Lucene search
K

2609 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.6 views

CVE-2026-34664

Substance3D - Designer versions 15.1.0 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories...

6.3CVSS5.6AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.9 views

CVE-2026-7191

Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression via the Conten...

8.6CVSS6.2AI score0.00433EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.8 views

CVE-2026-34681

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00148EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/04 4:53 p.m.28 views

Security Bulletin: Vulnerability in jackson-core-2.15.2.jar

Summary Vulnerability in jackson-core-2.15.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This allows an attacker to send JSON with...

5.8AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.9 views

JetBrains IntelliJ IDEA < 2026.1 Multiple Vulnerabilities

The version of JetBrains IntelliJ IDEA installed on the remote host is prior to 2026.1. It is, therefore, affected by multiple vulnerabilities: - In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin CVE-2026-49382 - In JetBrains...

7.8CVSS6.1AI score0.00135EPSS
Exploits0References3
NVD
NVD
added 2026/05/29 7:16 p.m.17 views

CVE-2026-49383

In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible...

3.3CVSS0.00109EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 6:15 p.m.54 views

CVE-2026-49383

JetBrains IntelliJ IDEA prior to 2026.1 has a low-severity issue in the UI Designer form parser (xXE) that is locally exploitable with user interaction required. The CVSS 3.1 vector indicates Local access, Low complexity, no privileges, with Confidentiality impact Low and no impact on Integrity/A...

3.3CVSS5.8AI score0.00109EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/29 6:15 p.m.37 views

CVE-2026-49383

In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible...

3.3CVSS0.00109EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 6:15 p.m.14 views

CVE-2026-49383

In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible...

3.3CVSS5.8AI score0.00109EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/29 6:15 p.m.14 views

CVE-2026-49383

In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible...

3.3CVSS5.8AI score0.00109EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 6:15 p.m.14 views

EUVD-2026-33391

In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible...

3.3CVSS5.8AI score0.00109EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.13 views

PT-2026-44963

Name of the Vulnerable Software and Affected Versions JetBrains IntelliJ IDEA versions prior to 2026.1 xXE Description An issue exists in the UI Designer form parser, which is the component responsible for processing the layout and design files of the user interface. Recommendations Update to...

3.3CVSS5.8AI score0.00109EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/20 3:24 p.m.8 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2026 - Includes Oracle April 2026 CPU for Rational Software Architect Designer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition,Versions 8 and Java 17 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM SDK, Java Technology Edition...

7.5CVSS7.1AI score0.00702EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.5 views

@antv/xflow-diff (=1.0.0), @equota/web-designer (>=0.0.4 <=0.0.11) +3 more potentially affected by unknown CVE via @antv/xflow (=2.2.4)

@antv/xflow NPM version =2.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/xflow and may be impacted: - @antv/xflow-diff =1.0.0 - @equota/web-designer =0.0.4, =0.0.1, =1.0.0, =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory:...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.9 views

@glorysoft/mcs_tool (>=0.0.25 <=0.0.28), @ithinkdt/lowcode (>=4.0.0 <=4.0.5) +15 more potentially affected by unknown CVE via @antv/x6 (=3.1.7)

@antv/x6 NPM version =3.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/x6 and may be impacted: - @glorysoft/mcstool =0.0.25, =4.0.0, =2.0.0, =0.7.0, =0.7.0, =0.14.0, =0.0.1, =1.0.0, =1.0.0, =0.0.1, =0.1.8 and more Source cves: unknown CVE...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.13 views

Adobe Substance 3D Designer <= 15.1.0 Multiple Vulnerabilities (APSB26-52)

The version of Adobe Substance 3D Designer installed on the remote host is prior or equal to 15.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-52 advisory. - Substance3D - Designer versions 15.1.0 and earlier are affected by a Server-Side Request Forgery...

7.8CVSS6.4AI score0.00177EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.12 views

CVE-2026-34684

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00149EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.8 views

CVE-2026-34683

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 9:31 p.m.9 views

EUVD-2026-29743

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00148EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.10 views

EUVD-2026-29744

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00148EPSS
Exploits0References2
Rows per page
Query Builder