Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2026/02/27 12:16 p.m.5 views

CVE-2026-24352

PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. The vendor was notified early about this...

9.8CVSS5.8AI score0.00352EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/27 12:16 p.m.6 views

CVE-2026-24351

PluXml CMS is vulnerable to Stored XSS in Static Pages editing functionality. Attacker with editing privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. The vendor was notified early about this vulnerability, but didn't respond with...

5.4CVSS6AI score0.00177EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/27 8:17 a.m.2 views

CVE-2025-9572

n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass...

6.5CVSS5.9AI score0.00348EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/02/27 12:16 a.m.2 views

CVE-2026-2597

Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function randombytes. The function does not validate that the length parameter is non-negative. If a negative value e.g. -1 is supplied, the expression length + 1u causes an integer wraparound,...

7.5CVSS5.9AI score0.00295EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.5 views

CVE-2025-40932

Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will...

8.2CVSS5.8AI score0.002EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.6 views

CVE-2021-4456

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker ma...

6.5CVSS5.8AI score0.00322EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.5 views

CVE-2026-3281

A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now publ...

7.8CVSS5.9AI score0.00243EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.9 views

CVE-2026-3283

A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulation of the argument extractband leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed to th...

7.1CVSS5.2AI score0.0022EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.4 views

CVE-2026-3282

A flaw has been found in libvips 8.19.0. This vulnerability affects the function vipsunpremultiplybuild of the file libvips/conversion/unpremultiply.c. Executing a manipulation of the argument alphaband can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

7.1CVSS5.4AI score0.0022EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.3 views

CVE-2026-3284

A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...

5.5CVSS5.6AI score0.00214EPSS
Exploits2References9
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.3 views

CVE-2026-28370

In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and further compromise...

9.1CVSS7.2AI score0.00763EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.7 views

CVE-2026-28364

In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...

7.9CVSS6.6AI score0.0021EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.6 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS7.2AI score0.00373EPSS
Exploits4References5
UbuntuCve
UbuntuCve
added 2026/02/26 9:28 p.m.4 views

CVE-2026-22206

SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Attackers can exploit this SQL injection flaw combined with PHP tag processing to achieve remote cod...

8.8CVSS6.4AI score0.00561EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/26 9:28 p.m.4 views

CVE-2026-22205

SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to bypass login verification and retrieve sensitive...

8.7CVSS5.9AI score0.00468EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/26 8:31 p.m.4 views

CVE-2026-27141

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...

7.5CVSS7.1AI score0.00501EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/02/26 4:24 p.m.4 views

CVE-2026-28296

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...

4.3CVSS7.3AI score0.0036EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2026/02/26 4:24 p.m.4 views

CVE-2026-28295

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

4.3CVSS5.9AI score0.00186EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/26 11:16 a.m.3 views

CVE-2025-64999

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS5.9AI score0.00141EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/02/26 2:16 a.m.4 views

CVE-2026-27942

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

7.5CVSS5.9AI score0.00478EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/26 2:16 a.m.2 views

CVE-2026-27970

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Versions prior to 21.2.0, 21.1.16, 20.3.17, and 19.2.19 have a cross-Site scripting vulnerability in the Angular internationalization i18n pipeline. In ICU messages...

7.6CVSS7.7AI score0.00466EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.5 views

CVE-2026-27830

c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...

8.9CVSS6.2AI score0.00534EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.4 views

CVE-2026-27798

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability occurs when processing an image with small dimension using the -wavelet-denoise operator. Versions 7.1.2-15 and 6.9.13-40...

7.1CVSS6AI score0.00137EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.5 views

CVE-2026-27799

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride ro...

4.4CVSS6AI score0.00123EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.5 views

CVE-2026-27903

minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, matchOne performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent GLOBSTAR...

7.5CVSS5.9AI score0.00517EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.1 views

CVE-2026-27904

minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested extglobs produce regexps with nested unbounded quantifiers e.g. ?:?:a|b, which exhibit catastrophic...

