Lucene search
K

535 matches found

NVD
NVD
added 2026/03/16 2:20 p.m.9 views

CVE-2026-4240

A vulnerability was determined in Open5GS up to 2.7.6. The affected element is the function smfgxccacb/smfgyccacb/smfs6baaacb/smfs6bstacb of the component CCA Handler. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been publicly disclosed and may...

7.5CVSS0.00534EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/03/12 12:2 p.m.1 views

CVE-2026-4040 OpenClaw File Existence tools.exec.safeBins information exposure

A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation leads to information exposure through discrepancy. The attack needs to be performed locally. Upgrading to version...

4.8CVSS5.3AI score0.00133EPSS
Exploits0References7
OSV
OSV
added 2026/03/12 9:15 a.m.6 views

UBUNTU-CVE-2026-4016

A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svginprocess of the file src/filters/loadsvg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has...

5.3CVSS5.2AI score0.00115EPSS
Exploits0References9
OSV
OSV
added 2026/03/12 8:32 a.m.4 views

CVE-2026-4016 GPAC SVG Parser load_svg.c svgin_process out-of-bounds write

A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svginprocess of the file src/filters/loadsvg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has...

4.8CVSS5.4AI score0.00115EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/03/11 11:32 p.m.2 views

CVE-2026-3965

A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...

6.5CVSS5.3AI score0.00441EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/03/08 6:31 a.m.3 views

EUVD-2026-10214

A vulnerability was identified in MrNanko webp4j up to 1.3.x. The affected element is the function DecodeGifFromMemory of the file src/main/c/gifdecoder.c. Such manipulation of the argument canvasheight leads to integer overflow. Local access is required to approach this attack. The exploit is...

5.3CVSS5.6AI score0.00112EPSS
Exploits0References9
OSV
OSV
added 2026/03/03 9:31 p.m.4 views

GHSA-XC68-RRQC-QGQ3 MCP NMAP Server has an Injection vulnerability

A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function childprocess.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may...

6.3CVSS5.6AI score0.02569EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.9 views

PT-2026-22539

Name of the Vulnerable Software and Affected Versions Open Babel versions up to 3.1.1 Description A flaw exists in Open Babel up to version 3.1.1 related to a null pointer dereference. This issue is located within the OBAtom::GetExplicitValence function in the isrc/atom.cpp file, specifically...

9.8CVSS5.6AI score0.00863EPSS
Exploits4References52
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.7 views

PT-2026-22545

A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.1AI score0.0055EPSS
Exploits1References18
CVE
CVE
added 2026/02/27 3:2 a.m.17 views

CVE-2026-3285

Berry-lang (up to 1.1.0) contains an out-of-bounds read in the scan_string function of src/be_lexer.c. The flaw requires local access and has publicly disclosed exploits. A patch (commit 7149c59a39ba44feca261b12f06089f265fec176) is provided as the recommended fix; apply it to remediate. Vendors (...

7.8CVSS4.5AI score0.00223EPSS
Exploits1References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.6 views

PT-2026-22288

A vulnerability was found in libvips 8.19.0. Impacted is the function vips extract area build of the file libvips/conversion/extract.c. The manipulation of the argument extract area results in integer overflow. The attack requires a local approach. The exploit has been made public and could be...

4.8CVSS4.7AI score0.00214EPSS
Exploits2References9
NVD
NVD
added 2026/02/25 11:16 p.m.4 views

CVE-2026-3209

A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to...

6.5CVSS0.00306EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/02/25 11:2 p.m.28 views

CVE-2026-3209 fosrl Pangolin Role verifyApiKeyRoleAccess access control

A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to...

6.5CVSS0.00306EPSS
Exploits0References9
NVD
NVD
added 2026/02/25 4:16 a.m.10 views

CVE-2026-3147

A vulnerability was found in libvips up to 8.18.0. This affects the function vipsforeignloadcsvbuild of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could be used. The patch i...

7.8CVSS0.00209EPSS
Exploits1References8
OSV
OSV
added 2026/02/25 4:16 a.m.3 views

UBUNTU-CVE-2026-3147

A vulnerability was found in libvips up to 8.18.0. This affects the function vipsforeignloadcsvbuild of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could be used. The patch i...

7.8CVSS5.9AI score0.00209EPSS
Exploits1References10
ATTACKERKB
ATTACKERKB
added 2026/02/25 3:2 a.m.7 views

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...

5.5CVSS4.9AI score0.00167EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2026/02/25 3:2 a.m.4 views

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...

5.5CVSS3.9AI score0.00167EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.13 views

PT-2026-21595

A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horilla generics/global search.py of the component Query Parameter Handler. The manipulation of the argument prev url results in open redirect. The attack can be executed...

5.3CVSS4.7AI score0.00377EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/02/23 5:32 a.m.7 views

CVE-2026-2974 AliasVault App Backup aliasvault.xml backup

A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file sharedprefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/keyderivationparams/authmethods leads to...

2.5CVSS4AI score0.00099EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/02/23 5:32 a.m.28 views

CVE-2026-2974 AliasVault App Backup aliasvault.xml backup

A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file sharedprefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/keyderivationparams/authmethods leads to...

2.5CVSS0.00099EPSS
Exploits0References9
Rows per page
Query Builder