VIR Vulnerability Intelligence Relay

Search

Found 18,495 results in 1859ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-28490 unknown FIX slesdebian debian 3mo ago Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning…
CVE-2026-27962 unknown FIX slesdebian debian 3mo ago Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a JWK Header Injection vulnerability in authlib's JWS implementation allows an unauthenticated attac…
CVE-2026-27448 unknown FIX slesdebian debianubuntu ubuntu 3mo ago pyOpenSSL vulnerability
CVE-2026-4174 low 3.3 3.3 FIX debian debian 3mo ago A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk_exports_trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation lea…
CVE-2026-32635 critical 9.0 9.0 debian debian angular 3mo ago Angular vulnerable to XSS in i18n attribute bindings
CVE-2026-32640 unknown FIX debian debianubuntu ubuntu 3mo ago SimpleEval vulnerability
CVE-2026-32746 critical 9.8 10.0 EXPFIX debian debian sles gnu 3mo ago telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.
CVE-2026-23941 critical 9.4 9.4 FIX debian debian sles erlang 3mo ago Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is associated with program …
CVE-2026-3910 unknown 1.5 KEVFIX debian debian 3mo ago Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
CVE-2026-3909 unknown 1.5 KEVFIX debian debian 3mo ago Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1289 unknown FIX slesdebian debian 3mo ago A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file …
CVE-2026-28356 unknown FIX debian debianubuntu ubuntu 3mo ago multipart vulnerability
CVE-2025-13462 critical 9.8 9.8 FIX slesdebian debian python 3mo ago The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result i…
CVE-2026-30937 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a 32-bit unsigned integer overflow in the XWD (X Windows) enco…
CVE-2026-30936 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside…
CVE-2026-30935 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, BilateralBlurImage contains a heap buffer over-read caused by an incorrect c…
CVE-2026-30931 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, a heap-based buffer overflow in the UHDR encoder can happen due to truncatio…
CVE-2026-30929 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MagnifyImage uses a fixed-size stack buffer. When using a spec…
CVE-2026-28693 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds r…
CVE-2026-28691 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in t…
CVE-2026-28690 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encode…
CVE-2026-28688 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder,…
CVE-2026-28687 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decod…
CVE-2026-28686 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, A heap-buffer-overflow vulnerability exists in the PCL encode …
CVE-2026-28494 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology ker…
CVE-2026-28493 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerabil…
CVE-2026-26284 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huf…
CVE-2026-25986 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability exists in ReadYUVIm…
CVE-2026-25982 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the `coders/…
CVE-2026-25971 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs…
CVE-2026-25970 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL…
CVE-2026-25968 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribut…
CVE-2026-3950 low 3.3 3.3 FIX debian debian sles 3mo ago A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to o…
CVE-2026-3949 low 3.3 3.3 debian debian sles 3mo ago A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdec_push_data2 of the file libheif/plugins/decoder_vvdec.cc of the component HEIF File Parser. Executing…
CVE-2026-31853 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems can cause a crash in the SFW decoder when…
CVE-2026-30883 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overfl…
CVE-2026-28692 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesi…
CVE-2026-28689 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain="path" authorization is checked before final file open/…
CVE-2026-23907 unknown debian debian sles 3mo ago Apache PDFBox has Path Traversal through PDComplexFileSpecification.getFilename() function
CVE-2026-30930 critical 9.8 9.8 FIX debian debian nicolargo 3mo ago Glances has SQL Injection via Process Names in TimescaleDB Export
CVE-2026-23240 critical 9.8 9.8 FIX slesdebian debian linux-kernel 3mo ago In the Linux kernel, the following vulnerability has been resolved: tls: Fix race condition in tls_sw_cancel_work_tx() This issue was discovered during a code audit. After cancel_delayed_work_sync…
CVE-2026-0846 unknown FIX debian debianubuntu ubuntu 3mo ago NLTK vulnerabilities
CVE-2026-24308 unknown FIX debian debian 3mo ago Apache ZooKeeper has improper handling of configuration values
CVE-2026-24281 unknown FIX debian debian 3mo ago Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager
CVE-2026-27142 unknown FIX debian debian sles google 3mo ago Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG set…
CVE-2026-27139 unknown FIX debian debian sles google 3mo ago On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impac…
CVE-2026-27138 unknown FIX debian debian sles 3mo ago Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the chain has excluded name constraints. This can crash programs that are either di…
