Lucene search
K

487150 matches found

Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47441

Name of the Vulnerable Software and Affected Versions YesWiki versions prior to 4.6.6 Description An unsafe execution issue exists in the Bazar form field calculator CalcField.php. The application uses a complex recursive regular expression to sanitize user-defined mathematical formulas before th...

9.8CVSS5.9AI score0.00561EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47235

Name of the Vulnerable Software and Affected Versions WordPress Background Image Cropper version 1.2 Description An issue allows unauthenticated attackers to upload arbitrary files by accessing the 'ups.php' endpoint. By utilizing the file upload form within the plugin directory, attackers can...

9.8CVSS6.2AI score0.00838EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47234

Name of the Vulnerable Software and Affected Versions Seotheme affected versions not specified Description An issue in the WordPress Seotheme allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP...

9.8CVSS5.9AI score0.00613EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.11 views

PT-2026-47599

Name of the Vulnerable Software and Affected Versions Actual versions prior to 26.5.0 Description In the macOS desktop application, the ELECTRON RUN AS NODE fuse is not disabled. This allows an attacker who can place a file on disk or control command-line arguments to invoke the signed Actual.app...

4.8CVSS5.8AI score0.00126EPSS
Exploits0References5
Amazon
Amazon
added 2026/06/08 12:0 a.m.9 views

Important: nvlink5-580

Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

8.8CVSS6AI score0.00206EPSS
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.8 views

Important: nginx

Issue Overview: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string...

9.2CVSS6AI score0.04261EPSS
Exploits3
Amazon
Amazon
added 2026/06/08 12:0 a.m.8 views

Important: cuda-drivers

Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

8.8CVSS6AI score0.00206EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.22 views

PT-2026-47606

Name of the Vulnerable Software and Affected Versions PhpSpreadsheet versions prior to 1.30.5 Description An issue exists in the File::prohibitWrappers function where the use of parse url to detect stream wrappers can be bypassed. When an input contains three or more slashes after the scheme e.g....

9.2CVSS6.5AI score0.00351EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47475

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free occurs when an application...

9.6CVSS6.6AI score0.01654EPSS
Exploits4References85
Packet Storm
Packet Storm
added 2026/06/08 12:0 a.m.68 views

📄 Revive Adserver 6.0.6 XSS / SQL Injection / Code Execution

Revive Adserver versions 6.0.6 and below exploitation framework that targets cross site scripting, remote SQL injection, remote code execution, and various other vulnerabilities...

6AI score0.00499EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.11 views

PT-2026-47593

It was discovered that libjxl did not properly handle certain crafted PBM images. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service, or execute arbitrary code...

7.3CVSS5.8AI score0.00367EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47446

Name of the Vulnerable Software and Affected Versions Nginx Proxy Manager versions 2.9.14 through 2.15.1 Description An authenticated remote code execution issue exists via OS command injection in the setupCertbotPlugins function located in backend/setup.js. Attackers with certificates:manage...

7.7CVSS6.6AI score0.00921EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.10 views

PT-2026-47459

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.103 Description A use after free issue in the Bluetooth component allows a remote attacker to execute arbitrary code through a malicious peripheral. Use after free is a memory corruption flaw...

9.6CVSS6.7AI score0.01654EPSS
Exploits4References84
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47342

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

8.8CVSS6.7AI score0.0057EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.8 views

Amazon Linux 2023 : cuda-compat-13-2 (ALAS2023NVIDIA-2026-296)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-296 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

8.8CVSS6.2AI score0.00206EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.9 views

Amazon Linux 2023 : nvidia-libXNVCtrl, nvidia-libXNVCtrl-devel, nvidia-settings (ALAS2023NVIDIA-2026-286)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-286 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

8.8CVSS6.2AI score0.00206EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

TencentOS Server 4: freerdp (TSSA-2026:0435)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0435 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.8CVSS6.2AI score0.03472EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47509

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue in WebCodecs allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that...

9.6CVSS6.7AI score0.01654EPSS
Exploits4References86
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47465

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.103 Description A use after free issue in Compositing allows a remote attacker to execute arbitrary code when a user opens a crafted HTML page. Use after free is a memory corruption flaw that...

9.6CVSS6.7AI score0.01654EPSS
Exploits4References84
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.11 views

PT-2026-47506

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue in the Media component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free occurs when...

9.6CVSS6.5AI score0.01654EPSS
Exploits4References85
Rows per page
Query Builder