Lucene search
K

206127 matches found

Cvelist
Cvelist
added 2026/04/10 5:49 a.m.22 views

CVE-2026-28704

Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...

8.4CVSS0.0016EPSS
Exploits0References3
CVE
CVE
added 2026/04/10 5:49 a.m.15 views

CVE-2026-28704

EmoCheck is affected by a DLL search/loading flaw: it insecurely loads Dynamic Link Libraries (DLLs). A crafted DLL placed in the same directory can lead to arbitrary code execution under the invoking user’s privileges. Documents do not specify the vulnerable component version, exact file or DLL ...

8.4CVSS7.3AI score0.0016EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/10 4:38 a.m.7 views

EmoCheck loads Dynamic Link Libraries insecurely

Overview EmoCheck is a tool for detecting infections by "Emotet" malware, provided by Japan Computer Emergency Response Team Coordination Center JPCERT/CC. EmoCheck loads Dynamic Link Libraries insecurely. Uncontrolled search path element CWE-427 - CVE-2026-28704 ryo shimada of Powder Keg...

8.4CVSS7.1AI score0.0016EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31881

Name of the Vulnerable Software and Affected Versions Emocheck affected versions not specified Description Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed in the same directory, arbitrary code may be executed with the privilege of the user invoking EmoCheck...

8.4CVSS7.4AI score0.0016EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained a security vulnerability. This vulnerability stemmed from the automatic loading and execution of the tools.py file located in the working directory, which coul...

7.8CVSS6.2AI score0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.8 views

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained security vulnerabilities. These vulnerabilities stemmed from the Python sandbox based on AST, which could be exploited through type.getattribute, potentially...

8.6CVSS6.1AI score0.0024EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.11 views

LiteLLM 安全漏洞

LiteLLM is an open-source application developed by Berri AI. It allows for the invocation of all LLM APIs in the OpenAI format. Versions of LiteLLM dated before April 8, 2026, contain a security vulnerability. This vulnerability stems from the /guardrails/testcustomcode URI, which allows arbitrar...

8.8CVSS6AI score0.01059EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/04/10 12:0 a.m.26 views

CVE-2026-31262

Cross Site Scripting vulnerability in Altenar Sportsbook Software Platform SB2 v.2.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the URL parameter...

0.00229EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.5 views

PT-2026-31995

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.128 Description PraisonAI's AST-based Python sandbox can be bypassed using the type. getattribute trampoline, leading to arbitrary code execution when running untrusted agent code. The execute code direct functi...

8.6CVSS6.4AI score0.0024EPSS
Exploits1References8
Redos
Redos
added 2026/04/10 12:0 a.m.4 views

ROS-20260410-73-0006

An XRDP server vulnerability is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.8AI score0.01318EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from inconsistent handling of environment variable overrides, which could allow attackers to provide overrid...

8.8CVSS6.1AI score0.00489EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.5 views

PT-2026-31917

Name of the Vulnerable Software and Affected Versions Netwide Assembler NASM affected versions not specified Description A heap buffer overflow occurs due to a lack of bounds checking in the obj directive function. This issue can be triggered when assembling a malicious .asm file, which may lead ...

7.5CVSS6AI score0.00357EPSS
Exploits1References8
CNVD
CNVD
added 2026/04/10 12:0 a.m.7 views

OpenClaw has an unspecified vulnerability (CNVD-2026-19641)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A security vulnerability exists in OpenClaw that stems from automatically discovering and loading plugins from .OpenClaw/extensions/ without explicit trust validation, which can be exploited by an attacker to cause arbitrar...

8.8CVSS6.1AI score0.00331EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

Altenar Sportsbook Software Platform SB2 安全漏洞

The Altenar Sportsbook Software Platform SB2 is a betting platform and odds management system developed by the Malta-based company Altenar, aimed at the sports betting industry. Version 2.0 of the Altenar Sportsbook Software Platform SB2 contains a security vulnerability. This vulnerability stems...

6.1CVSS5.8AI score0.00229EPSS
Exploits1References3
CNVD
CNVD
added 2026/04/10 12:0 a.m.3 views

Google Chrome ANGLE heap buffer overflow vulnerability (CNVD-2026-16862)

Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a failure of the ANGLE heap to properly validate the length size of input data, which can be exploited by an...

8.8CVSS6.4AI score0.0035EPSS
Exploits0
CNVD
CNVD
added 2026/04/10 12:0 a.m.4 views

Google Chrome Dawn Component Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a confusion in the instructions of the Dawn component responsible for freeing memory. An attacker can...

8.8CVSS6.2AI score0.00313EPSS
Exploits0
CNVD
CNVD
added 2026/04/10 12:0 a.m.5 views

Google Chrome GPU Heap Buffer Overflow Vulnerability

Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from the GPU heap failing to properly validate the length size of input data, which can be exploited by an attacker...

8.8CVSS6.4AI score0.0045EPSS
Exploits0
Exploit DB
Exploit DB
added 2026/04/10 12:0 a.m.90 views

NetBT e-Fatura - Privilege Escalation

Exploit Title: NetBT e-Fatura - Privilege Escalation Author: Seccops Discovery Date: 2025-10-03 Vendor: https://net-bt.com.tr/e-fatura/ Tested Version: 2024 Tested on OS: Microsoft Windows Server 2019 DC Vulnerability Type: CWE-428 Unquoted Search Path or Element CVE: CVE-2025-14018 Note: Thanks...

7.3CVSS5.8AI score0.00414EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.2 views

FreeBSD : Mozilla -- Memory safety bugs (359d8e42-33fb-11f1-8ac1-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 359d8e42-33fb-11f1-8ac1-b42e991fc52e advisory. https://bugzilla.mozilla.org/buglist.cgi?bugid=2025475%2C2025477 reports: Memory safety bugs present in...

9.8CVSS6AI score0.00257EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/09 10:37 p.m.2 views

CVE-2026-5858

A flaw was found in WebML in Google Chrome. A remote attacker could exploit a heap buffer overflow vulnerability by enticing a user to visit a specially crafted HTML page. Successful exploitation of this memory corruption flaw could allow the attacker to execute arbitrary code on the affected...

8.8CVSS6.5AI score0.00608EPSS
Exploits0References5
Rows per page
Query Builder