Lucene search
K
OsvMost viewed

907369 matches found

OSV
OSV
•added 2010/02/18 12:0 a.m.•45 views

DSA-1999-1 xulrunner - several vulnerabilities

Bulletin has no description...

10CVSS8.2AI score0.10514EPSS
Exploits9
OSV
OSV
•added 2009/12/29 12:0 a.m.•45 views

DSA-1958-1 libtool - privilege escalation

Bulletin has no description...

6.9CVSS7.8AI score0.00394EPSS
Exploits1
OSV
OSV
•added 2009/12/12 12:0 a.m.•45 views

DSA-1950-1 webkit - several vulnerabilities

Bulletin has no description...

9.3CVSS7AI score0.09322EPSS
Exploits18
OSV
OSV
•added 2009/04/29 12:0 a.m.•45 views

DSA-1783-1 mysql-dfsg-5.0 - several vulnerabilities

Bulletin has no description...

4CVSS9.5AI score0.07049EPSS
Exploits3
OSV
OSV
•added 2008/12/15 12:0 a.m.•45 views

DSA-1687-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities

Bulletin has no description...

7.8CVSS5.8AI score0.0368EPSS
Exploits12
OSV
OSV
•added 2008/05/17 12:0 a.m.•45 views

DSA-1578-1 php4 - several vulnerabilities

Bulletin has no description...

10CVSS8.8AI score0.10744EPSS
Exploits1
OSV
OSV
•added 2007/11/27 12:0 a.m.•45 views

DSA-1415-1 tk8.4 - buffer overflow

Bulletin has no description...

4.3CVSS9.4AI score0.02643EPSS
Exploits0
OSV
OSV
•added 2006/12/10 12:0 a.m.•45 views

DSA-1233 kernel-source-2.6.8 - several

Bulletin has no description...

7.5CVSS6.5AI score0.04601EPSS
Exploits1
OSV
OSV
•added 2006/10/06 12:0 a.m.•45 views

DSA-1192-1 mozilla

Bulletin has no description...

10CVSS5.9AI score0.05706EPSS
Exploits1
OSV
OSV
•added 2006/04/27 12:0 a.m.•45 views

DSA-1046-1 mozilla - several

Bulletin has no description...

10CVSS6.6AI score0.12589EPSS
Exploits5
OSV
OSV
•added 2005/02/04 12:0 a.m.•45 views

DSA-668-1 postgresql - privilege escalation

Bulletin has no description...

4.3CVSS6AI score0.00499EPSS
Exploits0
OSV
OSV
•added 2025/11/14 2:45 p.m.•44 views

HSEC-2023-0009 git-annex command injection via malicious SSH hostname

git-annex command injection via malicious SSH hostname git-annex was vulnerable to the same class of security hole as git's CVE-2017-1000117. In several cases, git-annex parses a repository URL, and uses it to generate a ssh command, with the hostname to ssh to coming from the URL. If the hostnam...

10CVSS8.4AI score0.77823EPSS
Exploits12References2
OSV
OSV
•added 2025/06/01 12:0 a.m.•44 views

ASB-A-395643490

In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6AI score0.00084EPSS
Exploits0References2
OSV
OSV
•added 2025/04/14 11:35 a.m.•44 views

BIT-PYTHON-2025-0938 URL parser allowed square brackets in domain names

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

6.3CVSS5.8AI score0.01499EPSS
Exploits0References12
OSV
OSV
•added 2024/12/17 5:59 p.m.•44 views

SUSE-SU-2024:4367-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48853: swiotlb: fix info leak with DMAFROMDEVICE bsc1228015. - CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hcierrorreset bsc1222413. -...

8.1CVSS8.5AI score0.03301EPSS
Exploits3References159
OSV
OSV
•added 2024/12/06 6:22 p.m.•44 views

GHSA-VRJR-P3XP-XX2X phpMyFAQ Generates an Error Message Containing Sensitive Information if database server is not available

Summary Exposure of database ie postgreSQL server's credential when connection to DB fails. Details Exposed database credentials upon misconfig/DoS @ permalink: https://github.com/thorsten/phpMyFAQ/blob/main/phpmyfaq/src/phpMyFAQ/Setup/Installer.phpL694 PoC When postgreSQL server is unreachable, ...

8.8CVSS8.6AI score0.00487EPSS
Exploits1References4
OSV
OSV
•added 2024/11/25 9:53 a.m.•44 views

RHSA-2024:9991 Red Hat Security Advisory: RHOSP 17.1.4 (openstack-tripleo-common and python-tripleoclient) security update

Bulletin has no description...

