Lucene search
K

39 matches found

EUVD
EUVD
added 2026/07/01 3:14 a.m.7 views

EUVD-2026-40872

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

5.3CVSS6AI score0.00169EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.13 views

PT-2026-54454

Name of the Vulnerable Software and Affected Versions Modem affected versions not specified Description Improper input validation in the Modem can cause a system crash. This allows a remote denial of service if a User Equipment UE connects to a rogue base station controlled by an attacker. The...

5.3CVSS6.2AI score0.00169EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

Fedora 42 : nano (2026-fbeaecb457)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fbeaecb457 advisory. fix CVE-2026-6842 and CVE-29026-6843 Resolves: CVE-2026-6842 Resolves: CVE-2026-6843 Resolves: rhbz2455127 Resolves: rhbz2455314 Tenable has extract...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.4 views

Fedora 44 : nano (2026-3111ffa11a)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3111ffa11a advisory. fix CVE-2026-6842 and CVE-29026-6843 Resolves: CVE-2026-6842 Resolves: CVE-2026-6843 Resolves: rhbz2455127 Resolves: rhbz2455314 Tenable has extract...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References3
Circl
Circl
added 2026/04/22 8:38 a.m.39 views

CVE-2026-6842

creationtimestamp| type| source ---|---|--- 2026-04-22 08:38:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk33tv5nbq2q 2026-06-08 09:52:07+00:00| seen| https://bsky.app/profile/bob.mastodon.me.uk.ap.brid.gy/post/3mnrfv6yvmhg2...

2.5CVSS5.3AI score0.00085EPSS
Exploits0References2
Circl
Circl
added 2025/07/24 1:36 p.m.1 views

RHSA-2024:6842

creationtimestamp| type| source ---|---|--- 2025-07-24 13:36:18+00:00| seen| Telegram/NbE6uJrtwbDK9IW7nliDHdxLxWoJGtWow9EEsvdw7FPY0WQ 2025-08-30 22:20:46+00:00| seen| Telegram/jN3p0rCho2cvLYsHTHnhIMlK4AolhcCwlVRO9wRJlqHX1Xk...

4.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:58 a.m.19 views

CVE-2023-6842

The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the name field label and description field label parameter in all versions up to 6.7 inclusive due to insufficient input...

4.8CVSS6AI score0.00316EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 a.m.10 views

CVE-2019-6842

A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause a Denial of Service attack on the PLC when upgrading the firmware with a missing web server image inside the packag...

4.9CVSS6.9AI score0.00959EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 11:43 a.m.11 views

CVE-2024-6842

In version 1.5.5 of mintplex-labs/anything-llm, the /setup-complete API endpoint allows unauthorized users to access sensitive system settings. The data returned by the currentSettings function includes sensitive information such as API keys for search engines, which can be exploited by attackers...

7.5CVSS6.5AI score0.29187EPSS
Exploits1References1
NVD
NVD
added 2025/03/20 10:15 a.m.12 views

CVE-2024-6842

In version 1.5.5 of mintplex-labs/anything-llm, the /setup-complete API endpoint allows unauthorized users to access sensitive system settings. The data returned by the currentSettings function includes sensitive information such as API keys for search engines, which can be exploited by attackers...

7.5CVSS0.29187EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.10 views

CVE-2024-6842 Exposure of Sensitive Information in mintplex-labs/anything-llm

In version 1.5.5 of mintplex-labs/anything-llm, the /setup-complete API endpoint allows unauthorized users to access sensitive system settings. The data returned by the currentSettings function includes sensitive information such as API keys for search engines, which can be exploited by attackers...

7.5CVSS7.4AI score0.29187EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.14 views

CVE-2024-6842 Exposure of Sensitive Information in mintplex-labs/anything-llm

In version 1.5.5 of mintplex-labs/anything-llm, the /setup-complete API endpoint allows unauthorized users to access sensitive system settings. The data returned by the currentSettings function includes sensitive information such as API keys for search engines, which can be exploited by attackers...

7.5CVSS0.29187EPSS
Exploits1References2
CVE
CVE
added 2025/03/20 10:10 a.m.147 views

CVE-2024-6842

AnythingLLM (mintplex-labs/anything-llm) version 1.5.5 contains an information-disclosure vulnerability via the /setup-complete (or /api/setup-complete) endpoint, allowing remote, unauthenticated access to currentSettings that can include sensitive API keys for search engines. This enables potent...

7.5CVSS7.4AI score0.29187EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.23 views

openSUSE Security Advisory (SUSE-SU-2024:3550-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.02618EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.25 views

SUSE SLED12 / SLES12 Security Update : podofo (SUSE-SU-2024:3541-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3541-1 advisory. - CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection bsc1023190 - CVE-2017-6840: Fixed...

9.8CVSS6.7AI score0.02618EPSS
Exploits3References34
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.29 views

SUSE SLES15 / openSUSE 15 Security Update : podofo (SUSE-SU-2024:3550-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3550-1 advisory. - CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection bsc1023190 - CVE-2017-6840: Fixed invalid memory read in...

9.8CVSS6.8AI score0.02618EPSS
Exploits1References29
SUSE Linux
SUSE Linux
added 2024/10/08 2:8 p.m.1 views

Security update for podofo

This update for podofo fixes the following issues: CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection bsc1023190 CVE-2017-6840: Fixed invalid memory read in ColorChanger::GetColorFromStack colorchanger.cpp bsc1027787 CVE-2017-6841: Fixed NULL pointer dereference in...

5.9CVSS7.2AI score0.02618EPSS
Exploits1References38
OpenVAS
OpenVAS
added 2024/06/21 12:0 a.m.50 views

Ubuntu: Security Advisory (USN-6842-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.00895EPSS
Exploits2References2
Circl
Circl
added 2024/01/09 8:26 a.m.7 views

CVE-2023-6842

creationtimestamp| type| source ---|---|--- 2024-01-09 08:26:36+00:00| seen| https://t.me/ctinow/164852 2024-01-25 17:17:23+00:00| seen| https://t.me/ctinow/173591...

4.8CVSS6.5AI score0.00316EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/09 6:41 a.m.4 views

CVE-2023-6842 Formidable Forms <= 6.7 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the name field label and description field label parameter in all versions up to 6.7 inclusive due to insufficient input...

4.4CVSS6.7AI score0.00316EPSS
Exploits0References2
Rows per page
Query Builder