Lucene search
+L

21724 matches found

cve
cve
added 4 hours ago17 views

CVE-2026-46377

CVE-2026-46377 (Dasel) : A bug in the escape sequence handling of the selector lexer causes an index-out-of-range panic when a trailing backslash is inside a quoted string. The issue resides in parseCurRune where a backslash path increments pos and then reads p.src[pos] without a bounds check. Af...

6.2CVSS6.1AI score0.00052EPSS
Exploits0References3
nuclei
nuclei
added 13 hours ago20 views

MaNGOSWebV4 < 4.0.8 - Cross-Site Scripting

paintballrefjosh/MaNGOSWebV4 4.0.8 contains a reflected XSS caused by unsanitized input in install/index.php step parameter, letting attackers execute arbitrary scripts in the victim's browser, exploit requires victim to visit a maliciously crafted URL id: CVE-2017-6478 info: name: MaNGOSWebV4...

6.1CVSS6.6AI score0.02574EPSS
Exploits6References4
nuclei
nuclei
added 13 hours ago11 views

Vite dev server - Cross-Site Scripting

Vite's dev server, when used with appType: 'custom' and manually invoking server.transformIndexHtml using the unmodified request URL, is vulnerable to XSS via a crafted URL payload. If the HTML being served includes an inline module script ..., an attacker can inject a script via the URL,...

6.1CVSS6.7AI score0.00997EPSS
Exploits1References2
nuclei
nuclei
added 13 hours ago15 views

OfficeWeb365 Indexs Interface - Arbitrary File Read

There is any file reading in the officeWeb365 Indexs interface. id: CVE-2024-37728 info: name: OfficeWeb365 Indexs Interface - Arbitrary File Read author: DhiyaneshDK severity: high description: | There is any file reading in the officeWeb365 Indexs interface. impact: | Unauthenticated attackers...

7.5CVSS6.1AI score0.01852EPSS
Exploits0References2
osv
osv
added yesterday5 views

ROOT-APP-PYPI-GHSA-W235-7P84-XX57 GHSA-w235-7p84-xx57 in rootio-tornado - Patched by Root

Root has patched GHSA-w235-7p84-xx57 in the rootio-tornado package for Root:PyPI. Multiple fixed versions available...

6.5CVSS5.9AI score
Exploits0
osv
osv
added yesterday6 views

ROOT-APP-PYPI-CVE-2023-28370 CVE-2023-28370 in rootio-tornado - Patched by Root

Root has patched CVE-2023-28370 in the rootio-tornado package for Root:PyPI. Multiple fixed versions available...

6.1CVSS6.6AI score0.01132EPSS
Exploits0
osv
osv
added yesterday5 views

ROOT-APP-PYPI-CVE-2026-31958 CVE-2026-31958 in rootio-tornado - Patched by Root

Root has patched CVE-2026-31958 in the rootio-tornado package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.9AI score0.00375EPSS
Exploits0
cvelist
cvelist
added yesterday32 views

CVE-2026-56699 Wazuh Manager - NDJSON Injection in inventory_sync via Agent-Controlled DataValue.index

Wazuh Manager before 5.0.0-beta3 fails to escape the DataValue.index field when constructing OpenSearch bulk requests, allowing enrolled agents to inject arbitrary NDJSON operations. Attackers can smuggle delete, index, or update operations into bulk requests executed under the manager's admin...

10CVSS
Exploits0References2
euvd
euvd
added yesterday5 views

EUVD-2026-44630

Wazuh Manager before 5.0.0-beta3 fails to escape the DataValue.index field when constructing OpenSearch bulk requests, allowing enrolled agents to inject arbitrary NDJSON operations. Attackers can smuggle delete, index, or update operations into bulk requests executed under the manager's admin...

10CVSS6.2AI score
Exploits0References2
nvd
nvd
added 2 days ago3 views

CVE-2026-24238

NVIDIA TensorRT for contains a vulnerability where an attacker might cause an improper validation of array index. A successful exploit of this vulnerability might lead to code execution...

7.8CVSS0.00142EPSS
Exploits0References3
cve
cve
added 2 days ago8 views

CVE-2026-24238

NVIDIA TensorRT is affected by CVE-2026-24238, which involves improper validation of an array index in a TensorRT component. The vulnerability could allow code execution and is characterized by a local attack vector with user interaction required, and high impact on confidentiality, integrity, an...

7.8CVSS6.1AI score0.00142EPSS
Exploits0References3
cvelist
cvelist
added 2 days ago35 views

CVE-2026-24238

NVIDIA TensorRT for contains a vulnerability where an attacker might cause an improper validation of array index. A successful exploit of this vulnerability might lead to code execution...

7.8CVSS0.00142EPSS
Exploits0References3
cvelist
cvelist
added 2 days ago29 views

CVE-2026-60082 DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row

DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row. When the statement handle had no fields but the source row was non-empty, the internal row-buffer helper would read from a negative array index. This could be triggered by a caller supplying inconsistent...

0.00209EPSS
Exploits0References3
cve
cve
added 2 days ago10 views

CVE-2026-60082

The CVE-2026-60082 issue affects Perl DBI prior to 1.651, where the statement handle consistency with the row is not enforced. If the statement handle has no fields but the source row is non-empty, the internal row-buffer helper could read from a negative array index. This can be triggered when a...

9.1CVSS6.1AI score0.00209EPSS
Exploits0References4
cvelist
cvelist
added 2 days ago28 views

CVE-2026-60081 DBI::ProfileData versions before 1.651 for Perl do not limit the path index

DBI::ProfileData versions before 1.651 for Perl do not limit the path index. The path index column of profile dump files is used to allocate an array of data for the parser. An unbounded value allows an attacker to specify a large index and consume available memory...

0.00209EPSS
Exploits0References3
cve
cve
added 2 days ago11 views

CVE-2026-60081

The provided data indicate a memory‑consumption risk in DBI::ProfileData prior to version 1.651 for Perl. The issue arises from an unbounded path index in profile dump files, which can be used to allocate an excessively large array and exhaust memory. Affected component: DBI::ProfileData (Perl). ...

7.5CVSS6.1AI score0.00209EPSS
Exploits0References4
osv
osv
added 2 days ago12 views

ROOT-APP-PYPI-CVE-2026-47265 CVE-2026-47265 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-47265 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

8.7CVSS5.2AI score0.0015EPSS
Exploits0
osv
osv
added 2 days ago12 views

ROOT-APP-PYPI-CVE-2026-34993 CVE-2026-34993 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34993 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

7.3CVSS7.8AI score0.00128EPSS
Exploits0
osv
osv
added 2 days ago5 views

ROOT-APP-PYPI-CVE-2023-49082 CVE-2023-49082 in rootio-aiohttp - Patched by Root

Root has patched CVE-2023-49082 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

5.3CVSS6.5AI score0.00948EPSS
Exploits1
osv
osv
added 2 days ago22 views

ROOT-APP-PYPI-CVE-2026-34518 CVE-2026-34518 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-34518 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.8AI score0.00337EPSS
Exploits0
Rows per page
Query Builder