Lucene search
K

2222 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 7:2 p.m.10 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: ruby3.3: ruby3.3-3.3.10-23.2.hum1 aarch64, x8664 ruby3.3-bundled-gems-3.3.10-23.2.hum1 aarch64, x8664 ruby3.3-default-gems-3.3.10-23.2.hum1 noarch ruby3.3-devel-3.3.10-23.2.hum1 aarch64, x8664...

7.6CVSS5.8AI score0.0041EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 1:36 p.m.6 views

EUVD-2026-40107

Unauthenticated Cross Site Scripting XSS in Jobify = 4.3.2 versions...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/29 1:23 p.m.5 views

WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by qdtad in WordPress Plugin Novalnet Payment Gateway for WooCommerce versions = 12.10.3...

9.8CVSS5.8AI score0.00336EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-434 Remote unauthenticated attackers able to upload files in Onionshare

OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to upload files on a non-public node when using the --receive functionality...

9.8CVSS7.2AI score0.0232EPSS
Exploits1References7
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-270 OS Command Injection in Apache Airflow

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pig Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Pig Provider...

9.8CVSS7.4AI score0.03944EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 10:16 p.m.13 views

CVE-2026-36478

An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...

7.5CVSS0.00386EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 6:59 p.m.23 views

CVE-2026-52782

OpenProject versions prior to 17.3.3 and 17.4.1 are affected by an IDOR in /projects//settings/project_storages/ via PATCH parameter storages_project_storage[project_folder_id], allowing a project-admin to hijack another project’s managed Nextcloud/OneDrive folder on the same storage. The vulnera...

9.9CVSS5.7AI score0.00258EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 3:32 p.m.11 views

EUVD-2026-39772

A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 JP2 file...

6.5CVSS6.2AI score0.00465EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-57649

Subscriber Broken Access Control in Shoppable Images Lite = 1.3 versions...

4.3CVSS0.00213EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-54834

Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone = 2.3.2 versions...

7.5CVSS0.00294EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.16 views

CVE-2026-54847

The CVE-2026-54847 entry concerns the WordPress plugin “Stylish Cost Calculator” (versions

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.34 views

CVE-2026-54834 WordPress Object Cache 4 everyone plugin <= 2.3.2 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone = 2.3.2 versions...

7.5CVSS0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.35 views

CVE-2025-68063 WordPress Splash - Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability

Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey = 4.4.3 versions...

7.5CVSS0.0032EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 8:13 p.m.7 views

EUVD-2026-39557

A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length of the ACK record-number list, causing an undersized buffer to be allocated and then overrun. This...

8.8CVSS6.1AI score0.00385EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 1:17 p.m.32 views

CVE-2026-46733

Dell Display and Peripheral Manager DDPM Windows, versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

7.8CVSS0.00101EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.6 views

EUVD-2026-39363

Subscriber Sensitive Data Exposure in Visual Link Preview = 2.3.1 versions...

7.4CVSS5.8AI score0.00264EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:12 p.m.16 views

CVE-2026-54821

The CVE-2026-54821 entry concerns the WordPress Visual Link Preview plugin, affected versions are

7.4CVSS5.8AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 6:17 p.m.17 views

CVE-2026-49851

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...

8.7CVSS0.0035EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 7:16 a.m.10 views

CVE-2026-8622

The Image Sizes on Demand plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Server Variable in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/06/21 5:30 a.m.23 views

CVE-2026-12780

AOMEI Backupper Kernel Driver amwrtdrv.sys (library within the Kernel Driver) up to version 8.3.0 is affected. The vulnerability enables local privilege escalation via improper access control in amwrtdrv.sys. Exploitation is local and reportedly has public disclosure; no exploit vector details ar...

8.5CVSS6.5AI score0.00111EPSS
Exploits0References5
Rows per page
Query Builder