Lucene search
K

2234 matches found

Vulnrichment
Vulnrichment
added 2026/06/03 12:30 a.m.7 views

CVE-2026-10703 EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

6.5CVSS6.1AI score0.00243EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/03 12:0 a.m.10 views

EUVD-2026-34058

A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit...

6.5CVSS6.2AI score0.00214EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.12 views

PT-2026-46056

Name of the Vulnerable Software and Affected Versions mlrun versions prior to 1.12.0-rc3 Description The DataFrame Hash Handler component contains an issue in the calculate dataframe hash function within the mlrun/utils/helpers.py file. This allows for the use of a weak hash, which can be...

3.6CVSS5.7AI score0.00075EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/02 12:31 a.m.14 views

EUVD-2026-33818

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...

5.3CVSS5.5AI score0.00222EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/01 5:45 a.m.11 views

EUVD-2026-33562

A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::readmeshes of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been...

5.3CVSS6.1AI score0.00125EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/01 4:30 a.m.23 views

EUVD-2026-33557

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function handlewebhookrequest of the file gateway/platforms/feishu.py of the component Webhook Endpoint. Such manipulation leads to resource consumption. The attack can be...

6.9CVSS5.4AI score0.00372EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/01 3:30 a.m.7 views

CVE-2026-10220

A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function servepluginskill/skillview of the file tools/skillstool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been publicly disclosed and ma...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/01 3:30 a.m.41 views

CVE-2026-10220

CVE-2026-10220 affects NousResearch hermes-agent up to version 2026.4.30. The vulnerability targets the function _serve_plugin_skill/skill_view in tools/skills_tool.py, where a manipulation can cause injection. It is described as a remote-access issue with a publicly disclosed exploit (PoC). The ...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/01 3:0 a.m.10 views

EUVD-2026-33539

A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolutionhandlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be...

5.5CVSS5.6AI score0.0023EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/31 11:0 p.m.12 views

CVE-2026-10201

A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has be...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References7
NVD
NVD
added 2026/05/31 4:16 p.m.16 views

CVE-2026-10190

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS0.00368EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/31 5:45 a.m.12 views

CVE-2026-10171

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public a...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/31 5:45 a.m.9 views

EUVD-2026-33491

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public a...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/31 3:15 a.m.14 views

EUVD-2026-33486

A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack is possible to be carried out remotely...

6.5CVSS6.4AI score0.01072EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.22 views

PT-2026-45091

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handle scp info in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been...

5.3CVSS5.4AI score0.00276EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/29 1:45 p.m.13 views

CVE-2026-10062 TRENDnet TEW-432BRP formSetRoute stack-based overflow

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSetRoute of the file /goform/formSetRoute. This manipulation of the argument ip/mask/gateway causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS7.8AI score0.00835EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/27 12:59 p.m.12 views

SUSE CVE-2026-9501

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

4.8CVSS5.3AI score0.00144EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43470

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS4.1AI score0.00206EPSS
Exploits0References6
NVD
NVD
added 2026/05/26 5:16 a.m.15 views

CVE-2026-9527

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly...

5.3CVSS0.00336EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/26 5:0 a.m.12 views

CVE-2026-9532 Totolink CA750-PoE Setting cstecgi.cgi setUploadUserData os command injection

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. The attack may be performe...

6.5CVSS6.3AI score0.01803EPSS
Exploits0References5
Rows per page
Query Builder