Lucene search
K

206206 matches found

Cvelist
Cvelist
added 2026/04/01 1:40 a.m.18 views

CVE-2026-3777 Use after free of view cache in Foxit PDF Editor/Reader

The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...

5.5CVSS0.00119EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/01 12:5 a.m.4 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the escapeNodeAttributeValues process. An attacker can execute arbitrary operating system commands by crafting a malicious .sy.zip file containing specially formatted block attribute values, which, when...

9.3CVSS6.2AI score0.00343EPSS
Exploits1References3
Snyk
Snyk
added 2026/04/01 12:5 a.m.5 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the escapeNodeAttributeValues process. An attacker can execute arbitrary operating system commands by crafting a malicious .sy.zip file containing specially formatted block attribute values, which, when...

9.3CVSS6.2AI score0.00343EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.3 views

PT-2026-29531

An arbitrary file overwrite vulnerability in Ora Tools PDF Reader ' Reader & Editor APPv4.3.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

6.4AI score0.00141EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.5 views

PT-2026-29547

There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests...

9.8CVSS6.2AI score0.00519EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29435

Name of the Vulnerable Software and Affected Versions The application affected versions not specified Description The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low-privileged users and is not...

7.8CVSS6AI score0.00251EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.5 views

JeecgBoot 安全漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot from 3.0.0 to 3.5.3 have security vulnerabilities. These vulnerabilities stem from lax character filtering, which could allow attackers to execute arbitrary code o...

9.8CVSS6.3AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the logic of list box calculati...

7.8CVSS6.3AI score0.00309EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Cisco Integrated Management Controller(IMC) 缓冲区错误漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

6.5CVSS6.3AI score0.00549EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.5 views

JeecgBoot 安全漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot from v3.0.0 to v3.5.3 have security vulnerabilities. These vulnerabilities stem from command injection in the component jmreport/show, which could allow attackers ...

9.8CVSS6.2AI score0.01531EPSS
Exploits0References2
CVE
CVE
added 2026/04/01 12:0 a.m.9 views

CVE-2024-40489

CVE-2024-40489 concerns Jeecg Boot releases 3.0.0–3.5.3, where lax character filtering enables an injection vulnerability that could let an attacker execute arbitrary code via specially crafted HTTP requests. Affected software: Jeecg Boot (Java low-code platform) versions 3.0.0–3.5.3. Root cause:...

9.8CVSS6.2AI score0.00519EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/01 12:0 a.m.7 views

CVE-2024-43028

A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...

6.2AI score0.01531EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.3 views

RHEL 9 : freerdp (RHSA-2026:6395)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6395 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

8.8CVSS6.6AI score0.00591EPSS
Exploits2References6
Snyk
Snyk
added 2026/04/01 12:0 a.m.1 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the luaLloadfile plugin in configuration directories. An attacker can execute unauthorized code and access sensitive information by placing a specially crafted Lua bytecode file in a system or user...

8.8CVSS6AI score0.00184EPSS
Exploits0References2
Redos
Redos
added 2026/04/01 12:0 a.m.6 views

ROS-20260401-73-0044

Vulnerability in salt related to incorrect code generation control. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

7.8CVSS6.2AI score0.00179EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.7 views

RHEL 9 : freerdp (RHSA-2026:6385)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6385 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

8.8CVSS6.6AI score0.00591EPSS
Exploits2References6
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.6 views

Fuji Electric V-SFT 安全漏洞

Fuji Electric V-SFT is a screen configuration software developed by Fuji Electric, a Japanese company. Versions of Fuji Electric V-SFT 6.2.10.0 and earlier contain security vulnerabilities. These vulnerabilities stem from a stack-based buffer overflow vulnerability in...

8.4CVSS7.8AI score0.00209EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/04/01 12:0 a.m.12 views

Ubuntu: Security Advisory (USN-8130-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00867EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.4 views

Google Chrome < 146.0.7680.177 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.177. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop31 advisory. - Use after free in Compositing in Google Chrome prior to 146.0.7680.178...

9.6CVSS6.6AI score0.05036EPSS
Exploits0References43
OSV
OSV
added 2026/04/01 12:0 a.m.11 views

ALSA-2026:6340 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP heap-use-after-free CVE-2026-22856 freerdp: FreeRDP...

9.8CVSS6.6AI score0.00656EPSS
Exploits5References28
Rows per page
Query Builder