Lucene search
K

38612 matches found

CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation for untrusted inputs in the media component. It could allow remote attackers who...

8.8CVSS7.7AI score0.00289EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.5 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from a heap buffer overflow in ANGLE, which could allow arbitrary code to be executed within a sandbox through specially crafted...

8.8CVSS7.7AI score0.00339EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-5732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbi...

8.8CVSS5.9AI score0.0035EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.3 views

Mozilla Firefox ESR < 140.9.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-27 advisory. - Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0,...

9.8CVSS6.1AI score0.0035EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.3 views

Mozilla Firefox ESR < 140.9.1

The version of Firefox ESR installed on the remote Windows host is prior to 140.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-27 advisory. - Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0....

9.8CVSS6.1AI score0.0035EPSS
Exploits0References4
Redos
Redos
added 2026/04/07 12:0 a.m.3 views

ROS-20260407-73-0028

A vulnerability in the trace component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...

7.1CVSS7.1AI score0.00164EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2026/04/07 12:0 a.m.9 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and...

10CVSS7.3AI score0.00773EPSS
Exploits0References80
Cvelist
Cvelist
added 2026/04/06 9:28 p.m.15 views

CVE-2026-5708 Improper Control of User-Modifiable Attributes in RES CreateSession API

Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio RES prior to version 2026.03 could allow an authenticated remote user to escalate privileges, assume the virtual desktop host instance profile permissions, and interact with...

8.8CVSS0.00841EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:45 p.m.3 views

CVE-2026-5682

A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires ...

6.3CVSS5.1AI score0.00188EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/06 6:33 p.m.4 views

EUVD-2026-19315

A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/checklogin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack is possible to...

7.5CVSS6.8AI score0.00319EPSS
Exploits0References6
NVD
NVD
added 2026/04/06 4:16 p.m.7 views

CVE-2026-5665

A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/checklogin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack is possible to...

7.5CVSS0.00319EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/06 4:10 p.m.3 views

Improper Encoding or Escaping of Output

Overview glpi/glpi is a free Asset and IT Management Software package with ITIL Service Desk, licenses tracking and software auditing. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the Website field in the supplier component. An attacker can execu...

8.6CVSS6.1AI score0.0028EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/06 11:52 a.m.2 views

CVE-2026-31406

A flaw was found in the Linux kernel, specifically within its xfrm IP eXtensible FRamework component. This vulnerability arises from a race condition during network cleanup, where a scheduled task natkeepalivework can be re-activated and attempt to operate on memory that has already been freed...

7.8CVSS5.9AI score0.00159EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.4 views

CVE-2026-35562

Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this...

8.7CVSS5.9AI score0.00379EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/06 12:0 a.m.1 views

CVE-2026-31059

A remote command execution RCE vulnerability in the /goform/formDia component of UTT Aggressive HiPER 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string...

6.2AI score0.00901EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-30617

A remote command execution RCE vulnerability in the /goform/formDia component of UTT Aggressive HiPER 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string...

9.8CVSS6.3AI score0.00901EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/06 12:0 a.m.21 views

CVE-2026-31059

A remote command execution RCE vulnerability in the /goform/formDia component of UTT Aggressive HiPER 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string...

0.00901EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

UTT 520W 安全漏洞

UTT 520W is a wireless router produced by China's UTTE Corporation. The UTT 520W v3v1.7.7-180627 version contains a security vulnerability. This vulnerability stems from issues with the /goform/formDia component, which may allow for remote command execution, potentially enabling the execution of...

9.8CVSS6AI score0.00901EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.6 views

PT-2026-30746

Name of the Vulnerable Software and Affected Versions AWS Research and Engineering Studio RES versions prior to 2026.03 Description An issue exists in the session creation component of AWS Research and Engineering Studio RES where unsanitized control of user-modifiable attributes could allow an...

8.8CVSS5.9AI score0.00841EPSS
Exploits1References8
CVE
CVE
added 2026/04/05 9:15 p.m.12 views

CVE-2026-5597

The CVE-2026-5597 entry concerns griptape-ai griptape v0.19.4. Affects the ComputerTool component (griptape\tools\computer\tool.py) where manipulation of the argument filename can cause a path traversal. It is possible to exploit remotely; the exploit has been published. Exploit maturity is repor...

6.5CVSS6.2AI score0.00422EPSS
Exploits0References4
Rows per page
Query Builder