7.5CVSS5.9AI score0.00472EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.6 views

CVE-2026-27809

psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...

9.1CVSS5.9AI score0.0041EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.4 views

CVE-2026-27837

Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 contain an incomplete fix for CVE-2023-26132. The prototype pollution guard introduced in commit 7d3aee1 only validates the first segment of a dot-separated path, allowing an attacker to bypass the...

9.8CVSS5.8AI score0.00303EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.3 views

CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

8.7CVSS6AI score0.00272EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/26 12:0 a.m.6 views

CVE-2026-27888

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the xfa property of a reader or writer and the corresponding stream being compressed using /FlateDecode...

8.7CVSS5.7AI score0.00348EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2026/02/25 10:16 p.m.5 views

CVE-2026-27951

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...

7.5CVSS5.9AI score0.00346EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/02/25 10:16 p.m.3 views

CVE-2026-26986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

7.5CVSS5.9AI score0.00476EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2026/02/25 10:16 p.m.4 views

CVE-2026-27950

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...

7.5CVSS6.1AI score0.00427EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.4 views

CVE-2026-2845

An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...

6.5CVSS5.8AI score0.00255EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.3 views

CVE-2026-25959

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

9.8CVSS5.8AI score0.00567EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.4 views

CVE-2026-3172

Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server...

8.1CVSS5.9AI score0.00263EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.7 views

CVE-2026-1747

GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...

4.3CVSS5.9AI score0.00229EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.2 views

CVE-2026-0752

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that under certain circumstances, could have allowed an unauthenticated user to inject arbitrary scripts into the Mermaid sandbox UI...

8CVSS5.9AI score0.00309EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.1 views

CVE-2026-27015

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in smartcardunpackreadsizealign libfreerdp/utils/smartcardpack.c:1703 allows a malicious RDP server to crash the FreeRDP client via a reachable WINPRASSERT → abort. The crash occurs in...

6.5CVSS5.8AI score0.00256EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.3 views

CVE-2025-14511

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted files to the container registry event endpoint under...

7.5CVSS5.9AI score0.00357EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.4 views

CVE-2026-25953

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...

9.8CVSS5.8AI score0.00587EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.1 views

CVE-2026-25997

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfclipboardformatequal reads freed lastSentFormats memory because xfclipboardformatsfree called from the cliprdr channel thread during auto-reconnect frees the array while the X11 event thread concurrently...

9.8CVSS5.8AI score0.00567EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.3 views

CVE-2026-1725

GitLab has remediated an issue in GitLab CE/EE affecting versions from 18.9 before 18.9.1 that could have under certain conditions, allowed an unauthenticated user to cause denial of service by sending specially crafted requests to a CI jobs API endpoint...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.3 views

CVE-2026-25955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...

9.8CVSS5.8AI score0.00498EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.0 views

CVE-2026-25954

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverlocalmovesize dereferences a freed xfAppWindow pointer because xfrailgetwindow returns an unprotected pointer from the railWindows hash table, and the main thread can concurrently delete the wind...

7.5CVSS5.8AI score0.00486EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.4 views

CVE-2026-1662

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause Denial of Service by sending specially crafted requests to the Jira events endpoint...

7.5CVSS5.9AI score0.00357EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.5 views

CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

9.8CVSS5.8AI score0.00599EPSS
Exploits1References12
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.2 views

CVE-2026-25942

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexes the global errorcodenames array 7 elements, indices 0–6 with an unchecked execResult-execResult value received from the server, allowing an out-of-bounds read when the serve...

7.5CVSS5.8AI score0.00454EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.6 views

CVE-2026-26271

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in freerdpimagecopyfromicondata libfreerdp/codec/color.c can be triggered by crafted RDP Window Icon TSICONINFO data. The bug is reachable over the network when a client processes icon data...

6.9CVSS6AI score0.00242EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.2 views

CVE-2026-26955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...

8.8CVSS6AI score0.00537EPSS
Exploits1References3
Total number of security vulnerabilities68528