07/28 12:0 a.m.•47 views

DLA-284-1 apache2 - security update

Bulletin has no description...

5CVSS6.1AI score0.73327EPSS
Exploits0
OSV
OSV
•added 2015/07/03 12:0 a.m.•47 views

DLA-266-1 libxml2 - security update

Bulletin has no description...

9.8CVSS7.2AI score0.0634EPSS
Exploits0
OSV
OSV
•added 2015/06/30 12:0 a.m.•47 views

DLA-263-1 ruby1.9.1 - security update

Bulletin has no description...

7.5CVSS6.8AI score0.13911EPSS
Exploits0
OSV
OSV
•added 2015/06/17 12:0 a.m.•47 views

DLA-246-2 linux-2.6 - security update

Bulletin has no description...

6.7AI score
Exploits0
OSV
OSV
•added 2015/04/08 12:0 a.m.•47 views

DLA-189-1 libgd2 - security update

Bulletin has no description...

5CVSS7.6AI score0.22319EPSS
Exploits4
OSV
OSV
•added 2015/03/24 12:0 a.m.•47 views

DSA-3197-2 openssl - regression update

Bulletin has no description...

6.5AI score
Exploits0
OSV
OSV
•added 2015/02/23 12:0 a.m.•47 views

DLA-156-1 samba - security update

Bulletin has no description...

10CVSS7.4AI score0.87636EPSS
Exploits7
OSV
OSV
•added 2014/12/17 12:0 a.m.•47 views

DLA-114-1 heirloom-mailx - security update

Bulletin has no description...

7.8CVSS7.7AI score0.06858EPSS
Exploits1
OSV
OSV
•added 2014/07/31 12:0 a.m.•47 views

DSA-2994-1 nss - security update

Bulletin has no description...

7.5CVSS7.5AI score0.04664EPSS
Exploits3
OSV
OSV
•added 2014/04/07 12:0 a.m.•47 views

DSA-2896-1 openssl - security update

Bulletin has no description...

7.5CVSS8AI score0.99999EPSS
Exploits87
OSV
OSV
•added 2013/02/05 3:55 p.m.•47 views

UBUNTU-CVE-2011-1350

The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device...

7.1CVSS5.8AI score0.01109EPSS
Exploits2References2
OSV
OSV
•added 2012/11/30 12:0 a.m.•47 views

DSA-2579-1 apache2 - several

Bulletin has no description...

5CVSS6AI score0.1747EPSS
Exploits3
OSV
OSV
•added 2012/04/24 12:0 a.m.•47 views

DSA-2458-1 iceape - several

Bulletin has no description...

10CVSS9.7AI score0.10098EPSS
Exploits2
OSV
OSV
•added 2010/12/21 12:0 a.m.•47 views

DSA-2135-1 xpdf - several vulnerabilities

Bulletin has no description...

7.5CVSS6.5AI score0.03597EPSS
Exploits0
OSV
OSV
•added 2010/10/19 8:0 p.m.•47 views

PYSEC-2010-27

Race condition in ZEO/StorageServer.py in Zope Object Database ZODB before 3.10.0 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpect...

4.3CVSS4.3AI score0.01336EPSS
Exploits0References10
OSV
OSV
•added 2010/09/20 12:0 a.m.•47 views

DSA-2113-1 drupal6 - several vulnerabilities

Bulletin has no description...

5.5CVSS6.3AI score0.02372EPSS
Exploits0
OSV
OSV
•added 2010/08/19 12:0 a.m.•47 views

DSA-2094-1 linux-2.6 - several issues

Bulletin has no description...

10CVSS6.7AI score0.08984EPSS
Exploits12
OSV
OSV
•added 2010/05/25 12:0 a.m.•47 views

DSA-2053-1 linux-2.6 - several issues

Bulletin has no description...

7.8CVSS7AI score0.21312EPSS
Exploits19
OSV
OSV
•added 2009/12/29 12:0 a.m.•47 views

DSA-1958-1 libtool - privilege escalation

Bulletin has no description...

6.9CVSS7.8AI score0.00394EPSS
Exploits1
OSV
OSV
•added 2009/12/15 12:0 a.m.•47 views

DSA-1952-1 asterisk - several vulnerabilities

Bulletin has no description...

7.5CVSS9.4AI score0.13355EPSS
Exploits4
OSV
OSV
•added 2009/04/29 12:0 a.m.•47 views

DSA-1783-1 mysql-dfsg-5.0 - several vulnerabilities

Bulletin has no description...

4CVSS9.5AI score0.07049EPSS
Exploits3
OSV
OSV
•added 2008/05/12 12:0 a.m.•47 views

DSA-1575-1 linux-2.6 - denial of service

Bulletin has no description...

6.9CVSS7.5AI score0.00406EPSS
Exploits1
OSV
OSV
•added 2008/04/24 12:0 a.m.•47 views

DSA-1534-2 iceape - regression

Bulletin has no description...

