Lucene search
K

815 matches found

Nuclei
Nuclei
added yesterday21 views

osTicket - Arbitrary File Read

Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...

8.7CVSS6.3AI score0.73125EPSS
Exploits3References3
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-39599

A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...

3.8CVSS5.8AI score0.00098EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 10:16 p.m.6 views

DEBIAN-CVE-2026-39893

Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated into a RLIKE SQL clause without sanitization. The endpoint does not require authentication graph viewing supports guest access via the configured guest...

9.8CVSS5.9AI score0.00363EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 9:45 p.m.36 views

CVE-2026-39893

Cacti is affected by a pre-auth SQL injection in versions up to 1.2.30 via the rfilter input concatenated into a RLIKE clause in graph_view.php. The vulnerability could be reached without authentication if graph viewing is enabled for a guest user, making it exploitable pre-auth. The issue has be...

9.8CVSS5.9AI score0.00363EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/24 5:41 p.m.4 views

GHSA-F637-W7P2-M7FX OliveTin: ValidateArgumentType API Endpoint's Missing Authentication Allows Action and Argument Enumeration

Summary The ValidateArgumentType RPC endpoint in service/internal/api/api.go does not perform any authentication or authorization checks. Unlike all other data-returning API endpoints, it does not call auth.UserFromApiCall or checkDashboardAccess. When AuthRequireGuestsToLogin is enabled the...

3.7CVSS5.9AI score0.00328EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52128

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description An issue exists where the rfilter request variable is concatenated into a RLIKE SQL clause without proper sanitization. This allows for a pre-authentication SQL injection SQLi on installations where...

9.8CVSS5.8AI score0.00363EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: The entire AP matrix is always filtered. The vfioapmdevfiltermatrix function is called whenever a new adapter or domain is assigned to the mdev. The purpose of this function is to update the guest’s AP configuration...

7.5CVSS6.1AI score0.0095EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libvirt

A flaw was discovered in libvirt during its generation of SELinux MCS category pairs for virtual machines’ dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breach of sVirt confinement. The greatest threat posed by this vulnerability...

6.3CVSS6.7AI score0.00493EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Qemu

A vulnerability related to out-of-bounds read/write access was discovered in the USB emulator of QEMU in versions prior to 5.2.0. This issue occurs during the processing of USB packets from a guest, when the value of USBDevice’s ‘setuplen’ exceeds the value of ‘databuf4096’ in the dotokenin and...

5CVSS7.1AI score0.05447EPSS
Exploits1References2
Talos
Talos
added 2026/06/15 12:0 a.m.7 views

GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability. Confirmed Vulnerable Versions The...

6.5CVSS5.4AI score0.00271EPSS
Exploits0
NVD
NVD
added 2026/06/12 5:16 p.m.13 views

CVE-2026-3433

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to restrict roleupdated websocket event broadcasts to members of the affected team or channel which allows an authenticated attacker with guest-level access to observe permission scheme change...

4.3CVSS0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:46 p.m.7 views

EUVD-2026-36498

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to restrict roleupdated websocket event broadcasts to members of the affected team or channel which allows an authenticated attacker with guest-level access to observe permission scheme change...

4.3CVSS5.3AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 3:46 p.m.40 views

CVE-2026-3433 Mattermost fails to scope role_updated websocket events to authorized team and channel members

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to restrict roleupdated websocket event broadcasts to members of the affected team or channel which allows an authenticated attacker with guest-level access to observe permission scheme change...

4.3CVSS0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-48926

Name of the Vulnerable Software and Affected Versions Mattermost versions prior to 11.6.2 Mattermost versions prior to 11.5.5 Mattermost versions prior to 10.11.17 Description An issue exists where role updated websocket event broadcasts are not restricted to members of the affected team or...

4.3CVSS5.2AI score0.0018EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/10 1:59 p.m.35 views

CVE-2026-45549 Roxy-WI: Authorization bypass on POST /smon/agent/action/<action> — guest can stop or restart smon-agent on any host

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, agentaction app/routes/smon/agentroutes.py:166-179 has decorators @bp.post'/agent/action/' and @jwtrequired only — no role check, no group ownership check on the serverip form...

8.5CVSS0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 1:59 p.m.6 views

CVE-2026-45549 Roxy-WI: Authorization bypass on POST /smon/agent/action/<action> — guest can stop or restart smon-agent on any host

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, agentaction app/routes/smon/agentroutes.py:166-179 has decorators @bp.post'/agent/action/' and @jwtrequired only — no role check, no group ownership check on the serverip form...

8.5CVSS5.5AI score0.00199EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 1:59 p.m.34 views

CVE-2026-45552 Roxy-WI: Cross-tenant authorization bypass on /install/* — guest can run Ansible / SSH on every registered server

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the install blueprint declares only bp.beforerequest → @jwtrequired app/routes/install/routes.py:36-39. The individual endpoints installexporter, installwaf, installgeoip,...

9.9CVSS0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.16 views

Roxy-WI 安全漏洞

Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Roxy-WI versions 8.2.6.4 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of role and group checks in the installation process for Blueprint endpoints. Any...

9.9CVSS5.3AI score0.00267EPSS
Exploits0References2
CVE
CVE
added 2026/06/06 1:26 a.m.41 views

CVE-2026-8438

The All-In-One Security (AIOS) WordPress plugin (versions up to and including 5.4.7) is affected by a Stored Cross-Site Scripting vulnerability. The root cause is insufficient input sanitization in get_rest_route() and missing output escaping in the debug log’s column_default() when the admin das...

7.2CVSS5.8AI score0.00338EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.9 views

CVE-2026-45154

Nextcloud is an open source content collaboration platform. From version 2.6.0 to before version 4.3.0, when a previous collective pages was deleted and the collective was shared view-only, guests with access to the collective were able to access the deleted pages directly from the trashbin. This...

2.6CVSS5.3AI score0.00189EPSS
Exploits0References1
Rows per page
Query Builder