8.1CVSS8AI score0.00392EPSS
Exploits0References9
OSV
OSV
•added 2024/10/21 8:6 p.m.•44 views

CVE-2022-49021 net: phy: fix null-ptr-deref while probe() failed

In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe failed I got a null-ptr-deref report as following when doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 Oops: 0000 1 PREEMPT SMP KASAN PTI CPU: 1...

5.5CVSS5.8AI score0.0028EPSS
Exploits0References11
OSV
OSV
•added 2024/10/10 1:29 p.m.•44 views

SUSE-SU-2024:3587-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done bsc1229607. - CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance...

7.8CVSS8.2AI score0.00992EPSS
Exploits4References309
OSV
OSV
•added 2024/09/30 8:13 p.m.•44 views

RHSA-2024:5067 Red Hat Security Advisory: kernel-rt security update

Bulletin has no description...

7.1CVSS7.5AI score0.00907EPSS
Exploits0References112
OSV
OSV
•added 2024/09/16 12:34 p.m.•44 views

RHSA-2023:4413 Red Hat Security Advisory: openssh security update

Bulletin has no description...

9.8CVSS8.9AI score0.76768EPSS
Exploits10References8
OSV
OSV
•added 2024/09/16 7:52 a.m.•44 views

RHSA-2022:1445 Red Hat Security Advisory: java-17-openjdk security and bug fix update

Bulletin has no description...

7.5CVSS6.8AI score0.46677EPSS
Exploits6References30
OSV
OSV
•added 2024/09/15 5:19 p.m.•44 views

RHSA-2008:0261 Red Hat Security Advisory: Red Hat Network Satellite Server security update

Bulletin has no description...

10CVSS6.3AI score0.90768EPSS
Exploits29References144
OSV
OSV
•added 2024/09/14 12:3 a.m.•44 views

RHSA-2023:3354 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

Bulletin has no description...

9.8CVSS7.9AI score0.8377EPSS
Exploits11References69
OSV
OSV
•added 2024/09/13 11:20 p.m.•44 views

RHSA-2022:6753 Red Hat Security Advisory: httpd24-httpd security and bug fix update

Bulletin has no description...

8.1CVSS8.1AI score0.90407EPSS
Exploits3References77
OSV
OSV
•added 2024/09/13 11:19 p.m.•44 views

RHSA-2022:5826 Red Hat Security Advisory: mariadb:10.5 security, bug fix, and enhancement update

Bulletin has no description...

7.8CVSS6.8AI score0.02458EPSS
Exploits34References177
OSV
OSV
•added 2024/09/13 10:48 p.m.•44 views

RHSA-2022:1975 Red Hat Security Advisory: kernel-rt security and bug fix update

Bulletin has no description...

8.2CVSS7.7AI score0.06846EPSS
Exploits13References253
OSV
OSV
•added 2024/09/13 10:9 p.m.•44 views

RHSA-2020:4384 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update

Bulletin has no description...

9.8CVSS6.8AI score0.90039EPSS
Exploits5References27
OSV
OSV
•added 2024/09/13 10:3 p.m.•44 views

RHSA-2020:1624 Red Hat Security Advisory: php:7.2 security, bug fix, and enhancement update

Bulletin has no description...

7.5CVSS8AI score0.10059EPSS
Exploits14References72
OSV
OSV
•added 2024/09/13 8:34 p.m.•44 views

RHSA-2022:1915 Red Hat Security Advisory: httpd:2.4 security and bug fix update

Bulletin has no description...

7.5CVSS8.5AI score0.82295EPSS
Exploits1References25
OSV
OSV
•added 2024/09/13 7:49 p.m.•44 views

RHSA-2019:0131 Red Hat Security Advisory: Red Hat JBoss Web Server 3.1 Service Pack 6 security and bug fix update

Bulletin has no description...

5.3CVSS6.6AI score0.94494EPSS
Exploits3References15
OSV
OSV
•added 2024/09/11 2:36 p.m.•44 views

USN-6999-1 linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-oem-6.8, linux-oracle vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...

9.8CVSS6.8AI score0.02701EPSS
Exploits3References221
OSV
OSV
•added 2024/08/21 4:4 p.m.•44 views

GO-2022-1259 usememos/memos Improper Authorization vulnerability in github.com/usememos/memos

usememos/memos Improper Authorization vulnerability in github.com/usememos/memos...

8.3CVSS6.1AI score0.00564EPSS
Exploits1References4
OSV
OSV
•added 2024/08/21 4:4 p.m.•44 views

GO-2022-1248 usememos/memos vulnerable to Improper Authorization in github.com/usememos/memos

usememos/memos vulnerable to Improper Authorization in github.com/usememos/memos...

9.1CVSS5.3AI score0.00568EPSS
Exploits1References4
OSV
OSV
•added 2024/08/21 4:3 p.m.•44 views

GO-2022-1100 Vela Insecure Defaults in github.com/go-vela/server

Vela Insecure Defaults in github.com/go-vela/server...

