Lucene search
K

1672 matches found

Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.9 views

PT-2026-51473

Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description A flaw in OpenSSH allows a local unprivileged attacker on a Linux client host to hijack client-side X11 forwarding connections. This occurs when X11 forwarding is enabled and a local...

6.1CVSS5.7AI score0.0009EPSS
Exploits0References20
EUVD
EUVD
added 2026/06/18 6:30 p.m.11 views

EUVD-2026-37929

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...

6.9CVSS5.4AI score0.00125EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/11 1:9 p.m.11 views

openssl: AES-OCB IV Ignored on EVP_Cipher() Path

A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface EVPCipher will have their provided Initialization Vector IV silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the...

7.5CVSS5.5AI score0.0032EPSS
Exploits0References4
Redos
Redos
added 2026/06/10 12:0 a.m.9 views

ROS-20260610-73-0014

The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...

6.5CVSS5.8AI score0.04938EPSS
Exploits1
Redos
Redos
added 2026/06/09 12:0 a.m.10 views

ROS-20260609-73-0001

The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...

6.5CVSS5.5AI score0.04938EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/05/29 10:6 p.m.24 views

Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder-uploader exfiltrate files from private folders

Summary modules/documents-files.php gates state-changing modes by checking that the actor has hasUploadRight on the URL parameter folderuuid. The movesave handler then operates on a separate URL parameter fileuuid and calls File::moveToFolder$destFolderUUID. File::moveToFolder checks the upload...

5.7AI score0.00032EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.16 views

PT-2026-45041

Summary modules/documents-files.php gates state-changing modes by checking that the actor has hasUploadRight on the URL parameter folder uuid. The move save handler then operates on a separate URL parameter file uuid and calls File::moveToFolder$destFolderUUID. File::moveToFolder checks the uploa...

8.1CVSS5.7AI score0.00032EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 9:16 a.m.18 views

CVE-2026-40848

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 7:59 a.m.13 views

CVE-2026-40848 Authenticated SQLi in tag view

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 7:59 a.m.31 views

CVE-2026-40848 Authenticated SQLi in tag view

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:57 a.m.21 views

CVE-2026-40842

The CVE-2026-40842 entry describes an unauthenticated SQL Injection in the getWidgetTags function, exploitable by a low-privilege remote attacker. The vulnerability arises from improper neutralization of certain elements in a SQL SELECT command, leading to a total loss of confidentiality. Related...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 7:57 a.m.33 views

CVE-2026-40840 Authenticated SQLi in VerifyCreateLicences function

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 7:54 a.m.10 views

CVE-2026-40831 Authenticated SQLi in Easy View

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS5.9AI score0.00324EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 7:52 a.m.13 views

EUVD-2026-32130

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvocontracts view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

6.9CVSS5.9AI score0.00281EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 7:48 a.m.10 views

CVE-2026-40818 Unauthenticated SQLi in _mb24confi_getDevice function function

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24configetDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

8.7CVSS5.9AI score0.0032EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:48 a.m.16 views

CVE-2026-40818

An unauthenticated SQL Injection exists in the _mb24confi_getDevice function due to improper neutralization of special elements in a SQL SELECT command. This vulnerability allows remote attackers to access confidential data, as indicated by a HIGH impact on confidentiality. The CVE entries do not...

8.7CVSS5.9AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECT24 is an interna...

8.7CVSS5.9AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43555

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24api getUserAccount function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

8.7CVSS5.9AI score0.0032EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/26 11:43 a.m.33 views

CVE-2026-7310

A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted XML file which may lead to memory corruption and potential arbitrary code execution. Successful...

4.4CVSS0.00103EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A division-by-zero error on some AMD processors may potentially return speculative data, resulting in a loss of confidentiality...

5.5CVSS6.7AI score0.12405EPSS
Exploits0References2
Rows per page
Query Builder