Lucene search
+L

40718 matches found

Nuclei
Nuclei
added 16 hours ago122 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/takeaction.php?id=. id: CVE-2022-31984 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

7.2CVSS7.6AI score0.04863EPSS
Exploits1References3
Nuclei
Nuclei
added 16 hours ago50 views

XWiki >= 2.5-milestone-2 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the resubmit template to perform a XSS, e.g. by using URL such as:...

9.6CVSS6.1AI score0.02268EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2 days ago5 views

CVE-2026-46252 affecting package kernel for versions less than 6.6.144.1-1

CVE-2026-46252 affecting package kernel for versions less than 6.6.144.1-1. A patched version of the package is available...

5.5CVSS5.3AI score0.00091EPSS
Exploits0
CBLMariner
CBLMariner
added 2 days ago4 views

CVE-2026-53163 affecting package kernel for versions less than 6.6.144.1-1

CVE-2026-53163 affecting package kernel for versions less than 6.6.144.1-1. An upgraded version of the package is available that resolves this issue...

5.5CVSS5.2AI score0.00128EPSS
Exploits0
CBLMariner
CBLMariner
added 2 days ago4 views

CVE-2026-53167 affecting package kernel for versions less than 6.6.144.1-1

CVE-2026-53167 affecting package kernel for versions less than 6.6.144.1-1. A patched version of the package is available...

5.5CVSS5.2AI score0.00122EPSS
Exploits0
CBLMariner
CBLMariner
added 2 days ago7 views

CVE-2026-53325 affecting package kernel for versions less than 6.6.144.1-1

CVE-2026-53325 affecting package kernel for versions less than 6.6.144.1-1. An upgraded version of the package is available that resolves this issue...

5.5CVSS5.2AI score0.00122EPSS
Exploits0
CBLMariner
CBLMariner
added 2 days ago3 views

CVE-2026-53151 affecting package kernel for versions less than 6.6.144.1-1

CVE-2026-53151 affecting package kernel for versions less than 6.6.144.1-1. An upgraded version of the package is available that resolves this issue...

9.8CVSS5.2AI score0.00497EPSS
Exploits0
CBLMariner
CBLMariner
added 2 days ago4 views

CVE-2026-53361 affecting package kernel for versions less than 6.6.144.1-1

CVE-2026-53361 affecting package kernel for versions less than 6.6.144.1-1. An upgraded version of the package is available that resolves this issue...

7.1CVSS5.2AI score0.0012EPSS
Exploits0
CVE
CVE
added 2 days ago8 views

CVE-2026-62209

OpenClaw 2026.5.10-beta.1 before 2026.6.5 contains an authorization bypass in the ClickClack agent-mode dispatch feature. When enabled and reachable, a lower-trust caller or configured input path could bypass the required policy checks (toolsAllow), allowing actions that should require stronger a...

8.1CVSS6.1AI score0.00221EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-59886

A remote attacker can exploit this by providing specially crafted BER/CER/DER-encoded ASN.1 data with a large exponent in the REAL value. When the application subsequently prints, logs, compares, or performs arithmetic on the decoded value, this can cause excessive CPU and memory consumption,...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References6
Fedora
Fedora
added 3 days ago13 views

[SECURITY] Fedora 43 Update: xrdp-0.10.6.1-1.fc43

xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...

6.1AI score
Exploits0
Fedora
Fedora
added 3 days ago17 views

[SECURITY] Fedora 44 Update: firefox-152.0.6-1.fc44

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 3 days ago8 views

Ubuntu 14.04 LTS / Pro FIPS 16.04 LTS : Linux kernel vulnerabilities (USN-8548-1)

"The remote Ubuntu 14.04 LTS / Pro FIPS 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8548-1 advisory. It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer...

9.8CVSS7.3AI score0.00591EPSS
Exploits11References21
OSV
OSV
added 5 days ago3 views

CVE-2026-59885 pyasn1: Quadratic complexity in OBJECT IDENTIFIER and RELATIVE-OID processing allows denial of service

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER, CER, and DER decoders process OBJECT IDENTIFIER and RELATIVE-OID values in quadratic time relative to the number of arcs, so a small crafted payload containing an OID with many arcs consumes excessive CPU per decode call and c...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2026:38995)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:38995 advisory. golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 crypto/x509: golang:...

9.6CVSS5.8AI score0.00939EPSS
Exploits0References5
Fedora
Fedora
added 6 days ago12 views

[SECURITY] Fedora 43 Update: attr-2.6.0-1.fc43

A set of tools for manipulating extended attributes on filesystem objects, in particular getfattr1 and setfattr1. An attr1 command is also provided which is largely compatible with the SGI IRIX tool of the same name...

8.4CVSS6.1AI score0.00136EPSS
Exploits0
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-59665

Impact A Python operator precedence bug in pyzipper/zipfile aes.py caused the AE-2 format to never be automatically selected during encryption, regardless of file size or compression type. As a result, all encrypted entries are written in AE-1 format unless AE-2 is explicitly forced by the caller...

6.2CVSS6.1AI score0.00085EPSS
Exploits0References7
Debian
Debian
added 2026/07/12 3:40 a.m.10 views

[SECURITY] [DSA 6387-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6387-1 [email protected] https://www.debian.org/security/ Andres Salomon July 11, 2026 https://www.debian.org/security/faq -...

9.6CVSS6.3AI score0.00306EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/10 8:21 p.m.32 views

CVE-2026-57218 RabbitMQ: AMQP 0-9-1 in combination with OAuth 2: consumer persistence can lead to post-revocation message disclosure

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.updatesecret refresh to reduced scopes because existing consumers are not canceled or reauthorized at delivery time after...

4.9CVSS0.00321EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:58 a.m.5 views

CVE-2026-21052

Path traversal in SemClipboardService prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system privilege...

6.8CVSS5.9AI score0.00131EPSS
Exploits0References2
Rows per page
Query Builder