9.9CVSS9.4AI score0.01067EPSS
Exploits0References11
OSV
OSV
•added 2024/08/20 8:32 p.m.•44 views

GO-2023-1973 Rancher Access Control Vulnerability in github.com/rancher/rancher

Rancher Access Control Vulnerability in github.com/rancher/rancher...

8.8CVSS8.6AI score0.01489EPSS
Exploits0References4
OSV
OSV
•added 2024/08/20 8:29 p.m.•44 views

GO-2023-1656 Answer vulnerable to Stored Cross-site Scripting in github.com/answerdev/answer

Answer vulnerable to Stored Cross-site Scripting in github.com/answerdev/answer...

8.3CVSS5.2AI score0.00536EPSS
Exploits1References4
OSV
OSV
•added 2024/08/06 10:40 p.m.•44 views

GO-2024-3045 Meshery SQL Injection vulnerability in github.com/layer5io/meshery

Meshery SQL Injection vulnerability in github.com/layer5io/meshery...

7.5CVSS7.9AI score0.00951EPSS
Exploits1References5
OSV
OSV
•added 2024/07/16 1:15 p.m.•44 views

DEBIAN-CVE-2022-48852

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device at unbind...

3.3CVSS5AI score0.00201EPSS
Exploits0References1
OSV
OSV
•added 2024/07/12 3:31 p.m.•44 views

GHSA-HHWC-GH8H-9RRP Apache Wicket: Remote code execution via XSLT injection

The default configuration of XSLTResourceStream.java is vulnerable to remote code execution via XSLT injection when processing input from an untrusted source without validation. Users are recommended to upgrade to versions 10.1.0, 9.18.0 or 8.16.0, which fix this issue...

9.8CVSS10AI score0.02127EPSS
Exploits0References4
OSV
OSV
•added 2024/06/28 3:28 p.m.•44 views

GO-2024-2483 Grafana XSS via adding a link in General feature in github.com/grafana/grafana

Grafana XSS via adding a link in General feature in github.com/grafana/grafana...

6.1CVSS5.8AI score0.01192EPSS
Exploits1References5
OSV
OSV
•added 2024/06/28 12:15 p.m.•44 views

CVE-2024-5737

Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default text/html is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0...

6.1CVSS5.8AI score0.01515EPSS
Exploits3References5
OSV
OSV
•added 2024/06/25 2:15 p.m.•44 views

CVE-2024-32111

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Automattic WordPress allows Relative Path Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6,...

5CVSS6.7AI score0.00434EPSS
Exploits0References4Affected Software1
OSV
OSV
•added 2024/06/25 12:57 p.m.•44 views

MAL-2024-2937 Malicious code in react-router-dom-v6 (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
•added 2024/06/15 12:0 a.m.•44 views

OPENSUSE-SU-2024:10344-1 apache2-mod_php5-5.6.28-1.1 on GA media

These are all security issues fixed in the apache2-modphp5-5.6.28-1.1 package on the GA media of openSUSE Tumbleweed...

10CVSS9.2AI score0.99998EPSS
Exploits181References71
OSV
OSV
•added 2024/06/14 2:0 p.m.•44 views

RLSA-2024:2910 Important: nodejs security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of servi...

7.5CVSS7AI score0.87211EPSS
Exploits2References6
OSV
OSV
•added 2024/06/14 1:41 p.m.•44 views

GO-2024-2903 Contract balance not updating correctly after interchain transaction in github.com/evmos/evmos

Contract balance not updating correctly after interchain transaction in github.com/evmos/evmos...

7.5CVSS7.4AI score0.00618EPSS
Exploits1References3
OSV
OSV
•added 2024/06/06 7:17 a.m.•44 views

BIT-ENVOY-2024-34364 Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response

Envoy is a cloud-native, open source edge and service proxy. Envoy exposed an out-of-memory OOM vector from the mirror response, since async HTTP client will buffer the response with an unbounded buffer...

6.5CVSS6.2AI score0.00467EPSS
Exploits1References2
OSV
OSV
•added 2024/05/14 10:25 p.m.•44 views

GHSA-JV32-5578-PXJC Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins

Today we are releasing Grafana 9.2. Alongside with new features and other bug fixes, this release includes a Moderate severity security fix for CVE-2022-31130 We are also releasing security patches for Grafana 9.1.8 and Grafana 8.5.14 to fix these issues. Release 9.2, latest release, also...

6.9CVSS7.6AI score0.00964EPSS
Exploits0References6
OSV
OSV
•added 2024/05/10 2:32 p.m.•44 views

RLSA-2024:1427 Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS8.8AI score0.01017EPSS
Exploits0References1
Total number of security vulnerabilities5000