CVE-2025-11143 low 2.5 FIX debian debian sles 3mo ago org.eclipse.jetty:jetty-http has different parsing of invalid URIs
CVE-2026-1605 unknown FIX debian debian 3mo ago The Eclipse Jetty Server Artifact has a Gzip request memory leak
CVE-2026-0848 unknown FIX slesdebian debianubuntu ubuntu 3mo ago NLTK vulnerabilities
CVE-2026-27982 unknown FIX debian debian 3mo ago django-allauth has an open redirect vulnerability
CVE-2026-27820 critical 9.8 9.8 slesdebian debian ruby-lang 3mo ago Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption
CVE-2026-29062 unknown FIX debian debian 3mo ago jackson-core has Nesting Depth Constraint Bypass in `UTF8DataInputJsonParser` potentially allowing Resource Exhaustion
CVE-2026-28802 unknown FIX debian debian 3mo ago Authlib is a Python library which builds OAuth and OpenID Connect servers. From version 1.6.5 to before version 1.6.7, previous tests involving passing a malicious JWT containing alg: none and an emp…
CVE-2026-3351 unknown FIX debian debian 3mo ago Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd se…
CVE-2025-66168 unknown debian debian 3mo ago Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound
CVE-2026-0540 unknown FIX debian debian 3mo ago DOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in commit 2726c74, contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting five …
CVE-2025-15599 unknown FIX debian debian 3mo ago DOMPurify 3.1.3 through 3.2.6 and 2.5.3 through 2.5.8 contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting missing textarea rawtext elemen…
CVE-2026-25674 unknown FIX slesdebian debian 3mo ago An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file s…
CVE-2026-25673 unknown FIX slesdebian debian 3mo ago An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. `URLField.to_python()` in Django calls `urllib.parse.urlsplit()`, which performs NFKC normalization on Windows t…
CVE-2026-27932 unknown FIX debian debian 3mo ago joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows…
CVE-2026-21619 unknown FIX debian debian 3mo ago Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Obje…
CVE-2026-27141 unknown FIX debian debian sles 3mo ago Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
CVE-2026-27799 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image…
CVE-2026-27798 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability occurs when processing a…
CVE-2026-27830 unknown debian debian sles 3mo ago c3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString property
CVE-2026-2786 critical 9.8 9.8 FIX rocky rheldebian debian mozilla 3mo ago Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-27571 unknown FIX debian debian 3mo ago NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated comp…
CVE-2026-26983 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid `<map>` …
CVE-2026-26283 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a `continue` statement in the JPEG extent binary search loop i…
CVE-2026-26066 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infin…
CVE-2026-25989 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-on…
CVE-2026-25988 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image i…
CVE-2026-25987 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image …
CVE-2026-25985 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes Imag…
CVE-2026-25983 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The opera…
CVE-2026-25969 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a…
CVE-2026-25967 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A …
CVE-2026-25966 unknown FIX debian debian sles 3mo ago ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard s…
CVE-2026-25965 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25898 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25897 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25799 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25798 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25797 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25796 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25795 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25794 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25638 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25637 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-25576 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-24485 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-24484 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-24481 unknown FIX debian debian slesubuntu ubuntu 3mo ago ImageMagick vulnerabilities
CVE-2026-26198 unknown FIX debian debian 3mo ago Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate queries, Ormar ORM constructs SQL expressions by passing user-supplied column names directly into `sq…
CVE-2026-2968 low 3.7 3.7 FIX debian debian cesanta 4mo ago A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of the component Poly1305 Authentication Tag Handle…
CVE-2026-2967 low 3.7 3.7 FIX debian debian cesanta 4mo ago A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulat…
CVE-2026-2966 low 3.7 3.7 FIX debian debian cesanta 4mo ago A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipu…
CVE-2026-2903 low 3.3 3.3 FIX slesdebian debian 4mo ago A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack ca…
CVE-2026-2889 low 3.3 3.3 debian debian 4mo ago A vulnerability was detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the library src/lib_ccx/mp4.c. Performing a manipulation results in use after free. The attack is only…