Lucene search
K

1298 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 10:51 p.m.7 views

CVE-2026-3622

The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service. Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition. This...

7.5CVSS5.9AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/27 2:25 p.m.18 views

CVE-2021-27401

The Join Meeting page of Mitel MiCollab Web Client before 9.2 FP2 could allow an attacker to access view and modify user data by executing arbitrary code due to insufficient input validation, aka Cross-Site Scripting XSS...

6.1CVSS6.8AI score0.00586EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.4 views

EUVD-2026-15804

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to bypass WebAuthn two-factor authentication and gain unauthorized access to user accounts due to inconsisten...

6.8CVSS5.8AI score0.00276EPSS
Exploits0References4
CVE
CVE
added 2026/03/25 4:14 p.m.8 views

CVE-2026-25025

VikRestaurants (WordPress plugin)

7.1CVSS5.8AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 26.3 and iPadOS prior to 26.3 contained security vulnerabilities. These...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2026/03/23 11:38 p.m.6 views

CVE-2026-4614

CVE-2026-4614 : A vulnerability in itsourcecode sanitization/validation affects the Parameter Handler’s processing of /admin/subjects.php, where manipulation of the subject_code argument enables SQL injection. The issue can be exploited remotely and exploit details have been publicly disclosed. C...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References5
NVD
NVD
added 2026/03/13 7:54 p.m.4 views

CVE-2026-30915

SFTPGo is an open source, event-driven file transfer solution. SFTPGo versions before v2.7.1 contain an input validation issue in the handling of dynamic group paths, for example, home directories or key prefixes. When a group is configured with a dynamic home directory or key prefix using...

5.3CVSS0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 4:5 p.m.1 views

CVE-2025-14513 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/10 2:8 p.m.3 views

CVE-2025-61616

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS5.9AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2026/03/09 9:30 a.m.3 views

GHSA-6W48-2G9J-V9Q5 Apache IoTDB has an Improper Input Validation vulnerability

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

9.8CVSS5.7AI score0.00662EPSS
Exploits0References9
CVE
CVE
added 2026/03/09 9:2 a.m.16 views

CVE-2025-69279

CVE-2025-69279 concerns a vulnerability in the nr modem where improper input validation can cause a system crash, enabling remote denial of service without requiring privileges. Multiple sources (NVD, Red Hat, EUVD, CVE list, etc.) describe the issue consistently, identifying the affected compone...

7.5CVSS5.9AI score0.00228EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/03/04 1:51 p.m.21 views

CVE-2025-40894

CVE-2025-40894 describes a Stored HTML Injection in the Alerted Nodes Dashboard due to improper input validation. A logged-in user with required privileges can edit a node label to inject HTML, which may render in a victim’s browser if alerts exist for that node, enabling phishing and potentially...

5.4CVSS6AI score0.00162EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/03/02 6:42 p.m.3 views

CVE-2026-0014

In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.1AI score0.00094EPSS
Exploits0References1
CVE
CVE
added 2026/03/02 6:42 p.m.29 views

CVE-2025-48587

CVE-2025-48587 is linked to Google Android and involves multiple functions in ProfilingService.java where improper input validation can cause a persistent local denial of service without user interaction or extra privileges. The condition is confirmed across CVE/NVD entries and mirrored in relate...

6.2CVSS6.1AI score0.00094EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/27 3:34 a.m.10 views

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (February 2026)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-69277 DESCRIPTION: libsodium before ad3004e, in atypical use cases...

8.9CVSS6AI score0.00633EPSS
Exploits3Affected Software1
OSV
OSV
added 2026/02/26 5:3 p.m.4 views

CVE-2026-26934 Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service

Improper Validation of Specified Quantity in Input CWE-1284 in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted, malformed payload causing excessive resource consumptio...

6.5CVSS6AI score0.00275EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.14 views

PT-2026-22139

Name of the Vulnerable Software and Affected Versions Dokuzsoft Technology Ltd. E-Commerce Product versions through 10122025 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting XSS condition. The issue...

7.6CVSS6.1AI score0.00185EPSS
Exploits0References9
CVE
CVE
added 2026/02/20 3:46 p.m.15 views

CVE-2025-67972

Technical details about CVE-2025-67972 are not provided in the connected documents. Public details in the set pertain to other products (e.g., Prague plugin) and do not confirm affected vendor/version/root-cause for Zoho ZeptoMail. Monitor for updates.

4.3CVSS5.8AI score0.00306EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

WordPress plugin PixelYourSite 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 11:16 p.m.7 views

CVE-2026-20642

An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen...

2.4CVSS0.00137EPSS
Exploits0References1
Rows per page
Query Builder