Lucene search
K

12618 matches found

OSV
OSV
•added 2026/06/09 7:17 p.m.•5 views

UBUNTU-CVE-2025-52292

A stack buffer overflow in the fileinprocess function infile.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

7.5CVSS5.6AI score0.005EPSS
Exploits1References3
Cvelist
Cvelist
•added 2026/06/09 12:0 a.m.•29 views

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

0.00217EPSS
Exploits0References1
Positive Technologies
Positive Technologies
•added 2026/06/09 12:0 a.m.•12 views

PT-2026-48168

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

6AI score0.00217EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/09 12:0 a.m.•35 views

CVE-2025-55657

A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

0.00467EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
•added 2026/06/09 12:0 a.m.•6 views

Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation (cisco-sa-sdwan-privesc-4uxFrdzx)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD- WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly...

7.8CVSS6.5AI score0.25323EPSS
Exploits2References3
CISA KEV Catalog
CISA KEV Catalog
•added 2026/06/09 12:0 a.m.•7 views

Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system...

7.8CVSS6.2AI score0.25323EPSS
In wildExploits2
Cvelist
Cvelist
•added 2026/06/09 12:0 a.m.•34 views

CVE-2025-55651

A NULL pointer dereference in the gfisomgetuserdatacount function isomedia/isomread.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

0.00192EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2026/06/06 12:43 a.m.•10 views

CVE-2026-20245

A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplyi...

7.8CVSS6.3AI score0.25323EPSS
Exploits2References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:51 p.m.•8 views

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

5CVSS5.5AI score0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:37 p.m.•9 views

CVE-2026-41530

The automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected product is configured with the automatic folder creation feature enabled, and a product user tries to extract an archive file which has a crafted file name,...

4.6CVSS5.2AI score0.0015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:34 p.m.•9 views

CVE-2026-1184

GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by uploading a specially crafted file due to improper validation...

7.5CVSS5.5AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:22 p.m.•11 views

CVE-2026-34644

After Effects versions 26.0, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.1AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:20 p.m.•8 views

CVE-2026-32860

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

8.5CVSS7.6AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:20 p.m.•10 views

CVE-2026-32861

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

8.5CVSS7.6AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:20 p.m.•7 views

CVE-2026-32863

There is a memory corruption vulnerability due to an out-of-bounds read in sentrytransactioncontextsetoperation in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafte...

8.5CVSS5.8AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/05 7:13 p.m.•8 views

CVE-2026-40902

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes method reads row numbers from XML attributes without validating them against the spreadsheet maximum row...

7.5CVSS5.5AI score0.00395EPSS
Exploits1References1
OSV
OSV
•added 2026/06/05 3:48 p.m.•6 views

OESA-2026-2552 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

6.9CVSS5.5AI score0.00503EPSS
Exploits0References2
OSV
OSV
•added 2026/06/05 3:48 p.m.•8 views

OESA-2026-2549 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

6.9CVSS5.5AI score0.00503EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/05 12:31 a.m.•19 views

EUVD-2026-34341

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input...

7.8CVSS6.1AI score0.25323EPSS
Exploits2References3
EUVD
EUVD
•added 2026/06/05 12:31 a.m.•11 views

EUVD-2026-34576

Use after free in Updater in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...

5.8AI score0.00079EPSS
Exploits0References3
Rows per page
Query Builder