Lucene search
K

457894 matches found

RedHat Linux
RedHat Linux
added 2026/06/16 10:57 a.m.7 views

HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection

A flaw was found in the HP Linux Imaging and Printing Software HPLIP. This vulnerability may allow a local attacker to achieve escalation of privileges and/or arbitrary code execution through operating system command injection. This could lead to an attacker gaining unauthorized control over the...

8.5CVSS6.1AI score0.0088EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2026/06/16 10:30 a.m.39 views

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours...

9.8CVSS6.6AI score0.48668EPSS
Exploits7
NVD
NVD
added 2026/06/16 10:16 a.m.15 views

CVE-2026-5416

Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command injection vulnerability in the Managed Ethernet Switch, resulting in full system compromise...

8.8CVSS0.00771EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 10:16 a.m.12 views

CVE-2026-52715

Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...

9.3CVSS0.0025EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 10:16 a.m.9 views

CVE-2026-39574

Unauthenticated SQL Injection in InPost Gallery = 2.1.4.6 versions...

9.3CVSS0.00234EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 10:16 a.m.9 views

CVE-2026-39581

Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic = 1.1.4 versions...

8.5CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 10:16 a.m.10 views

CVE-2026-52712

Subscriber SQL Injection in Attendance Manager = 0.6.2 versions...

7.6CVSS0.00235EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 10:16 a.m.10 views

CVE-2026-49772

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS0.00229EPSS
Exploits1References1
NVD
NVD
added 2026/06/16 10:16 a.m.11 views

CVE-2026-49774

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS0.0028EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:4 a.m.12 views

EUVD-2026-37057

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS5.7AI score0.00229EPSS
Exploits1References1
CVE
CVE
added 2026/06/16 9:4 a.m.31 views

CVE-2026-49772

CVE-2026-49772 affects WordPress plugin The Events Calendar (Liquid Web / StellarWP) versions 6.15.12–6.16.2. The issue is an SQL Injection due to improper neutralization of special elements, enabling blind SQL injection. CVSS 3.1 base score 9.3 (CRITICAL) with AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...

9.3CVSS5.6AI score0.00229EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/16 9:4 a.m.37 views

CVE-2026-49772 WordPress The Events Calendar plugin 6.15.12-6.16.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS0.00229EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/16 9:2 a.m.8 views

EUVD-2026-37056

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS5.4AI score0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:2 a.m.31 views

CVE-2026-49774 WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:2 a.m.20 views

CVE-2026-49774

CVE-2026-49774 describes an "Improper Control of Generation of Code (Code Injection)" vulnerability in the WordPress RD Station plugin

9.9CVSS5.4AI score0.0028EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.6 views

EUVD-2026-37051

Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...

9.3CVSS5.8AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.18 views

CVE-2026-52715

GEO my WordPress plugin (WordPress)

9.3CVSS5.7AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.31 views

CVE-2026-52715 WordPress GEO my WordPress plugin <= 4.5.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...

9.3CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.23 views

CVE-2026-52712 WordPress Attendance Manager plugin <= 0.6.2 - SQL Injection vulnerability

Subscriber SQL Injection in Attendance Manager = 0.6.2 versions...

7.6CVSS0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.7 views

EUVD-2026-37049

Subscriber SQL Injection in Attendance Manager = 0.6.2 versions...

7.6CVSS5.8AI score0.00235EPSS
Exploits0References1
Rows per page
Query Builder