Lucene search
K

475 matches found

NVD
NVD
added yesterday4 views

CVE-2026-38976

mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in opsuper / OPSUPER due to a missing runtime guard for top-level super...

Exploits0References3
CVE
CVE
added yesterday4 views

CVE-2026-38976

CVE-2026-38976 affects mrubyc up to version 3.4.1 and describes a NULL pointer dereference in src/vm.c within op_super() / OP_SUPER caused by a missing runtime guard for top-level super. The connected documents confirm the vulnerability detail but do not provide exploitation steps, specific explo...

5.9AI score
Exploits0References3
CVE
CVE
added yesterday6 views

CVE-2026-38973

The CVE-2026-38973 entry concerns mrubyc up to release 3.4.1, where an out-of-bounds read occurs in the built-in missing-method lookup inside the function mrbc_find_method(). Affected product/portion: mrubyc’s runtime/method lookup logic. Root cause: out-of-bounds read in the missing-method table...

5.9AI score
Exploits0References3
Patchstack
Patchstack
added 2026/06/30 9:52 a.m.9 views

WordPress Ajax Load More - Filters plugin <= 3.4.1 - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting vulnerability

WordPress Ajax Load More - Filters plugin = 3.4.1 - Filters = 3.4.1 - Unauthenticated Stored Cross-Site Scripting vulnerability discovered by jonathan dunn in WordPress Plugin Ajax Load More - Filters versions = 3.4.1...

7.2CVSS5.8AI score0.00261EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 9:31 a.m.5 views

CVE-2026-8141

The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomyincludechildren' parameter in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

7.2CVSS5.9AI score0.00261EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in twitter-bootstrap3

Improper neutralization of input during web page generation XSS or “cross-site scripting” vulnerability in Bootstrap allows cross-site scripting. This issue affects Bootstrap: from version 3.4.1 to 4.0.0...

5.6CVSS5.7AI score0.00259EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 8:16 p.m.8 views

CVE-2026-50883

An HTML injection vulnerability in the /src/highlight.rs component of matze wastebin v3.4.1 allows attackers to execute arbitrary scripts via a crafted payload...

9.6CVSS0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.30 views

CVE-2026-50883

An HTML injection vulnerability in the /src/highlight.rs component of matze wastebin v3.4.1 allows attackers to execute arbitrary scripts via a crafted payload...

0.00374EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.17 views

CVE-2026-50883

CVE-2026-50883 refers to an HTML injection in the matze wastebin project (v3.4.1) affecting the internal component /src/highlight.rs . The root cause is not explicitly detailed beyond mention of HTML injection via a crafted payload, leading to arbitrary script execution. The vulnerability is rate...

9.6CVSS5.8AI score0.00374EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49324

Name of the Vulnerable Software and Affected Versions matze wastebin version 3.4.1 Description An HTML injection issue in the /src/highlight.rs component allows attackers to execute arbitrary scripts using a crafted payload. HTML injection is a process where an attacker inserts malicious HTML cod...

9.6CVSS6.2AI score0.00374EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/08 5:52 p.m.15 views

Important: Red Hat Security Advisory: Red Hat AI Inference 3.4.1 (cuda)

Red Hat AI Inference 3.4.1 cuda is now available. Red Hat AI Inference...

8.9CVSS5.4AI score0.0068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/08 5:51 p.m.13 views

Important: Red Hat Security Advisory: Red Hat AI Inference Model Optimization Tools 3.4.1 (cuda)

Red Hat AI Inference Model Optimization Tools 3.4.1 cuda is now available. Red Hat AI Inference Model Optimization Tools...

8.9CVSS5.4AI score0.0068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/08 5:51 p.m.11 views

Important: Red Hat Security Advisory: Red Hat AI Inference 3.4.1 (spyre)

Red Hat AI Inference 3.4.1 spyre is now available. Red Hat AI Inference...

8.9CVSS5.4AI score0.0068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/08 5:50 p.m.14 views

Important: Red Hat Security Advisory: Red Hat AI Inference 3.4.1 (cpu)

Red Hat AI Inference 3.4.1 cpu is now available. Red Hat AI Inference...

8.9CVSS5.4AI score0.0068EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.9 views

CVE-2026-7782

A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients::project of the file application/controllers/Clients.php of the component Tenant Handler. The manipulation of the argument ID results in authorization bypass. The attack may be performed from...

6.5CVSS6.2AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-23902

Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution. This issue affects Apache DolphinScheduler versions prior to 3.4.1. Users are recommended to...

8.1CVSS5.5AI score0.00446EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libarchive

In libarchive versions 3.4.1 through 3.5.1, there is a use-after-free in the copystring function called from douncompressblock and processblock...

6.5CVSS7AI score0.02845EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/15 9:35 a.m.161 views

Exploit for CVE-2026-8181

EN: Controlled PoC and brief technical notes for authorized secu...

9.8CVSS5.7AI score0.14608EPSS
Exploits10
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

CodeCanyon Perfex CRM 授权问题漏洞

CodeCanyon Perfex CRM is a self-hosted customer relationship management software developed by CodeCanyon. Versions of CodeCanyon Perfex CRM 3.4.1 and earlier contained an authorization vulnerability. This vulnerability stemmed from the operation of the parameter ID in the function Clients::projec...

6.5CVSS6.6AI score0.00211EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/24 12:30 p.m.8 views

Incorrect Authorization

Overview org.apache.dolphinscheduler:dolphinscheduler-dao is an A visual DAG workflow scheduling system, dedicated to solving the complex dependencies in data processing. Affected versions of this package are vulnerable to Incorrect Authorization during workflow execution. An attacker can gain...

8.6CVSS5.8AI score0.00446EPSS
Exploits0References2
Rows per page
Query Builder