Lucene search
K

998 matches found

EUVD
EUVD
added 2026/07/02 2:50 p.m.16 views

EUVD-2026-41397

A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...

8.3CVSS5.8AI score0.00195EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 2:49 p.m.9 views

EUVD-2026-41391

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device...

9.9CVSS5.8AI score0.00872EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:45 p.m.5 views

CVE-2026-52866

An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection...

7.1CVSS5.2AI score0.00222EPSS
Exploits0References5
Redos
Redos
added 2026/06/09 12:0 a.m.11 views

ROS-20260609-73-0033

The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.5CVSS5.4AI score0.00463EPSS
Exploits0
Redos
Redos
added 2026/06/09 12:0 a.m.10 views

ROS-20260609-73-0031

The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.5CVSS5.4AI score0.00452EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/06/03 12:0 a.m.5 views

The vulnerability of the modular interface of the Ruby-based Rack web server allows a hacker to trigger a service failure.

The vulnerability of the modular interface of the Ruby-based Rack web server is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS5.8AI score0.0043EPSS
Exploits0References8Affected Software6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.16 views

Malicious code in @cloudplatform-single-spa/logaas (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/25 12:0 a.m.4 views

The vulnerability of the minimatch library on the Node.js software platform, which allows a hacker to cause a service failure.

The vulnerability of the minimatch library on the Node.js software platform is related to its algorithmic complexity. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS5.8AI score0.00517EPSS
Exploits1References7Affected Software28
NVD
NVD
added 2026/05/22 2:16 a.m.45 views

CVE-2026-33000

A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...

9.1CVSS0.01248EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/22 12:43 a.m.11 views

EUVD-2026-31382

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...

10CVSS5.8AI score0.78555EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.21 views

PT-2026-42657

Name of the Vulnerable Software and Affected Versions UniFi OS Server versions prior to 5.0.8 Description An improper access control flaw exists in UniFi OS Server. The issue occurs because nginx evaluates the raw request URI for authentication purposes but performs routing using the normalized...

10CVSS8AI score0.02452EPSS
Exploits2References60
FreeBSD
FreeBSD
added 2026/04/21 12:0 a.m.9 views

FreeBSD -- Kernel use-after-free bug in the TIOCNOTTY handler

Problem Description: The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the terminal structure may end up containing a pointer to freed memory. Impact: A...

8.4CVSS5.7AI score0.00165EPSS
Exploits0
EUVD
EUVD
added 2026/04/17 9:31 a.m.15 views

EUVD-2026-23384

The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This makes it possible for the threat actor to maintain a...

9.8CVSS5.8AI score0.00495EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/23 2:37 a.m.45 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS6.7AI score0.00632EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/19 8:14 p.m.4 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS7AI score0.00632EPSS
Exploits1References8
EUVD
EUVD
added 2026/02/24 8:51 a.m.8 views

EUVD-2024-17272

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider IDP there is a risk that a local user store user's information may be replaced during the account provisioning process in cases where federated users share the same username as local users. There will...

7.7CVSS5.3AI score0.00261EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/01/12 5:35 p.m.24 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS7.2AI score0.00632EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.7 views

CVE-2023-25007

A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution...

7.8CVSS6.9AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.7 views

CVE-2023-25008

A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds read vulnerability which could result in code execution...

7.8CVSS6.8AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.10 views

CVE-2023-29075

A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

9.8CVSS7.3AI score0.00991EPSS
Exploits0References1
Rows per page
Query Builder