Lucene search
K

44 matches found

Circl
Circl
added 2026/05/05 5:28 p.m.11 views

CVE-2026-7846

creationtimestamp| type| source ---|---|--- 2026-05-05 17:28:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml4pjxmtb42q...

2.6CVSS5.8AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2026/05/05 4:16 p.m.14 views

CVE-2026-7846

A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to...

2.6CVSS0.00162EPSS
Exploits0References6
OSV
OSV
added 2026/04/12 2:19 a.m.1 views

MINI-7846-4RFG-35HR

Bulletin has no description...

5.5CVSS5.7AI score0.0029EPSS
Exploits0
OSV
OSV
added 2026/03/04 5:25 a.m.0 views

MINI-7846-2XJ2-FHHG

Bulletin has no description...

5.3CVSS5.9AI score0.00276EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/30 12:0 a.m.17 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : X.Org X Server vulnerabilities (USN-7846-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7846-1 advisory. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could use these...

7.3CVSS7.4AI score0.00481EPSS
Exploits0References4
Circl
Circl
added 2025/10/29 3:21 p.m.5 views

CVE-2025-7846

creationtimestamp| type| source ---|---|--- 2025-10-29 15:21:22+00:00| seen| https://gist.github.com/Darkcrai86/f679dc683ac2b5e87c056a5439647c21 2025-10-31 08:43:05+00:00| seen| https://gist.github.com/Darkcrai86/fdd50e2e80580bd8e5c3fcebaffc81a8 2025-10-31 09:37:00+00:00| seen|...

8.8CVSS5.7AI score0.0064EPSS
Exploits0References3
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-7846 Malicious code in @epc-tools/logger (npm)

The package @epc-tools/logger was found to contain malicious code...

7.2AI score
Exploits0
Circl
Circl
added 2025/04/24 10:0 a.m.10 views

CVE-2018-7846

creationtimestamp| type| source ---|---|--- 2025-04-24 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-01...

9.8CVSS6.8AI score0.29575EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.47 views

RHEL 8 : openssl (RHSA-2024:7846)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:7846 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

9.1CVSS7.6AI score0.05582EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/09/23 6:0 a.m.14 views

CVE-2024-7846 YITH WooCommerce Ajax Search < 2.7.1 - Contributor+ Stored XSS

YITH WooCommerce Ajax Search is vulnerable to a XSS vulnerability due to insufficient sanitization of user supplied block attributes. This makes it possible for Contributors+ attackers to inject arbitrary scripts...

6.1AI score0.00313EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.20 views

Schneider Electric Modicon Controllers Trust Boundary Violation (CVE-2018-7846)

A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller. This plugi...

9.8CVSS6.8AI score0.35039EPSS
Exploits18References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2014-0483)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References19
Circl
Circl
added 2021/02/24 6:36 p.m.9 views

CVE-2020-7846

creationtimestamp| type| source ---|---|--- 2021-02-24 18:36:56+00:00| seen| https://t.me/cibsecurity/24079...

8.8CVSS8.2AI score0.01027EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/24 3:46 p.m.16 views

CVE-2020-7846

Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page...

8CVSS8.7AI score0.01027EPSS
Exploits0References1
CVE
CVE
added 2021/02/24 3:46 p.m.42 views

CVE-2020-7846

CVE-2020-7846 affects Helpcom prior to v10.0. The root cause is storing a hardcoded cryptographic key, enabling a crafted web page to trigger a file download and execution on affected systems. NVD and other sources report high-severity impact (CVSS:3.1 base score up to 8.8; network attack vector,...

8.8CVSS8.6AI score0.01027EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/18 9:45 p.m.168 views

CVE-2019-7846

Adobe Campaign Classic (Windows/Linux) 18.10.5-8984 and earlier is affected by an improper error handling vulnerability that could lead to information disclosure for the current user. The Red Hat advisory confirms the same issue, describing it as an information disclosure vulnerability in ACC. Wh...

7.5CVSS7.2AI score0.03121EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/05/22 7:57 p.m.95 views

CVE-2018-7846

CVE-2018-7846 affects Schneider Electric Modicon M580, M340, Quantum and Premium PLCs. The issue is a CWE-501 Trust Boundary Violation in the UMAS/Reservation mechanism: an unauthenticated brute-force attempt to the Modbus-based reservation session (one-byte session token) can allow unauthorized ...

9.8CVSS9.2AI score0.29575EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/05/22 7:57 p.m.24 views

CVE-2018-7846

A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller...

9.3AI score0.29575EPSS
Exploits1References2
OSV
OSV
added 2018/06/11 9:29 p.m.8 views

CVE-2017-7846

It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...

8.8CVSS8.4AI score
Exploits0References7
Cvelist
Cvelist
added 2018/06/11 9:0 p.m.23 views

CVE-2017-7846

It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...

8.4AI score0.02008EPSS
Exploits0References7
Rows per page
Query Builder