24h | 7d | 30d

Overview

  • time-rs
  • time

06 Feb 2026
Published
06 Feb 2026
Updated

CVSS v4.0
MEDIUM (6.8)
EPSS
0.04%

KEV

Description

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary, non-malicious input will never encounter this scenario. A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned rather than exhausting the stack.

Statistics

  • 1 Post

Last activity: 16 hours ago

Bluesky

Profile picture fallback
🚨 URGENT: #SUSE Linux 15 SP7 snpguest update (2026-0620-1) is out! Patches critical CVE-2026-25727 (stack exhaustion) & CVE-2025-3416 (Use-After-Free). Update to v0.10.0 NOW to secure your SEV-SNP workloads. Read more:👉 tinyurl.com/27pwz3pr #Security
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Google
  • Chrome

23 Feb 2026
Published
25 Feb 2026
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 1 Post

Last activity: 13 hours ago

Bluesky

Profile picture fallback
Critical Chromium security update for #openSUSE users (Backports SLE-15-SP6). The update addresses CVE-2026-3061 and CVE-2026-3062, which are out-of-bounds memory flaws that could compromise your system. Read more: 👉 tinyurl.com/yc2fxs5u #Security
  • 0
  • 0
  • 0
  • 13h ago

Overview

  • Red Hat
  • Red Hat Directory Server 11
  • rust-openssl

08 Apr 2025
Published
15 Nov 2025
Updated

CVSS
Pending
EPSS
0.45%

KEV

Description

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.

Statistics

  • 1 Post

Last activity: 16 hours ago

Bluesky

Profile picture fallback
🚨 URGENT: #SUSE Linux 15 SP7 snpguest update (2026-0620-1) is out! Patches critical CVE-2026-25727 (stack exhaustion) & CVE-2025-3416 (Use-After-Free). Update to v0.10.0 NOW to secure your SEV-SNP workloads. Read more:👉 tinyurl.com/27pwz3pr #Security
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Google
  • Chrome

23 Feb 2026
Published
25 Feb 2026
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 1 Post

Last activity: 13 hours ago

Bluesky

Profile picture fallback
Critical Chromium security update for #openSUSE users (Backports SLE-15-SP6). The update addresses CVE-2026-3061 and CVE-2026-3062, which are out-of-bounds memory flaws that could compromise your system. Read more: 👉 tinyurl.com/yc2fxs5u #Security
  • 0
  • 0
  • 0
  • 13h ago

Overview

  • VMware vCenter Server

18 Jun 2024
Published
24 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
22.42%

KEV

Description

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

Statistics

  • 1 Post
  • 3 Interactions

Last activity: 21 hours ago

Fediverse

Profile picture fallback
  • 1
  • 2
  • 0
  • 21h ago

Overview

  • VMware vCenter Server

18 Jun 2024
Published
24 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
82.96%

Description

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

Statistics

  • 1 Post
  • 3 Interactions

Last activity: 21 hours ago

Fediverse

Profile picture fallback
  • 1
  • 2
  • 0
  • 21h ago

Overview

  • VMware vCenter Server

18 Jun 2024
Published
02 Aug 2024
Updated

CVSS v3.1
HIGH (7.8)
EPSS
48.35%

KEV

Description

The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.

Statistics

  • 1 Post
  • 3 Interactions

Last activity: 21 hours ago

Fediverse

Profile picture fallback
  • 1
  • 2
  • 0
  • 21h ago

Overview

  • SolarWinds
  • Serv-U

24 Feb 2026
Published
25 Feb 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.02%

KEV

Description

An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.

Statistics

  • 1 Post

Last activity: 7 hours ago

Fediverse

Profile picture fallback

latest SolarWinds CVEs.. all critical lmao.. patch patch patch!

CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key

SolarWinds Serv-U 15.5.3 and prior versions

hecate.pw/vulnerabilities?sear

#vulnerability #security #solarwinds

  • 0
  • 0
  • 0
  • 7h ago

Overview

  • SolarWinds
  • Serv-U

24 Feb 2026
Published
25 Feb 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.05%

KEV

Description

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.

Statistics

  • 1 Post

Last activity: 7 hours ago

Fediverse

Profile picture fallback

latest SolarWinds CVEs.. all critical lmao.. patch patch patch!

CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key

SolarWinds Serv-U 15.5.3 and prior versions

hecate.pw/vulnerabilities?sear

#vulnerability #security #solarwinds

  • 0
  • 0
  • 0
  • 7h ago

Overview

  • SolarWinds
  • Serv-U

24 Feb 2026
Published
25 Feb 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.05%

KEV

Description

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.

Statistics

  • 1 Post

Last activity: 7 hours ago

Fediverse

Profile picture fallback

latest SolarWinds CVEs.. all critical lmao.. patch patch patch!

CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key

SolarWinds Serv-U 15.5.3 and prior versions

hecate.pw/vulnerabilities?sear

#vulnerability #security #solarwinds

  • 0
  • 0
  • 0
  • 7h ago
Showing 71 to 80 of 80 CVEs