Lucene search
+L

1062 matches found

NVD
NVD
added 2026/05/01 7:15 a.m.8 views

CVE-2026-42996

JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp...

10CVSS0.00479EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/01 6:42 a.m.33 views

CVE-2026-42996

JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp...

10CVSS0.00479EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/01 6:42 a.m.5 views

CVE-2026-42996

JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp...

10CVSS6.1AI score0.00479EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/01 6:42 a.m.5 views

EUVD-2026-26482

JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp...

10CVSS6.1AI score0.00479EPSS
Exploits0References3
CVE
CVE
added 2026/05/01 6:42 a.m.21 views

CVE-2026-42996

The CVE-2026-42996 entry describes a stack-based buffer overflow in JS8Call prior to 2.3.1 and in JS8Call-improved prior to 3.0, triggered by a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. Affects APRSISClient.cpp grid2deg; CVSSv4 scores indicate CRITICAL impact on co...

10CVSS5.8AI score0.00479EPSS
Exploits0References4
OSV
OSV
added 2026/05/01 6:42 a.m.2 views

CVE-2026-42996

JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp...

10CVSS6.3AI score0.00479EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.9 views

PT-2026-36303

Name of the Vulnerable Software and Affected Versions JS8Call versions prior to 2.3.2 JS8Call-improved versions prior to 3.0 Description A stack-based buffer overflow occurs during the processing of a radio transmission containing @APRSIS GRID followed by a long Maidenhead locator. This issue is...

10CVSS6.1AI score0.00479EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/29 7:24 p.m.11 views

EUVD-2018-21825

Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler SEH chain exploitation. Attackers can craft a malicious URL file that, when imported through the File Import Import...

8.6CVSS6AI score0.00153EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/29 2:31 p.m.12 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS6.7AI score0.01945EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.16 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: python3 (UTSA-2026-014319)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014319 advisory. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD...

4.3CVSS6.4AI score0.00353EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/23 6:30 a.m.8 views

EUVD-2026-25172

The WP Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpsladdress' post meta value in versions up to, and including, 2.2.261 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00152EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/23 3:26 a.m.28 views

CVE-2026-3361 WP Store Locator <= 2.2.261 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpsl_address' Post Meta

The WP Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpsladdress' post meta value in versions up to, and including, 2.2.261 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00152EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/23 3:26 a.m.6 views

CVE-2026-3361

The WP Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpsladdress' post meta value in versions up to, and including, 2.2.261 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00152EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/23 3:26 a.m.2 views

CVE-2026-3361 WP Store Locator <= 2.2.261 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpsl_address' Post Meta

The WP Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpsladdress' post meta value in versions up to, and including, 2.2.261 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00152EPSS
Exploits0References2
CVE
CVE
added 2026/04/23 3:26 a.m.30 views

CVE-2026-3361

CVE-2026-3361 affects the WordPress plugin WP Store Locator (versions up to 2.2.261). It describes a Stored Cross-Site Scripting vulnerability through the post meta field wpsl_address , caused by insufficient input sanitization and output escaping. The issue enables authenticated users with contr...

6.4CVSS5.9AI score0.00152EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/23 3:25 a.m.10 views

WordPress WP Store Locator plugin <= 2.2.261 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpsl_address' Post Meta vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'wpsladdress' Post Meta vulnerability discovered by kai63001 in WordPress Plugin WP Store Locator versions = 2.2.261...

6.4CVSS5.8AI score0.00152EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

WordPress plugin WP Store Locator 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.6AI score0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.5 views

PT-2026-34631

The WP Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpsl address' post meta value in versions up to, and including, 2.2.261 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00152EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/20 9:31 a.m.14 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.12 views

AgentScope 安全漏洞

AgentScope is an open-source application developed by ModelScope. It simplifies the development of multi-agent applications based on LLMs. Versions of AgentScope prior to 1.0.18 contained a security vulnerability, which was caused by incorrect handling of the parameter url in the file...

7.5CVSS7.1AI score0.00284EPSS
Exploits0References1
Rows per page
Query Builder