Lucene search
K

2222 matches found

Debian CVE
Debian CVE
added 2026/06/18 6:0 p.m.7 views

CVE-2026-55392

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...

6.7CVSS5.3AI score0.00105EPSS
Exploits0
OSV
OSV
added 2026/06/18 10:10 a.m.6 views

RHSA-2026:26655 Red Hat Security Advisory: ruby:3.3 security update

Bulletin has no description...

8.1CVSS4.8AI score0.01131EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/18 6:50 a.m.30 views

CVE-2026-12137 SysBasics Customize My Account for WooCommerce <= 4.3.6 - Reflected Cross-Site Scripting via 'tab' Parameter

The SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 4.3.6 due to insufficient input sanitization and output escaping. Thi...

6.1CVSS0.00211EPSS
Exploits0References4
NVD
NVD
added 2026/06/17 10:16 p.m.14 views

CVE-2026-48997

e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...

7.1CVSS0.00747EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2025-210234

Unauthenticated Local File Inclusion in Orpheus = 1.3 versions...

8.1CVSS5.1AI score0.00348EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 5:21 p.m.34 views

CVE-2026-30803

CVE-2026-30803 describes an Integer Underflow in RTI Connext Micro (Core Libraries) that allows an overread of buffers. Affected is Connext Micro versions from 4.0.0 up to, but not including, 4.3.0. The description provided does not specify a disclosed exploit, mitigation, or a confirmed fix vers...

9.1CVSS5.2AI score0.00296EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/17 4:57 p.m.13 views

Important: Red Hat Security Advisory: ruby:3.3 security update

An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.1CVSS6AI score0.01131EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 2:17 p.m.11 views

CVE-2025-69128

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in EMV JobCareer allows Path Traversal. This issue affects JobCareer: from n/a through 7.3...

8.6CVSS0.0046EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:48 p.m.8 views

EUVD-2025-210247

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in EMV JobCareer allows Path Traversal. This issue affects JobCareer: from n/a through 7.3...

8.6CVSS5.2AI score0.0046EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/17 12:58 p.m.6 views

WordPress Visual Link Preview plugin <= 2.3.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by she11f in WordPress Plugin Visual Link Preview versions = 2.3.1...

7.4CVSS5.8AI score0.00264EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/06/17 9:50 a.m.9 views

CVE-2026-22340

CVE-2026-22340: Unauthenticated SQL Injection in WordPress WPJobster theme

9.3CVSS5.7AI score0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.20 views

CVE-2025-69125 WordPress Food Drop theme <= 1.3 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Food Drop = 1.3 versions...

8.1CVSS0.00348EPSS
Exploits0References1
OSV
OSV
added 2026/06/16 11:47 a.m.6 views

BIT-MARIADB-MIN-2026-44172 MariaDB: mysql_real_escape_string() incorrectly handled big5

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...

9.8CVSS5.6AI score0.00419EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2026-36988

Unauthenticated Broken Access Control in WPAdverts = 2.3.0 versions...

6.5CVSS5.1AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36955

Subscriber Insecure Direct Object References IDOR in EventPrime = 4.3.0.0 versions...

7.1CVSS5.2AI score0.00278EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36926

Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free = 5.3 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:17 p.m.8 views

CVE-2026-48889

Subscriber Privilege Escalation in Amelia = 2.3 versions...

8.8CVSS0.00378EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.7 views

CVE-2026-34901

Unauthenticated Privilege Escalation in iControlWP = 5.5.3 versions...

9.8CVSS0.00321EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2025-68851

Unauthenticated Cross Site Scripting XSS in Okay Toolkit = 2.3 versions...

7.1CVSS0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.9 views

EUVD-2026-36887

Unauthenticated PHP Object Injection in Integration for Contact Form 7 HubSpot = 1.3.7 versions...

9.8CVSS5.3AI score0.00383EPSS
Exploits0References1
Rows per page
Query Builder