Lucene search
K

62473 matches found

Positive Technologies
Positive Technologies
added 6 days ago12 views

PT-2026-55332

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS spamBlocker module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-1071. This issue affects Fireware OS 12.0 up to and...

4.8CVSS5.7AI score0.00258EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915/gem: Fix phys BO pread/pwrite with offset sgpage returns struct page pointer not void so the scaling of pread/pwrite is wrong for phys BO and wrong par...

6AI score0.00164EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 6 days ago4 views

Linux Distros Unpatched Vulnerability : CVE-2026-4360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Tarfile.extract function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted...

2CVSS6AI score0.00304EPSS
Exploits0References3
EUVD
EUVD
added last week8 views

EUVD-2026-40130

Rancher has Privilege Escalation from Project Owner to Host...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added last week10 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.6AI score0.0031EPSS
Exploits0References5
NVD
NVD
added last week7 views

CVE-2026-14358

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Charts Extension allows Cross-Site Scripting XSS. This issue affects Mediawiki - Charts Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS0.00268EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 5:14 p.m.5 views

PHP: PHP SoapServer: Memory corruption and information disclosure via incorrect persistence handling

A flaw was found in the PHP SoapServer component. When the server is configured to maintain session persistence, an error during a SOAP request can cause the system to incorrectly manage memory. This can lead to a "use-after-free" vulnerability, where the system attempts to use memory that has...

9.8CVSS7.2AI score0.00302EPSS
Exploits0References5
NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-58028

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation CentralAuth. This vulnerability is associated with program files includes/Api/ApiFormatBase.Php, includes/Api/ApiHelp.Php,...

0.0039EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 4:16 p.m.7 views

CVE-2026-58032

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Api/index.Js. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6,...

5.3CVSS0.00436EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 3:17 p.m.6 views

CVE-2026-6283

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from v.4.8.2.23 before v.4.8.3.1...

5.4CVSS0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:15 p.m.6 views

CVE-2026-58028

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation CentralAuth. This vulnerability is associated with program files includes/Api/ApiFormatBase.Php, includes/Api/ApiHelp.Php,...

5.8AI score0.0039EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 3:11 p.m.12 views

CVE-2026-24264

CVE-2026-24264 affects NVIDIA Triton Inference Server for Linux. The security bulletin documents that an attacker can cause improper handling of highly compressed data, with the impact being denial of service . The vulnerability is addressed by updating to Triton Server r26.04 or later . Affected...

7.5CVSS5.8AI score0.00774EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:56 p.m.12 views

CVE-2026-58032

MediaWiki vulnerability CVE-2026-58032 is an XSS in mw.Api.getErrorMessage() that may return injected HTML when errorformat=html is not used. Affected: MediaWiki versions before 1.46.0, and earlier branches 1.45.4, 1.44.6, 1.43.9, due to improper neutralization in resources/src/mediawiki.Api/inde...

5.3CVSS5.8AI score0.00436EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:56 p.m.5 views

CVE-2026-58032

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Api/index.Js. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6,...

5.3CVSS5.8AI score0.00436EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 2:24 p.m.7 views

EUVD-2026-41012

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from...

5.8AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 2:24 p.m.22 views

CVE-2026-58031

The CVE-2026-58031 entry describes a stored XSS in MediaWiki (Wikimedia Foundation) via Special:ApiSandbox when a deprecated module is selected. Affected component: resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js; affected software version range: MediaWiki 1.46.0-rc.0 up to prior t...

5.8AI score0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 2:19 p.m.6 views

EUVD-2026-41010

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from v.4.8.2.23 before v.4.8.3.1...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 2:17 p.m.8 views

EUVD-2026-41009

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Block/SpecialBlock.Vue...

5.8AI score0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 2:12 p.m.7 views

EUVD-2026-41008

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.23 before v.4.8.3.1...

6.4CVSS5.8AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 1:32 p.m.18 views

CVE-2026-53356

The CVE-2026-53356 entry concerns the Linux kernel DRM/I915 GEM code. The root cause is in sg_page() returning a struct page pointer instead of (void *) which mis-scales pread/pwrite for phys BO and can cause access to incorrect parts of a buffer when a non-zero offset is used. A fix was cherry-p...

5.8AI score0.00164EPSS
Exploits0References8
Rows per page
Query Builder