Lucene search
+L

217 matches found

EUVD
EUVD
added 2025/12/17 8:46 p.m.4 views

EUVD-2025-203968

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Tahoe 26.2, iOS 26.2 and iPadOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS5.8AI score0.00558EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/15 9:30 p.m.5 views

EUVD-2025-203424

Academy LMS 6.1 contains a file upload vulnerability that allows authenticated users to upload malicious SVG files with stored cross-site scripting payloads. Attackers can inject malicious scripts through the profile avatar upload feature by modifying file extensions and embedding executable...

5.1CVSS5.6AI score0.00209EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/15 9:30 p.m.5 views

EUVD-2025-203436

WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server...

8.7CVSS7.8AI score0.00449EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/15 6:31 a.m.9 views

EUVD-2025-203327

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67906. Reason: This candidate is a reservation duplicate of CVE-2025-67906. Notes: All CVE users should reference CVE-2025-67906 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

5.4CVSS6.4AI score0.00278EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/03 6:30 p.m.5 views

EUVD-2025-201005

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking...

5.3CVSS6.4AI score0.00256EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/03 5:0 p.m.4 views

EUVD-2025-200996

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a views dashboard with a custom background using th...

3.5CVSS6.2AI score0.00198EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/20 1:26 p.m.6 views

EUVD-2025-198284

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Stored XSS.This issue affects Pyxis Signage: through 31012025...

7.2CVSS5.6AI score0.00332EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/07 12:30 a.m.5 views

EUVD-2025-38210

EUVD-2025-38210...

6.4AI score0.00311EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/06 9:31 p.m.3 views

EUVD-2025-38164

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in NetworksController.addNetworkAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

5.1CVSS7AI score0.00288EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/06 9:31 p.m.4 views

EUVD-2025-38170

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

8.6CVSS7AI score0.00284EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/04 9:31 p.m.7 views

EUVD-2025-37822

EUVD-2025-37822...

5.3CVSS6.4AI score0.00287EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/04 6:20 a.m.5 views

EUVD-2025-37557

In charger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915493; Issue ID: MSV-3800...

6.7CVSS6.1AI score0.0008EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/04 6:20 a.m.7 views

EUVD-2025-37556

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435347; Issue ID: MSV-404...

6.7CVSS6.2AI score0.00133EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/04 6:20 a.m.4 views

EUVD-2025-37570

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441507; Issue ID: MSV-411...

5.3CVSS6.2AI score0.00113EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/04 6:19 a.m.7 views

EUVD-2025-37571

In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651...

4.2CVSS6.2AI score0.00078EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/04 3:26 a.m.7 views

EUVD-2025-37622

The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as oth...

9.8CVSS5.8AI score0.00444EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/04 1:18 a.m.4 views

EUVD-2025-37694

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to cause unexpected system termination or corrupt kernel memory...

7.5CVSS5.8AI score0.00445EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/04 1:17 a.m.2 views

EUVD-2025-37692

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1, visionOS 26.1. An app may be able to enumerate a user's installed apps...

7.5CVSS5.8AI score0.0053EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/04 1:16 a.m.6 views

EUVD-2025-37700

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access sensitive user data...

5.5CVSS5.7AI score0.002EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/04 12:23 a.m.4 views

EUVD-2025-37731

By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections...

6.5CVSS6.1AI score0.00299EPSS
Exploits1References6
Rows per page
Query Builder