Lucene search
K

9080 matches found

ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57270

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added yesterday5 views

EUVD-2026-41232

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago9 views

EUVD-2026-40011

A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...

2.4CVSS5.4AI score0.00133EPSS
Exploits0References7
NVD
NVD
added 4 days ago9 views

CVE-2026-13514

A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...

2.4CVSS0.00133EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-13514 Chess Play and Learn App com.chess AndroidManifest.xml backup

A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...

2.4CVSS0.00133EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Avoid buffer overflow attacks in the smusyssetpptable function. If a malicious user provides a smaller pptable through sysfs, followed by a larger one, it may lead to a buffer overflow attack in the smusyssetpptable...

7.8CVSS6.7AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in writetstodecoder The value of buf4 comes from the user via tsplay. This value is within the u8 range. The final length that we pass to av7110ipackinstantrepack is “len – buf4 + 1 – 4”. Therefor...

5.7AI score0.00195EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in wpa, pupnp-1.8

The Open Connectivity Foundation’s UPnP specification prior to April 17, 2020, does not prohibit the acceptance of a subscription request with a delivery URL located in a different network segment than the fully qualified event-subscription URL. This is known as the “CallStranger” issue...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PNP: The memory leak caused by the name of devices being allocated dynamically has been fixed in pnpallocdev. After the commit 1fa5ae857bb1 “Driver core: get rid of struct device’s busid string array”, the name of devices is now...

5.5CVSS5.3AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fixed a memory leak in nfcmrvlplaydeferred. Similar to the handling of playdeferred in commit 19cfe912c37b “Bluetooth: btusb: Fixed a memory leak in playdeferred”, we thought a patch might be necessary here as well...

5.5CVSS5.7AI score0.0025EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/06/16 1:10 p.m.21 views

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla , that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together, they give an operator near-total control of an infected phone: it lifts lock-screen PINs, reads and sends...

5.7AI score
Exploits0
Android Security Bulletins
Android Security Bulletins
added 2026/06/16 12:0 a.m.9 views

Android 17 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 17. Android 17 devices with a security patch level of 2026-07-01 or later are protected against these issues Android 17, as released on AOSP, will have...

10CVSS6.2AI score0.00353EPSS
Exploits0
NVD
NVD
added 2026/06/11 11:16 p.m.18 views

CVE-2026-42846

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS0.00603EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 10:49 p.m.10 views

CVE-2026-42846 ClipBucket: Remote Play URL Command Injection

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS5.5AI score0.00603EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 10:49 p.m.30 views

CVE-2026-42846 ClipBucket: Remote Play URL Command Injection

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS0.00603EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 10:49 p.m.24 views

CVE-2026-42846

CVE-2026-42846 affects ClipBucket v5 prior to 5.5.3 (pre-release #140) where the Remote Play feature concatenates a user-provided URL into shell commands without escaping. This allows an authenticated user to trigger arbitrary command execution via shell metacharacters in the URL. The issue has b...

9.8CVSS5.7AI score0.00603EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 10:49 p.m.77 views

EUVD-2026-36367

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS5.7AI score0.00603EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/11 1:54 p.m.10 views

Malicious Package

Overview @vtmn-play/react is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.12 views

PT-2026-48790

Name of the Vulnerable Software and Affected Versions ClipBucket versions prior to 5.5.3 Description The Remote Play feature in ClipBucket v5 allows authenticated users to import external URLs as video sources. The application concatenates these URLs directly into shell commands without proper...

9.8CVSS5.8AI score0.00603EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.12 views

CVE-2026-45635

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
Rows per page
Query Builder