Lucene search
+L

1097 matches found

NVD
NVD
added 2026/07/03 3:16 p.m.9 views

CVE-2026-14459

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...

8.8CVSS0.00198EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/07/03 2:14 p.m.39 views

CVE-2026-14460 Missing Authorization in TUBITAK BILGEM's pardus-software

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...

8.8CVSS0.00163EPSS
Exploits1References1
EUVD
EUVD
added 2026/07/03 2:14 p.m.13 views

EUVD-2026-41552

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...

8.8CVSS5.9AI score0.00163EPSS
Exploits1References1
CVE
CVE
added 2026/07/03 2:14 p.m.24 views

CVE-2026-14460

CVE-2026-14460 concerns pardus-software from TUBITAK BILGEM Software Technologies Research Institute. The vulnerability is described as a Missing Authorization flaw that allows Argument Injection in pardus-software versions up to and including 1.0.4, with 1.0.5 or later as the fixed release. Affe...

8.8CVSS5.9AI score0.00163EPSS
Exploits1References1
EUVD
EUVD
added 2026/07/03 2:9 p.m.7 views

EUVD-2026-41550

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...

8.8CVSS5.9AI score0.00198EPSS
Exploits1References1
CVE
CVE
added 2026/07/03 2:9 p.m.24 views

CVE-2026-14459

Vulnerability: TUBITAK BILGEM pardus-software suffers an argument injection due to improper neutralization of command delimiters. Affects pardus-software

8.8CVSS5.9AI score0.00198EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/07/03 2:9 p.m.39 views

CVE-2026-14459 Argument Injection in TUBITAK BILGEM's pardus-software

Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...

8.8CVSS0.00198EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.16 views

PT-2026-55542

Name of the Vulnerable Software and Affected Versions pardus-software versions prior to 1.0.5 Description Improper neutralization of argument delimiters in a command allows for argument injection. This occurs when the software fails to properly sanitize input used as command-line arguments,...

8.8CVSS6AI score0.00198EPSS
Exploits1References6
NVD
NVD
added 2026/06/23 1:16 p.m.14 views

CVE-2026-56315

picklescan before 1.0.4 fails to block at least seven Python standard library modules including uuid, osxsupport, aixsupport, pyrepl.pager, and imaplib exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files importing these unblocked...

9.8CVSS0.00757EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 6:35 p.m.9 views

GHSA-4MPJ-78P6-RJ59 Duplicate Advisory: PickleScan's profile.run blocklist mismatch allows exec() bypass

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7wx9-6375-f5wh. This link is maintained to preserve external references. Original Description picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level...

9.8CVSS6.3AI score0.0046EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37650

Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...

9.9CVSS5.2AI score0.00465EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.10 views

CVE-2026-22327

Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...

9.9CVSS0.00465EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.34 views

CVE-2026-22327 WordPress Restaurt theme <= 1.0.4 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...

9.9CVSS0.00465EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.12 views

CVE-2026-22327

CVE-2026-22327 : WordPress Restaurt theme

9.9CVSS5.2AI score0.00465EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2025-210158

Administrator Server Side Request Forgery SSRF in PopAd = 1.0.4 versions...

4.4CVSS5.2AI score0.00168EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2025-60175

Administrator Server Side Request Forgery SSRF in PopAd = 1.0.4 versions...

4.4CVSS0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49348

Administrator Server Side Request Forgery SSRF in PopAd = 1.0.4 versions...

4.4CVSS5.2AI score0.00168EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 7:16 p.m.10 views

CVE-2026-47177

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...

5.7CVSS0.00251EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 6:30 p.m.11 views

EUVD-2026-36277

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...

5.7CVSS5.4AI score0.00251EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 6:30 p.m.10 views

CVE-2026-47177 Quest Bot: Ticket transcripts can disclose private ticket contents to a lower-visibility channel

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...

5.7CVSS5.4AI score0.00251EPSS
Exploits0References2
Rows per page
Query Builder