Lucene search
K

3921 matches found

Cvelist
Cvelist
added 2026/06/17 4:16 p.m.49 views

CVE-2026-20181 Cisco Identity Services Engine Remote Code Execution Vulnerability

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

9.1CVSS0.00748EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:25 p.m.27 views

CVE-2026-12117

CVE-2026-12117 affects Devolutions Server 2026.2.5: improper access control in the social login connection endpoint allows an authenticated vault member to enumerate social login entry metadata they are not authorized to access via a crafted API request. CVSSv3.1 base score is 4.3 (Medium). The p...

4.3CVSS5.3AI score0.0018EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36778

An issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crafted request...

5.8AI score0.00476EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36776

An issue in the attachment handling component of Feuerhamster MailForm v1.1.0 allows attackers to cause a Denial of Service DoS via a crafted request...

5.3AI score0.00441EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36768

An information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitive information via a crafted GET request...

5.2AI score0.00308EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 8:16 p.m.10 views

CVE-2026-50885

Incorrect access control in the share-based read endpoints of Sismics Docs Teedy v1.11 allow unauthorized attackers to access sensitive endpoints via a crafted request...

7.5CVSS0.00287EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 8:16 p.m.11 views

CVE-2026-50880

An issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crafted request...

9.8CVSS0.00476EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 8:16 p.m.9 views

CVE-2026-39197

An issue in the /util/http/prelude.rs endpoint of Datadog, Inc Vector v0.54.0 allows attackers to cause a Denial of Service DoS via a crafted request or payload...

6.5CVSS0.00289EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 6:16 p.m.20 views

CVE-2026-20262

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate...

6.5CVSS0.07683EPSS
Exploits2References2
CVE
CVE
added 2026/06/15 12:0 a.m.21 views

CVE-2026-50886

Summary: CVE-2026-50886 describes an access-control flaw in the webhook management component of Project Firefly III (version 6.5.9). The root cause is an incorrect access-control implementation, enabling an attacker to scan internal resources by sending a crafted POST request. Affected software: ...

9.1CVSS5.3AI score0.00312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49310

An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request...

5.5AI score0.00718EPSS
Exploits0References2
Talos
Talos
added 2026/06/15 12:0 a.m.10 views

GeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the Web Interface functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability. Confirmed Vulnerable Versions The...

9.9CVSS5.6AI score0.00348EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.30 views

CVE-2026-50891

Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request...

0.00326EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.16 views

CVE-2026-50880

CVE-2026-50880 affects YouTransfer v1.0.6, specifically the sendmail transport integration component. The issue allows an attacker to execute arbitrary code by sending a crafted request. The cybersecurity metadata indicates a critical impact (CVSS 3.1: 9.8, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). C...

9.8CVSS5.9AI score0.00476EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.32 views

CVE-2026-50885

Incorrect access control in the share-based read endpoints of Sismics Docs Teedy v1.11 allow unauthorized attackers to access sensitive endpoints via a crafted request...

0.00287EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49319

An issue in the attachment handling component of Feuerhamster MailForm v1.1.0 allows attackers to cause a Denial of Service DoS via a crafted request...

5.3AI score0.00441EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.33 views

CVE-2026-50880

An issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crafted request...

0.00476EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.44 views

CVE-2026-50875

Incorrect access control in the /form/webhooks/webhook endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modify or delete another tenant's webhook via a crafted request...

0.00282EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49311

Name of the Vulnerable Software and Affected Versions whoogle-search version 1.2.3 Description An information disclosure issue in the configuration endpoint allows attackers to obtain sensitive information by sending a crafted GET request. Recommendations At the moment, there is no information...

7.5CVSS5.8AI score0.00308EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49321

Name of the Vulnerable Software and Affected Versions YouTransfer version 1.0.6 Description An issue in the sendmail transport integration component allows attackers to execute arbitrary code by supplying a crafted request. Recommendations At the moment, there is no information about a newer...

9.8CVSS6.2AI score0.00476EPSS
Exploits0References3
Rows per page
Query Builder