Lucene search
K

175740 matches found

EUVD
EUVD
added 2 hours ago5 views

EUVD-2026-42053

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score
Exploits0References3
Cvelist
Cvelist
added 3 hours ago3 views

CVE-2026-7017 HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets

HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets. When the server returns a 3xx redirect, mayberedirect follows the Location: header and prepareheadersandcb re-merges the caller's headers argument into the new request, without checking whether...

Exploits0References5
RedHat Linux
RedHat Linux
added 7 hours ago5 views

golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate

A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to...

7.5CVSS5.9AI score0.00369EPSS
Exploits0References8
OSV
OSV
added 9 hours ago3 views

ROOT-APP-PYPI-CVE-2026-54279 CVE-2026-54279 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-54279 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.8AI score0.00279EPSS
Exploits0
OSV
OSV
added 9 hours ago19 views

ROOT-APP-PYPI-CVE-2025-69228 CVE-2025-69228 in rootio-aiohttp - Patched by Root

Root has patched CVE-2025-69228 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

7.5CVSS7.1AI score0.00347EPSS
Exploits0
OSV
OSV
added 9 hours ago11 views

ROOT-APP-MAVEN-CVE-2026-42581 CVE-2026-42581 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-42581 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

5.8CVSS5.8AI score0.00515EPSS
Exploits1
OSV
OSV
added 9 hours ago11 views

ROOT-APP-MAVEN-CVE-2026-41417 CVE-2026-41417 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-41417 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

5.3CVSS5.8AI score0.00307EPSS
Exploits1
OSV
OSV
added 9 hours ago8 views

ROOT-APP-MAVEN-CVE-2026-33871 CVE-2026-33871 in io.root.io.netty:netty-codec-http2 - Patched by Root

Root has patched CVE-2026-33871 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.9AI score0.01125EPSS
Exploits0
OSV
OSV
added 9 hours ago5 views

ROOT-APP-MAVEN-CVE-2026-44249 CVE-2026-44249 in io.root.io.netty:netty-handler - Patched by Root

Root has patched CVE-2026-44249 in the io.root.io.netty:netty-handler package for Root:Maven. Multiple fixed versions available...

8.1CVSS5.2AI score0.00552EPSS
Exploits0
OSV
OSV
added 9 hours ago8 views

ROOT-APP-MAVEN-CVE-2026-47691 CVE-2026-47691 in io.root.io.netty:netty-resolver-dns - Patched by Root

Root has patched CVE-2026-47691 in the io.root.io.netty:netty-resolver-dns package for Root:Maven. Multiple fixed versions available...

10CVSS5.3AI score0.00292EPSS
Exploits0
OSV
OSV
added 9 hours ago5 views

ROOT-APP-PYPI-GHSA-RR7J-V2Q5-CHGV GHSA-rr7j-v2q5-chgv in rootio-langsmith - Patched by Root

Root has patched GHSA-rr7j-v2q5-chgv in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.3AI score
Exploits0
OSV
OSV
added 10 hours ago5 views

ROOT-APP-PYPI-CVE-2026-35536 CVE-2026-35536 in rootio-tornado - Patched by Root

Root has patched CVE-2026-35536 in the rootio-tornado package for Root:PyPI. Multiple fixed versions available...

7.2CVSS5.9AI score0.00237EPSS
Exploits0
OSV
OSV
added 10 hours ago4 views

ROOT-APP-PYPI-CVE-2024-52804 CVE-2024-52804 in rootio-tornado - Patched by Root

Root has patched CVE-2024-52804 in the rootio-tornado package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.4AI score0.01051EPSS
Exploits0
OSV
OSV
added 13 hours ago7 views

ROOT-APP-PYPI-CVE-2026-42561 CVE-2026-42561 in rootio-python-multipart - Patched by Root

Root has patched CVE-2026-42561 in the rootio-python-multipart package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.8AI score0.00549EPSS
Exploits0
RedHat Linux
RedHat Linux
added 14 hours ago3 views

firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service in the Graphics: ImageLib component...

6.5CVSS5.9AI score0.00227EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 14 hours ago3 views

firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service in the Graphics: ImageLib component...

6.5CVSS5.9AI score0.00227EPSS
Exploits0References6
Nuclei
Nuclei
added 18 hours ago12 views

WordPress Media Library Assistant <= 3.34 - SQL Injection

David Lingren Media Library Assistant = 3.34 contains an sql injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires crafted input. id: CVE-2026-34885 info: name: WordPress Media Library Assistant = 3.34 -...

8.5CVSS6.2AI score0.01668EPSS
Exploits0References3
Nuclei
Nuclei
added 18 hours ago19 views

Media Library Assistant < 2.82 - Unauthenticated Limited Local File Inclusion

Media Library Assistant plugin for WordPress before 2.82 contains a local file inclusion caused by unsanitized mlagallery link parameter, letting attackers include arbitrary local files, exploit requires access to the vulnerable link. id: CVE-2020-11732 info: name: Media Library Assistant 2.82 -...

7.5CVSS7.2AI score0.04917EPSS
Exploits4References1
Nuclei
Nuclei
added 18 hours ago45 views

Slims9 Bulian 9.4.2 - SQL Injection

Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. id: CVE-2021-45793 info: name: Slims9 Bulian 9.4.2 - SQL Injection author: nblirwn severity: high description: | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data c...

7.5CVSS7.1AI score0.04637EPSS
Exploits1References2
Nuclei
Nuclei
added 18 hours ago55 views

MicroStrategy Library <11.1.3 - Cross-Site Scripting

MicroStrategy Library before 11.1.3 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...

6.1CVSS6.4AI score0.0454EPSS
Exploits0References5
Rows per page
Query Builder