Lucene search
K

12988 matches found

NVD
NVD
added 2 days ago8 views

CVE-2026-13199

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS0.00114EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-42015

Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects Ontime: through 04052026...

7.5CVSS5.9AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2026/06/27 6:16 a.m.8 views

CVE-2026-13245

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00211EPSS
Exploits0References4
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.4 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: kaf, gitlab-workhorse-ce-fips, kubernetes, argo-workflows, rancher, zarf-fips, omnictl-multiarch-fips, flux-fips, tigera-operator, telegraf, prometheus-operator, kubevela-fips, kyverno-fips, minio-fips, knative-serving, istio, nemo, trivy-operator,...

5.9AI score
Exploits0
CBLMariner
CBLMariner
added 2026/06/24 1:46 a.m.7 views

CVE-2026-9698 affecting package perl-DBI for versions less than 1.643-5

CVE-2026-9698 affecting package perl-DBI for versions less than 1.643-5. A patched version of the package is available...

9.8CVSS5.8AI score0.00376EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/24 1:46 a.m.5 views

CVE-2026-8643 affecting package python-virtualenv for versions less than 20.36.1-5

CVE-2026-8643 affecting package python-virtualenv for versions less than 20.36.1-5. A patched version of the package is available...

8CVSS5.8AI score0.0032EPSS
Exploits0
EUVD
EUVD
added 2026/06/19 7:35 p.m.18 views

EUVD-2026-36540

parse-server: Endpoints /login and /verifyPassword disclose MFA secrets and protected fields when User get is denied...

5.9CVSS5.8AI score0.00251EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens SIPROTEC 5 Small Space of Random Values (CVE-2024-54017)

Affected devices do not use sufficiently random values to create session identifiers. This could allow an unauthenticated remote attacker to brute force a session identifier and gain read access to limited information from the web server without authorization. This plugin only works with...

6.9CVSS7.2AI score0.00306EPSS
Exploits0References6
CVE
CVE
added 2026/06/17 10:12 p.m.32 views

CVE-2024-27928

CVE-2024-27928 (Vantage6) describes a vulnerability in Vantage6 prior to 5.0.0 where an attacker with access to a user’s email can first reset the account password, then reset the 2FA token via email, effectively reducing 2FA to 1FA. This is tied to emails being used as a recovery vector and reli...

5.9CVSS5.2AI score0.00278EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 9:16 p.m.15 views

CVE-2026-53606

ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Versions of sanitize-html prior to 2.17.5 use allowedSchemesAppliedToAttributes default: 'href', 'src', 'cite' to gate the naughtyHref function that blocks...

5.4CVSS0.00136EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/12 2:31 a.m.11 views

SUSE CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5.9CVSS5.4AI score0.00261EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.20 views

PT-2026-48961

Name of the Vulnerable Software and Affected Versions Parse Server versions 9.8.0 through 9.9.1-alpha.4 Description Applications that enable Multi-Factor Authentication MFA and restrict the get permission on the User class via Class-Level Permissions CLP may expose sensitive user data. The issue...

5.9CVSS5.3AI score0.00251EPSS
Exploits0References5
Photon
Photon
added 2026/06/11 12:0 a.m.6 views

Critical Photon OS Security Update - PHSA-2026-5.0-0876

Updates of 'bindutils' packages of Photon OS have been released...

5.3AI score
Exploits0
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

QNAP file station 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems File Station 5 has a security vulnerability that stems from a buffer overflow issue. This vulnerability could allow remote attackers to modify memory after obtaining...

8.7CVSS6.2AI score0.00292EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.21 views

PT-2026-48372

Name of the Vulnerable Software and Affected Versions File Station 5 versions prior to 5.5.6.5208 Description A buffer overflow occurs when a program writes more data to a memory buffer than it can hold, potentially overwriting adjacent memory. A remote attacker with a user account can exploit th...

8.7CVSS5.7AI score0.00292EPSS
Exploits0References7
Wired Threat Level
Wired Threat Level
added 2026/06/09 5:0 p.m.27 views

Anthropic Offers Mythos Upgrade for Cyber Partners and a ‘Safe’ Version for the Rest of You

Anthropic is releasing Claude Mythos 5 to trusted organizations and Claude Fable 5 to the public, a version it says can’t be used for cyberattacks...

5.5AI score
Exploits0
CBLMariner
CBLMariner
added 2026/06/06 2:5 a.m.12 views

CVE-2026-49975 affecting package nginx for versions less than 1.28.3-5

CVE-2026-49975 affecting package nginx for versions less than 1.28.3-5. A patched version of the package is available...

7.5CVSS5.2AI score0.11471EPSS
Exploits8
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.9 views

CVE-2026-7790 affecting package rabbitmq-server for versions less than 3.13.7-5

CVE-2026-7790 affecting package rabbitmq-server for versions less than 3.13.7-5. A patched version of the package is available...

8.7CVSS5.4AI score0.00431EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.11 views

CVE-2026-29181 affecting package ignition-flatcar for versions less than 2.22.0-5

CVE-2026-29181 affecting package ignition-flatcar for versions less than 2.22.0-5. A patched version of the package is available...

7.5CVSS5.4AI score0.00435EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.10 views

CVE-2026-43968 affecting package rabbitmq-server for versions less than 3.13.7-5

CVE-2026-43968 affecting package rabbitmq-server for versions less than 3.13.7-5. A patched version of the package is available...

6.3CVSS5.4AI score0.00218EPSS
Exploits0
Rows per page
Query Builder