Lucene search
+L

205 matches found

nvd
nvd
added 2026/07/07 4:16 p.m.11 views

CVE-2026-14935

A logic vulnerability was found in GStreamer's webrtcbin component. The checksdpcrypto function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attack...

3.7CVSS0.0015EPSS
Exploits0References4
nvd
nvd
added 2026/06/29 3:16 p.m.8 views

CVE-2026-56124

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the comple...

8.7CVSS0.00365EPSS
Exploits0References4
osv
osv
added 2026/06/29 1:47 p.m.4 views

CVE-2026-56124 phpUploader < 2.0.2 Unauthenticated Database Exposure via index model

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the comple...

8.7CVSS6AI score0.00365EPSS
Exploits0References7
cve
cve
added 2026/06/29 1:47 p.m.25 views

CVE-2026-56124

CVE-2026-56124 affects phpUploader prior to 2.0.2. An unauthenticated information-disclosure flaw exists where the index model runs an unbounded SELECT and embeds the full JSON-encoded result set in an inline script, exposing uploader IP addresses, Argon2ID key hashes, internal filenames, and SHA...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References4
euvd
euvd
added 2026/06/29 1:47 p.m.8 views

EUVD-2026-40114

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the comple...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/29 12:0 a.m.14 views

PT-2026-53284

Name of the Vulnerable Software and Affected Versions phpUploader versions prior to 2.0.2 Description An unauthenticated information disclosure exists where remote attackers can access the full contents of the uploaded-files database table by visiting any page of the application. The index model...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References6
osv
osv
added 2026/06/23 4:22 p.m.9 views

MAL-2026-6306 Malicious code in @gleamkit/probe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aaef237007e5d89031d334bf56a29892c7d6103aba9563b040556eea20ef2cfa No suspicious behaviors were detected in this package. There are no lifecycle scripts performing remote fetches, no credential or environment scrapin...

6.1AI score
Exploits0References2
osv
osv
added 2026/05/30 9:9 a.m.17 views

CLSA-2026-1780132171 Fix of 25 CVEs

CVE-2025-68724 - crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid CVE-2025-68724 CVE-2025-71196 - phy: stm32-usphyc: Fix off by one in probe CVE-2025-71196 CVE-2026-23033 - dmaengine: omap-dma: fix dmapool resource leak in error paths CVE-2026-23033 CVE-2026-23049 -...

9.8CVSS5.9AI score0.00501EPSS
Exploits0References1
packetstormnews
packetstormnews
added 2026/05/28 12:0 a.m.16 views

DeepFake Forensics AI: A Multi-Modal Detection and Blockchain-Anchored Evidence Management Platform

The proliferation of AI-generated synthetic media poses a critical threat to the integrity of digital evidence in legal and forensic contexts. Existing deepfake detection systems typically address a single modality and provide no mechanism for tamper-proof evidence preservation. We present DeepFa...

5.8AI score
Exploits0
osv
osv
added 2026/05/27 11:16 a.m.7 views

UBUNTU-CVE-2026-45841

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix divide-by-zero in OSFWSSMODULO nfosfmatchone computes ctx-window % f-wss.val in the OSFWSSMODULO branch with no guard for f-wss.val == 0. A CAPNETADMIN user can add such a fingerprint via nfnetlink; a...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/05/27 9:24 a.m.12 views

CVE-2026-45841

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix divide-by-zero in OSFWSSMODULO nfosfmatchone computes ctx-window % f-wss.val in the OSFWSSMODULO branch with no guard for f-wss.val == 0. A CAPNETADMIN user can add such a fingerprint via nfnetlink; a...

5.7AI score0.00114EPSS
Exploits0References6Affected Software1
cve
cve
added 2026/05/27 9:24 a.m.32 views

CVE-2026-45841

CVE-2026-45841 affects the Linux kernel netfilter nfnetlink_osf in the OSF_WSS_MODULO path. The root cause is a divide-by-zero in nf_osf_match_one() when ctx-&gt;window is taken modulo f-&gt;wss.val with no guard for f-&gt;wss.val == 0. A CAP_NET_ADMIN user can add such a fingerprint via nfnetlin...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References8Affected Software1
packetstormnews
packetstormnews
added 2026/05/04 12:0 a.m.8 views

Revisiting JBShield: Breaking and Rebuilding Representation-Level Jailbreak Defenses

Defending large language models LLMs against jailbreak attacks, such as Greedy Coordinate Gradient GCG, remains a challenge, particularly under adaptive threat models where an attacker directly targets the defense mechanism. JBShield, a recent jailbreak defense with a 0% attack success rate in so...

5.8AI score
Exploits0
cve
cve
added 2026/04/23 9:57 p.m.26 views

CVE-2026-41335

OpenClaw

6.9CVSS5.8AI score0.00297EPSS
Exploits0References3Affected Software1
hackerone
hackerone
added 2026/04/02 6:13 p.m.17 views

curl: # SCURLOPT_SSH_KNOWNHOSTS and host fingerprint pins are silently bypassed when an SSH connection is reused from the connection pool

Product libcurl all versions, all platforms, compiled with USESSH Protocols affected: sftp://, scp:// --- Summary libcurl's connection pool reuse logic for SSH-based protocols SFTP, SCP contains a security gap that allows a transfer's server-verification policy to be completely ignored. When an...

6AI score
Exploits0
githubexploit
githubexploit
added 2026/03/30 1:39 p.m.967 views

Exploit for Command Injection in Paloaltonetworks Pan-Os

CVE KB: A high-quality knowledge base for automatic penetratio...

10CVSS7AI score0.99999EPSS
Exploits131
euvd
euvd
added 2026/03/27 5:8 p.m.4 views

EUVD-2026-16460

Incus does not verify combined fingerprint when downloading images from simplestreams servers...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References7
osv
osv
added 2026/03/26 11:16 p.m.2 views

DEBIAN-CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

4.8CVSS5.2AI score0.0018EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/03/26 10:32 p.m.4 views

CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References2Affected Software1
cve
cve
added 2026/03/26 10:32 p.m.26 views

CVE-2026-33542

CVE-2026-33542 affects Incus, a system container and VM manager. Prior to version 6.23.0, there is a lack of validation of the image fingerprint when downloading from simplestreams image servers, which can lead to image cache poisoning and, under very narrow circumstances, exposure of other tenan...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder