1128 matches found
EUVD-2026-2357
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...
EUVD-2026-2079
Information disclosure in the XML component. This vulnerability affects Firefox 147...
EUVD-2026-2080
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox 147, Firefox ESR 115.32, and Firefox ESR 140.7...
EUVD-2026-2086
Sandbox escape due to integer overflow in the Graphics component. This vulnerability affects Firefox 147, Firefox ESR 115.32, and Firefox ESR 140.7...
EUVD-2026-2085
Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox 147, Firefox ESR 115.32, and Firefox ESR 140.7...
EUVD-2026-2360
The WP Duplicate Page plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'duplicateBulkHandle' and 'duplicateBulkHandleHPOS' functions in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...
EUVD-2026-2368
Not used...
EUVD-2026-2365
Not used...
EUVD-2026-2364
Not used...
EUVD-2026-2349
The E-xact | Hosted Payment | WordPress plugin through 2.0 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server...
EUVD-2026-2373
Due to a Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious link. When an unsuspecting user clicks this link, the user may be redirected to a site controlled by the attacker. Successful exploitation could allow the attacker to...
EUVD-2026-2380
Due to an OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables...
EUVD-2026-2388
Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted...
EUVD-2026-2385
SAP Landscape Transformation allows an attacker with admin privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code/OS commands into the system, bypassing essential authorization checks. This vulnerability effectively...
EUVD-2026-2397
EUVD-2026-2397...
EUVD-2026-2399
EUVD-2026-2399...
EUVD-2026-2083
Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
EUVD-2026-1940
Stored Cross-Site Scripting XSS vulnerability in WorkDo's eCommerceGo SaaS, consisting of a lack of proper validation of user input by sending a POST request to ‘/store-ticket’, using the ‘subject’ and ‘description’ parameters...
EUVD-2026-1944
MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An...
EUVD-2026-1943
Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...