Lucene search
+L

7230 matches found

RedhatCVE
RedhatCVE
added 2026/06/17 1:25 a.m.8 views

CVE-2026-53441

A flaw was found in Jenkins. This vulnerability, a stored cross-site scripting XSS issue, allows attackers with Agent/Configure permission to inject malicious scripts into the user-provided description of a generic offline cause. When other users view this description, the injected script can...

5.4CVSS5.1AI score0.00261EPSS
Exploits0References4
CVE
CVE
added 2026/06/16 8:12 p.m.45 views

CVE-2026-48294

CVE-2026-48294 concerns Adobe Acrobat PDF Extension (Chrome)

7.4CVSS5.3AI score0.00719EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.32 views

CVE-2026-0155

In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00169EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/16 3:55 p.m.9 views

ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.

A flaw was found in ncurses. This vulnerability, a buffer overflow, exists within the analyzestring function. An attacker could potentially exploit this to execute unauthorized code on the affected system, which might lead to a denial of service in the affected application, the corruption of data...

9.8CVSS5.9AI score0.00414EPSS
Exploits1References8
CVE
CVE
added 2026/06/16 12:34 a.m.18 views

CVE-2026-1765

CVE-2026-1765 concerns GNOME localsearch’s tracker-miners: the tracker-extract-mp3 component is vulnerable to a heap buffer overflow when processing crafted MP3 files, potentially causing Denial of Service (crash) and, in some cases, information disclosure from memory. The issue is confirmed acro...

5.6CVSS5.5AI score0.00139EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.29 views

PT-2026-49876

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Centralized Third Party Jars. The supported version that is affected is 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Coherence...

9.3CVSS5.2AI score0.00338EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36770

An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request...

5.7AI score0.0056EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/15 7:15 p.m.40 views

CVE-2026-52722 Gstreamer1-plugins-bad-free: gstreamer: signed integer overflow in vmnc decoder cursor payload handling

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS0.0031EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/15 7:10 p.m.11 views

CVE-2026-53703

A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...

7.1CVSS5.5AI score0.00228EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.10 views

CVE-2026-49875

A flaw was found in Apache CXF. The EndpointReferenceUtils and W3CMultiSchemaFactory classes within Apache CXF construct a SAXParserFactory without proper security configurations. This oversight enables out-of-band OOB external entity resolution, a type of XML External Entity XXE vulnerability. A...

9.8CVSS5AI score0.00527EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.35 views

CVE-2026-50872

An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request...

0.0056EPSS
Exploits0References1
Redos
Redos
added 2026/06/15 12:0 a.m.8 views

ROS-20260615-73-0032

The vulnerability of the RDP client FreeRDP relates to reading beyond the memory boundaries. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system...

9.4CVSS4.7AI score0.00263EPSS
Exploits1
Redos
Redos
added 2026/06/15 12:0 a.m.10 views

ROS-20260615-73-0039

The vulnerability of the RDP client FreeRDP relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected information...

7.1CVSS5AI score0.00205EPSS
Exploits0
CVE
CVE
added 2026/06/15 12:0 a.m.17 views

CVE-2026-50872

The CVE-2026-50872 entry affects fossar selfoss v2.20-SNAPSHOT, with a vulnerability in the loopback request handling component that could allow arbitrary command execution and leakage of sensitive data via a crafted HTTP request. The issue is described across multiple sources (NVD/ENISA/CVE list...

9.8CVSS5.8AI score0.0056EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49335

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description An out-of-bounds read occurs in the VA JPEG decoder within the gst-plugins-bad module. The JPEG parser reads a segment length value from the bitstream without validating it...

7.1CVSS6AI score0.00301EPSS
Exploits0References31
BDU FSTEC
BDU FSTEC
added 2026/06/15 12:0 a.m.6 views

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages relates to operations that occur outside of the buffer in memory, allowing attackers to disclose protected information.

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by these applications...

4.7CVSS6AI score0.00357EPSS
Exploits0References2
Debian
Debian
added 2026/06/13 5:12 p.m.12 views

[SECURITY] [DSA 6344-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6344-1 [email protected] https://www.debian.org/security/ Andres Salomon June 13, 2026 https://www.debian.org/security/faq -...

9.6CVSS5.8AI score0.00287EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/13 12:0 a.m.10 views

Debian dsa-6344 : chromium - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6344 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6344-1 [email protected]...

9.6CVSS6AI score0.00287EPSS
Exploits0References59
Vulnrichment
Vulnrichment
added 2026/06/12 8:25 p.m.10 views

CVE-2026-45085 Discourse: Chat misauthorization and information disclosure

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, four authorization/disclosure issues in the chat plugin one also involving discourse-calendar: read-only category users...

5.3CVSS5.2AI score0.00213EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 8:25 p.m.33 views

CVE-2026-45085 Discourse: Chat misauthorization and information disclosure

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, four authorization/disclosure issues in the chat plugin one also involving discourse-calendar: read-only category users...

5.3CVSS0.00213EPSS
Exploits0References1
Rows per page
Query Builder