9.3CVSS9.8AI score0.06055EPSS
Exploits4
OSV
OSV
•added 2007/11/27 12:0 a.m.•47 views

DSA-1415-1 tk8.4 - buffer overflow

Bulletin has no description...

4.3CVSS9.4AI score0.02643EPSS
Exploits0
OSV
OSV
•added 2007/08/31 12:0 a.m.•47 views

DSA-1363-1 linux-2.6

Bulletin has no description...

4.7CVSS5.9AI score0.02624EPSS
Exploits0
OSV
OSV
•added 2007/05/17 12:0 a.m.•47 views

DSA-1294-1 xfree86

Bulletin has no description...

9.3CVSS7.7AI score0.05586EPSS
Exploits0
OSV
OSV
•added 2006/11/15 12:0 a.m.•47 views

DSA-1212 openssh

Bulletin has no description...

9.3CVSS8.3AI score0.44963EPSS
Exploits8
OSV
OSV
•added 2006/10/04 12:0 a.m.•47 views

DSA-1189-1 openssh-krb5

Bulletin has no description...

9.3CVSS8.3AI score0.44963EPSS
Exploits8
OSV
OSV
•added 2004/10/20 12:0 a.m.•47 views

DSA-570-1 libpng - integer overflow

Bulletin has no description...

5CVSS6AI score0.062EPSS
Exploits1
OSV
OSV
•added 2026/06/01 1:3 p.m.•46 views

USN-8352-1 libreoffice vulnerability

Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched encryption salt parameters in crafted OOXML documents. An attacker could use this issue to cause LibreOffice to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6.1AI score0.00078EPSS
Exploits0References2
OSV
OSV
•added 2026/04/21 3:20 p.m.•46 views

GHSA-665X-PPC4-685W OpenMage LTS: Cross-user wishlist import leads to private option & file disclosure

Cross-user wishlist item import via shared wishlist code, leading to private option disclosure and file-disclosure variant Summary The shared wishlist add-to-cart endpoint authorizes access with a public sharingcode, but loads the acted-on wishlist item by a separate global wishlistitemid and nev...

5.4CVSS5.7AI score0.00176EPSS
Exploits1References5
OSV
OSV
•added 2026/04/04 10:1 a.m.•46 views

RHSA-2023:5809 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.2.2 Product Security and Bug Fix Update

Bulletin has no description...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References12
OSV
OSV
•added 2025/12/18 6:30 p.m.•46 views

GHSA-F6MR-38G8-39RG Ollama Platform has missing authentication enabling attackers to perform model management operations

A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management operations...

9.3CVSS7.2AI score0.00632EPSS
Exploits0References4
OSV
OSV
•added 2025/07/31 2:34 p.m.•46 views

PYSEC-2025-72 After a successful phishing attack, new versions of `num2words` were published containing malware.

The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code. The affected versions have been removed from PyPI, and users are advised to remove the affected versions from their environments...

7.1AI score
Exploits0References2
OSV
OSV
•added 2025/06/01 12:0 a.m.•46 views

ASB-A-388828859

In offerNetwork of ConnectivityService.java, there is a possible leak of sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6AI score0.00074EPSS
Exploits0References2
OSV
OSV
•added 2025/02/11 4:15 p.m.•46 views

CVE-2024-12797

Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...

6.3CVSS4.4AI score
Exploits0References7
OSV
OSV
•added 2024/12/16 1:56 p.m.•46 views

BIT-NODE-MIN-2023-46809

Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...

7.4CVSS6.6AI score0.01302EPSS
Exploits0References4
OSV
OSV
•added 2024/11/17 12:30 p.m.•46 views

GHSA-HVW5-3MGW-7RCF Debezium database connector has a script injection vulnerability

A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data...

5.9CVSS5.6AI score0.0038EPSS
Exploits0References5
OSV
OSV
•added 2024/11/11 9:29 a.m.•46 views

SUSE-RU-2024:3971-1 Recommended update for mojo-parent

This update for mojo-parent fixes the following issues: xalan-j2 was updated from version 2.7.2 to 2.7.3: - Security issues fixed: CVE-2022-34169: Fixed integer truncation issue when processing malicious XSLT stylesheets bsc1201684 - Changes and Bugs fixed: Java 8 is now the minimum requirement...

7.5CVSS8.4AI score0.17673EPSS
Exploits2References2
OSV
OSV
•added 2024/10/22 4:3 a.m.•46 views

RHSA-2024:0894 Red Hat Security Advisory: mysql:8.0 security update

Bulletin has no description...

7.5CVSS5.9AI score0.01782EPSS
Exploits0References355
OSV
OSV
•added 2024/10/22 1:46 a.m.•46 views

RHSA-2023:5849 Red Hat Security Advisory: nodejs:18 security update

Bulletin has no description...

7.5CVSS8.1AI score0.99999EPSS
Exploits19References26
Total number of security vulnerabilities5000