Lucene search
K

219856 matches found

CNNVD
CNNVD
added 2026/05/03 12:0 a.m.9 views

crmeb_java 访问控制错误漏洞

crmebjava is an open-source e-commerce system developed by CRMEB. Versions of crmebjava 1.3.4 and earlier contained a access control vulnerability. This vulnerability stemmed from unknown code in the Admin Upload component, specifically in the...

5.8CVSS5.9AI score0.00223EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 11:20 p.m.9 views

Malicious code in timermcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 999846a0fc964a7818742a15f547ddd0b154f6ca559902c048c3f478a681c64c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 11:20 p.m.5 views

MAL-2026-3239 Malicious code in timermcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 999846a0fc964a7818742a15f547ddd0b154f6ca559902c048c3f478a681c64c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/02 6:30 p.m.98 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-success — CVE-2026-31431 Compensating Control A defensiv...

7.8CVSS5.8AI score0.96775EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/05/02 10:0 a.m.79 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 - cPanel & WHM Authentication Bypass Proof of C...

9.8CVSS5.9AI score0.981EPSS
Exploits64
Microsoft CVE
Microsoft CVE
added 2026/05/02 8:4 a.m.10 views

ksmbd: use check_add_overflow() to prevent u16 DACL size overflow

...

7.5CVSS5.8AI score0.00117EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/02 8:4 a.m.6 views

crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed

...

7.1CVSS5.8AI score0.00126EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/02 6:52 a.m.87 views

Exploit for Insufficient Granularity of Access Control in Microsoft

CVE-20...

7.8CVSS5.8AI score0.06749EPSS
Exploits3
OSV
OSV
added 2026/05/02 3:40 a.m.6 views

MAL-2026-3230 Malicious code in currenttimerpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccd5c81889e68b6ae8a0e8ef90b7c3a4dc447b08872ad6ac48ce94804985379d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 3:14 a.m.8 views

Malicious code in timermcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3fb8935c61e214bb5bdfe858c15d8d00fce16ae5a8ee00d88af7c1aa363e656 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 3:14 a.m.8 views

MAL-2026-3231 Malicious code in timermcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3fb8935c61e214bb5bdfe858c15d8d00fce16ae5a8ee00d88af7c1aa363e656 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
Fedora
Fedora
added 2026/05/02 1:57 a.m.10 views

[SECURITY] Fedora 42 Update: openvpn-2.6.20-1.fc42

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

6.9CVSS5.8AI score0.00317EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.11 views

SUSE CVE-2026-31709

In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and then use the incoming ACL to rebuild the chmod/chown security...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.11 views

SUSE CVE-2026-31712

In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...

8.3CVSS5.7AI score0.00315EPSS
Exploits0References3
OSV
OSV
added 2026/05/02 1:1 a.m.4 views

CLSA-2026-1777541087 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...

7.5CVSS5.8AI score0.00502EPSS
Exploits1References1
CloudLinux
CloudLinux
added 2026/05/02 1:1 a.m.11 views

cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...

7.5CVSS6AI score0.00502EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 12:54 a.m.10 views

Malicious code in as89ufnaisufn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e21c9860ca710010b7059d9284d8e2665c8163a8f1f351782e1a30f2037ce647 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 12:52 a.m.10 views

Malicious code in timingmcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c55706ce911042ace020630f65dc65015cf677b2d5a106ccd3ddba10e90f327f During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 12:52 a.m.4 views

MAL-2026-3227 Malicious code in timingmcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c55706ce911042ace020630f65dc65015cf677b2d5a106ccd3ddba10e90f327f During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 12:51 a.m.9 views

CLSA-2026-1777453146 ntp: Fix of 2 CVEs

CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...

7.5CVSS7.3AI score0.09239EPSS
Exploits2References1
Rows per page
Query Builder