Lucene search
K

141 matches found

EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39453

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1...

6.7CVSS5.9AI score0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/18 12:11 a.m.37 views

CVE-2026-12569 Remote Code Execution (RCE) vulnerability in Windchill PDMlink

A critical remote code execution RCE vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This advisory also applies to all CPS versions The identified vulnerability also impacts Windchill and...

9.3CVSS0.01106EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 7:29 p.m.11 views

EUVD-2026-34906

OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, an authenticated attacker can inject malicious JavaScript into their Open XDMoD user profile and abuse the password reset functionality to email a link to an HTML page, which when visited by the...

8.6CVSS5.4AI score0.00147EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.14 views

PT-2026-47051

Name of the Vulnerable Software and Affected Versions OpenXDMoD versions prior to 11.0.3 Description An authenticated attacker can inject malicious JavaScript into their user profile and abuse the password reset functionality to send a link to an HTML page. When a victim visits this page, the...

8.6CVSS5.4AI score0.00147EPSS
Exploits0References6
NVD
NVD
added 2026/05/12 10:16 a.m.9 views

CVE-2024-54017

A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...

6.9CVSS0.00306EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 8:20 a.m.7 views

CVE-2024-54017

A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...

6.9CVSS5.8AI score0.00306EPSS
Exploits0References2Affected Software29
Vulnrichment
Vulnrichment
added 2026/05/12 8:20 a.m.7 views

CVE-2024-54017

A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...

6.9CVSS7.2AI score0.00306EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/29 6:33 a.m.12 views

CyberChef has a Cross-site Scripting issue

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS5.8AI score0.00294EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.2 views

CVE-2026-25742

Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access enablespectatoraccess / WEBPUBLICSTREAMSENABLED is disabled, attachments originating from web-public...

5.3CVSS5.8AI score0.00312EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

Directus 安全漏洞

Directus is an open-source real-time API and application dashboard developed by Directus. It is used to manage SQL database content. Versions of Directus prior to 11.17.0 contained a security vulnerability. This vulnerability stemmed from the lack of the Cross-Origin-Opener-Policy header on the...

9.3CVSS5.9AI score0.00169EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.10 views

MariaDB Server 安全漏洞

MariaDB Server is an open-source relational database system developed by MariaDB. Vulnerabilities existed in versions prior to 11.4.10, as well as in versions 11.5.x to 11.8.x, up to 11.8.6, and 12.x up to 12.2.2. These vulnerabilities were due to a buffer overflow in the cachingsha2password...

6.5CVSS6AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.4 views

CVE-2026-24989

Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through 11.4.0...

9.8CVSS5.8AI score0.00375EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.6 views

CVE-2026-24989

CVE-2026-24989 describes a deserialization of untrusted data in the SUMO Affiliates Pro plugin for WordPress (affs), enabling PHP object injection. Affected: SUMO Affiliates Pro versions below 11.4.0. Root cause: deserialization of untrusted input leading to object injection. Impact: according to...

9.8CVSS5.8AI score0.00375EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 3:16 a.m.4 views

CVE-2026-2072

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Analytics probe component, Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00...

8.2CVSS0.00174EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

Hitachi Ops Center Administrator 安全漏洞

Hitachi Ops Center Administrator is a management interface and tool for managing Hitachi storage devices at Hitachi, Ltd. Versions of Hitachi Ops Center Administrator prior to 11.0.8 contained security vulnerabilities, which were due to susceptibility to redirection attacks...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2026/03/24 5:58 a.m.11 views

CVE-2026-33855

CVE-2026-33855 describes an Integer Overflow or Wraparound in MolotovCherry Android-ImageMagick7, affecting Android-ImageMagick7 prior to 7.1.2-11. The Red Hat and EU/NVD/NIST entries corroborate the issue. The vulnerability’s impact is noted as HIGH for availability (per NVD CVSS3.1) with a LOCA...

7.5CVSS5.8AI score0.00209EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.8 views

jsrsasign 安全漏洞

jsrsasign is a signature verification library developed by Kenji Urushima. Versions of jsrsasign prior to 11.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of encryption steps in the DSA signature implementation, which could lead to the exposure of private key...

9.4CVSS5.8AI score0.003EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/06 6:20 p.m.4 views

CVE-2026-24050

Zulip is an open-source team collaboration tool. From 5.0 to before 11.5, some administrative actions on the user profile were susceptible to stored XSS in group names or channel names. Exploiting these vulnerabilities required the user explicitly interacting with the problematic object. This...

4.8CVSS5.1AI score0.0023EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/01/08 2:32 p.m.23 views

CVE-2026-22032 Directus has open redirect in SAML

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.14.0, an open redirect vulnerability exists in the Directus SAML authentication callback endpoint. During SAML authentication, the RelayState parameter is intended to preserve the user's original...

4.3CVSS0.00196EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/31 10:18 p.m.3 views

CVE-2025-67711 Reflected XSS vulnerability in ArcGIS Server.

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

6.1CVSS6.3AI score0.00197EPSS
Exploits0References1
Rows per page
Query Builder