Lucene search
K

5570 matches found

Vulnrichment
Vulnrichment
added 2026/03/16 4:31 a.m.3 views

CVE-2026-20988

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.10 views

PT-2026-25593

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/03/13 8:40 p.m.3 views

CVE-2026-3085

GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

8.8CVSS6.4AI score0.00828EPSS
Exploits0References21
Debian CVE
Debian CVE
added 2026/03/13 8:39 p.m.3 views

CVE-2026-3081

GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

7.8CVSS8.4AI score0.00425EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/13 8:38 p.m.7 views

CVE-2026-2922

GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

7.8CVSS6.3AI score0.00431EPSS
Exploits0References3
NCSC
NCSC
added 2026/03/12 7:3 a.m.16 views

Vulnerabilities fixed in Adobe Acrobat Reader

Adobe has fixed vulnerabilities in Adobe Acrobat Reader versions up to 25.001.21265. The vulnerabilities include a Use After Free vulnerability that can be exploited to achieve arbitrary code execution. This vulnerability is triggered when a user opens a maliciously crafted file. In addition, the...

7.8CVSS5.9AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.4 views

CVE-2026-26982

Ghostty is a cross-platform terminal emulator. Ghostty allows control characters such as 0x03 Ctrl+C in pasted and dropped text. These can be used to execute arbitrary commands in some shell environments. This attack requires an attacker to convince the user to copy and paste or drag and drop...

8.8CVSS6AI score0.00307EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 3:31 a.m.5 views

EUVD-2026-11035

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input,...

5.3CVSS5.8AI score0.00524EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/11 2:19 a.m.3 views

CVE-2026-21284 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8.1CVSS5.7AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 2:19 a.m.16 views

CVE-2026-21292

Adobe Commerce (Magento) is affected by a stored Cross-Site Scripting (XSS) vulnerability (CVE-2026-21292) in multiple 2.4.x releases: 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier. Root cause: improper input validation allowing injection of malicious scripts into ...

5.4CVSS5.8AI score0.00255EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/11 2:19 a.m.37 views

CVE-2026-21290 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may...

8.7CVSS0.00452EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 2:19 a.m.39 views

CVE-2026-21361 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vvulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript m...

8.1CVSS0.00445EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 2:19 a.m.41 views

CVE-2026-21295 Adobe Commerce | URL Redirection to Untrusted Site ('Open Redirect') (CWE-601)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a URL Redirection to Untrusted Site 'Open Redirect' vulnerability. An attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issu...

3.1CVSS0.00233EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 12:31 a.m.6 views

EUVD-2026-10951

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 12:31 a.m.4 views

EUVD-2026-10944

Illustrator versions 29.8.4, 30.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00178EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 12:31 a.m.5 views

EUVD-2026-10942

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00141EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/10 10:56 p.m.3 views

CVE-2026-27268 Illustrator | Out-of-bounds Read (CWE-125)

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a vict...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References1
NVD
NVD
added 2026/03/10 10:16 p.m.3 views

CVE-2026-27220

Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

7.8CVSS0.00352EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/10 9:32 p.m.6 views

EUVD-2026-10769

Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a...

5.5CVSS5.8AI score0.00142EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 9:32 p.m.3 views

EUVD-2026-10766

Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References2
Rows per page
Query Builder