Filters
rubygems/cgiCGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affe…
7.5
First published (updated )
Ruby-lang DateDate.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service…
7.5
First published (updated )
Suse Arpwatcharpwatch: Local privilege escalation from runtime user to root
7.8
First published (updated )
Python-hyperkitty Project Python-hyperkittypython-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root
7.8
First published (updated )
Opensuse Inninn: %post calls user owned file allowing local privilege escalation to root
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Opensuse Python-postoriuspython-postorius: postorius-permissions.sh used during %post allows local privilege escalation from postorius user to root
7.8
First published (updated )
Suse Cupscups: ownership of /var/log/cups allows the lp user to create files as root
3.3
First published (updated )
ubuntu/connmangdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack inf…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Google ChromeHeap buffer overflow in UI on Windows
9.6
First published (updated )
Google ChromeGoogle Chromium V8 Type Confusion Vulnerability
First published (updated )
Samba SambaNull Pointer Dereference, Input Validation
5.5
First published (updated )
openSUSE LeapAn issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of servi…
7.8
First published (updated )
openSUSE LeapAn issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a den…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle JDKAn unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenti…
3.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/javaAn unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenti…
3.1
First published (updated )
redhat/javaAn unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenti…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/javaAn unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated…
4.3
First published (updated )
redhat/javaAn unspecified vulnerability in Java SE related to the Serialization component could allow an unauth…
4.3
First published (updated )
PowerDNS RecursorAn issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3…
7.5
First published (updated )
Google ChromeInsufficient policy enforcement in ANGLE
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE LeapPath traversal and files overwrite with unsquashfs
9.3
First published (updated )
openSUSE Backports SLEIn kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send craf…
5.5
First published (updated )
Zabbix ZabbixZabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary co…
9.8
First published (updated )
ubuntu/wiresharkIn Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector coul…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/wiresharkIn Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. Th…
7.5
First published (updated )
openSUSE Backports SLEA missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an…
5.3
First published (updated )
Canonical Ubuntu LinuxPHP parses encoded cookie names so malicious `__Host-` cookies can be sent
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu LinuxWrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
6.5
First published (updated )
Tigervnc TigervncIn rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS c…
8.1
First published (updated )
Google TensorFlowSegmentation fault in tensorflow-lite
6.5
First published (updated )
Google TensorFlowOut of bounds access in tensorflow-lite
5.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Google TensorFlowNull pointer dereference in tensorflow-lite
5.9
First published (updated )
Google TensorFlowData corruption in tensorflow-lite
9.8
First published (updated )
Google TensorFlowSegfault and data corruption in tensorflow-lite
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.