Lucene search
K

38642 matches found

NVD
NVD
added 2026/03/28 3:16 p.m.3 views

CVE-2026-4999

A security vulnerability has been detected in z-9527 admin up to 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2. This issue affects the function uploadFile of the file /server/utils/upload.js of the component isImg Check. The manipulation of the argument fileType leads to path traversal. Remote...

6.5CVSS0.00346EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/28 12:26 a.m.3 views

SUSE CVE-2026-32720

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-4726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial-of-service in the XML component. This vulnerability was fixed in Firefox 149 and Thunderbird 149. CVE-2026-4726 Note that Nessus relies on the presence o...

7.5CVSS7.3AI score0.0053EPSS
Exploits0References2
NVD
NVD
added 2026/03/27 11:17 p.m.2 views

CVE-2026-4992

A flaw has been found in wandb OpenUI up to 1.0. This affects the function createshare/getshare of the file backend/openui/server.py of the component HTMLAnnotator Component. Executing a manipulation of the argument ID can lead to HTML injection. The attack may be performed from remote. The explo...

5.3CVSS0.00337EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/27 10:51 p.m.8 views

CVE-2026-33486

Roadiz is a polymorphic content management system based on a node system that can handle many types of services. A vulnerability in roadiz/documents prior to versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 allows an authenticated attacker to read any file on the server's local file system that the web...

6.8CVSS5.9AI score0.00383EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 10:3 p.m.4 views

CVE-2026-4992

A flaw has been found in wandb OpenUI up to 1.0. This affects the function createshare/getshare of the file backend/openui/server.py of the component HTMLAnnotator Component. Executing a manipulation of the argument ID can lead to HTML injection. The attack may be performed from remote. The explo...

5.3CVSS5.5AI score0.00337EPSS
Exploits0References4Affected Software1
F5 Networks
F5 Networks
added 2026/03/27 9:57 p.m.10 views

K000160501: Oracle Java SE vulnerability CVE-2026-21925

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle...

4.8CVSS6.4AI score0.00212EPSS
Exploits0
EUVD
EUVD
added 2026/03/27 9:31 p.m.5 views

EUVD-2026-16762

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References6
Snyk
Snyk
added 2026/03/27 7:17 p.m.4 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the processing of deprecated workflow commands in untrusted input. An attacker can inject arbitrary environment variables or modify the...

9.8CVSS6AI score0.00619EPSS
Exploits1References2
OSV
OSV
added 2026/03/27 6:39 p.m.3 views

GO-2026-4859 BuildKit Git URL subdir component can cause access to restricted files in github.com/moby/buildkit

BuildKit Git URL subdir component can cause access to restricted files in github.com/moby/buildkit...

8.2CVSS5.8AI score0.00463EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/27 6:31 p.m.4 views

EUVD-2026-16725

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

7.3CVSS6.4AI score0.00229EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/27 5:5 p.m.4 views

CVE-2026-4962

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

7.3CVSS6.4AI score0.00229EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/27 5:5 p.m.6 views

CVE-2026-4962 UltraVNC Service version.dll uncontrolled search path

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

7.3CVSS6.4AI score0.00229EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2026/03/27 2:43 p.m.3 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox 140.9.0 ESR MFSA 2026-22, bsc1260083: CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4686:...

8.8CVSS6.4AI score0.01279EPSS
Exploits1References78
OSV
OSV
added 2026/03/27 2:43 p.m.1 views

SUSE-SU-2026:1127-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox 140.9.0 ESR MFSA 2026-22, bsc1260083: - CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component - CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component - CVE-2026-468...

10CVSS6.4AI score0.01279EPSS
Exploits1References40
SUSE Linux
SUSE Linux
added 2026/03/27 2:42 p.m.10 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox 140.9.0 ESR MFSA 2026-22, bsc1260083: CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4686:...

8.8CVSS6.4AI score0.01279EPSS
Exploits1References78
OSV
OSV
added 2026/03/27 2:2 p.m.5 views

OESA-2026-1708 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.CVE-2025-59375 Race...

10CVSS6.1AI score0.01279EPSS
Exploits1References39
OSV
OSV
added 2026/03/27 2:1 p.m.3 views

OESA-2026-1705 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.CVE-2025-59375 Race...

10CVSS6.6AI score0.01279EPSS
Exploits1References39
OSV
OSV
added 2026/03/27 12:32 p.m.4 views

OPENSUSE-SU-2026:20439-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox 140.9.0 ESR MFSA 2026-22, bsc1260083: - CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component - CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component - CVE-2026-468...

10CVSS5.9AI score0.01279EPSS
Exploits1References39
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 8:20 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library cryptography-46.0.3 which is vulnerable to CVE-2026-26007

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library cryptography-46.0.3-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-26007. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION...

8.2CVSS5.9AI score0.00341EPSS
Exploits0Affected Software1
Rows per page
Query Builder