Lucene search
K

48 matches found

EUVD
EUVD
added 2026/01/08 5:11 p.m.5 views

EUVD-2026-1479

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment in the "Estimated Staff Hours" field. The JavaScript is executed whenever another user visits the Project Cost tab. Fixed in OPEXUS eCASE Audit 11.14.2.0...

5.5CVSS6.2AI score0.00207EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/07 3:17 p.m.4 views

EUVD-2026-1205

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS6.2AI score0.00222EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 12:31 p.m.5 views

EUVD-2026-1241

EUVD-2026-1241...

6.7CVSS6.4AI score0.00075EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 12:6 p.m.5 views

EUVD-2026-1267

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Digital zoom studio DZS Video Gallery allows Reflected XSS.This issue affects DZS Video Gallery: from n/a through 12.25...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/06 4:43 p.m.5 views

EUVD-2026-1015

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Frappé allows PHP Local File Inclusion.This issue affects Frappé: from n/a through 1.8...

8.1CVSS6.5AI score0.00334EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/06 1:46 a.m.4 views

EUVD-2026-0974

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4729...

7.8CVSS6.2AI score0.00074EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/05 5:32 a.m.5 views

EUVD-2026-0909

A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formUser. Such manipulation of the argument passwd1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and...

9CVSS8.9AI score0.00783EPSS
Exploits1References6
EUVD
EUVD
added 2026/01/02 6:30 p.m.5 views

EUVD-2026-0072

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.4 views

EUVD-2026-0119

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.4 views

EUVD-2026-0187

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.1 views

EUVD-2026-0303

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.3 views

EUVD-2026-0428

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 3:51 p.m.4 views

EUVD-2026-0662

An external control of file name or path vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read or modify files or directories. We have already fixed the vulnerability in the following version:...

7CVSS6AI score0.00223EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/31 3:30 a.m.4 views

EUVD-2025-205871

A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The...

4.8CVSS5.2AI score0.00235EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/24 9:30 p.m.4 views

EUVD-2025-205321

Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow attackers to perform administrative actions without proper request validation. Attackers can exploit cross-site request forgery to change passwords and inject stored cross-site scripting payloads through...

5.3CVSS6AI score0.00216EPSS
Exploits2References5
EUVD
EUVD
added 2025/12/24 12:30 p.m.3 views

EUVD-2025-205138

In the Linux kernel, the following vulnerability has been resolved: iouring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task...

6.2AI score0.00145EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/19 6:30 a.m.7 views

EUVD-2025-204449

Not used...

6.4AI score
Exploits0References1
EUVD
EUVD
added 2025/12/18 9:31 p.m.5 views

EUVD-2025-204314

A SQL Injection vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary SQL commands via the dbname parameter, potentially leading to information disclosure or database manipulation...

5.4CVSS7.4AI score0.00188EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/18 4:49 p.m.5 views

EUVD-2025-204387

Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through 1.2.7...

5CVSS6.4AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/18 3:30 p.m.4 views

EUVD-2025-204282

Integer overflow vulnerability in the yuv2ya16Xctemplate function in libswscale/output.c in FFmpeg 8.0...

7.5CVSS6.7AI score0.0032EPSS
Exploits0References4
Rows per page
Query Builder