Lucene search
+L

1972 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/29 3:58 p.m.8 views

CVE-2026-13748

Improper restriction of file path resolution in Snowflake CLI versions prior to 3.19 allowed arbitrary local file content to be read and transmitted to Snowflake services. An attacker could exploit this by supplying crafted repository or project content that referenced files outside the intended...

6.3CVSS6AI score0.00139EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/29 3:51 p.m.3 views

CVE-2026-13746 Snowflake CLI SQL Injection Through Improper Neutralization of Local CLI Parameters

Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could trigger this issue by supplying crafted values to vulnerable Cortex SQL or object listing command paths, causing Snowflake CLI to execute unintended SQL in the...

3.6CVSS6.1AI score0.0013EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/29 3:40 p.m.7 views

EUVD-2026-40129

Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manifest data, or specification input, an attacker could cause Snowflake CLI to execute unintended SQL i...

8.3CVSS5.9AI score0.0032EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 6:0 a.m.4 views

BIT-GITLAB-2026-12053 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows...

8.6CVSS5.8AI score0.00328EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53313

Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Sensitive information is inserted into log files in plaintext. This occurs when credentials, such as passwords, tokens, or private key material, are written to persistent local debug logs. An...

5.5CVSS6AI score0.00108EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.48 views

PT-2026-53311

Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper restriction of file path resolution allows arbitrary local file content to be read and transmitted to Snowflake services. An attacker can exploit this by providing crafted repository or...

6.3CVSS6.1AI score0.00139EPSS
Exploits0References6
CVE
CVE
added 2026/06/26 2:53 p.m.16 views

CVE-2026-57617

SeedProd Pro WordPress plugin versions prior to 6.19.5 are affected by a Cross Site Scripting (XSS) vulnerability. The CVE notes an XSS in SeedProd Pro

6.5CVSS5.8AI score0.00161EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.5 views

CVE-2026-56049

Contributor Remote Code Execution RCE in Post Snippets = 4.0.19 versions...

8.5CVSS5.9AI score0.00351EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39380

Contributor Remote Code Execution RCE in Post Snippets = 4.0.19 versions...

8.5CVSS5.9AI score0.00351EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.6 views

EUVD-2026-39367

Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/25 8:34 a.m.6 views

WordPress SeedProd Pro plugin < 6.19.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin SeedProd Pro versions 6.19.5...

6.5CVSS5.8AI score0.00161EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/25 5:16 a.m.10 views

CVE-2026-12053

GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows...

8.6CVSS0.00328EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 4:33 a.m.44 views

CVE-2026-12053 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows...

8.6CVSS0.00328EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.15 views

PT-2026-52198

Name of the Vulnerable Software and Affected Versions GitLab EE versions 19.1 through 19.1.0 Description Insufficient output filtering in Duo Workflows could allow a user to access sensitive information that had already been committed to a project. Recommendations Update GitLab EE to version 19.1...

8.6CVSS5.8AI score0.00328EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53036

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix off-by-one in checkimm signed range check checkimmbits, imm is used in the arm64 BPF JIT to verify that a branch displacement in arm64 instruction units fits into the signed N-bit immediate field of a B, B.cond or...

7.8CVSS0.00138EPSS
Exploits0References6
OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-53036 bpf, arm64: Fix off-by-one in check_imm signed range check

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix off-by-one in checkimm signed range check checkimmbits, imm is used in the arm64 BPF JIT to verify that a branch displacement in arm64 instruction units fits into the signed N-bit immediate field of a B, B.cond or...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51930

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An off-by-one error exists in the arm64 BPF JIT Just-In-Time compiler within the check immbits, imm macro. This macro is used to verify that a branch displacement fits into the signed...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References8
Metasploit
Metasploit
added 2026/06/23 7:6 p.m.199 views

Audiobookshelf Unauthenticated API Authentication Bypass Scanner

This module detects Audiobookshelf servers affected by CVE-2025-25205, an unauthenticated authentication bypass. Affected versions 2.17.0 through 2.19.0 decide whether a GET request may skip authentication by testing an unanchored regular expression against the request's full original URL,...

8.2CVSS5.9AI score0.03999EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2026/06/22 12:31 p.m.7 views

Moderate: Red Hat Security Advisory: OpenShift Virtualization v4.19 Images

Red Hat OpenShift Virtualization release v4.19 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

6.1CVSS7.3AI score0.00313EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2pdu.c omits a kfree call in certain error conditions during the smb2handlenegotiate process, resulting in a memory leak...

7.5CVSS6.7AI score0.04906EPSS
Exploits0References2
Rows per page
Query Builder