Lucene search
K

6560 matches found

Debian CVE
Debian CVE
added yesterday5 views

CVE-2026-58028

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation CentralAuth. This vulnerability is associated with program files includes/Api/ApiFormatBase.Php, includes/Api/ApiHelp.Php,...

5.8AI score
Exploits0
Nuclei
Nuclei
added yesterday13 views

IPeakCMS 3.5 - SQL Injection

ipeak Infosystems ibexwebCMS 3.5 contains an unauthenticated Boolean-based SQL injection caused by unsanitized 'id' parameter in /cms/print.php, letting attackers execute arbitrary SQL commands, exploit requires no authentication. id: CVE-2021-3018 info: name: IPeakCMS 3.5 - SQL Injection author:...

9.8CVSS7.6AI score0.19506EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday22 views

PDF & Print by BestWebSoft < 1.9.4 - Cross-Site Scripting

The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues. id: CVE-2017-18528 info: name: PDF & Print by BestWebSoft 1.9.4 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues. impact: |...

6.1CVSS6.4AI score0.01757EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday17 views

WordPress Print Invoice & Delivery Notes for WooCommerce <= 5.8.0 - Remote Code Execution

Print Invoice & Delivery Notes for WooCommerce plugin for WordPress = 5.8.0 contains a remote code execution caused by missing capability check, PHP enabled in Dompdf, and missing escape in template.php, letting unauthenticated attackers execute code on the server. id: CVE-2025-13773 info: name:...

9.8CVSS6.5AI score0.032EPSS
Exploits0References3
OSV
OSV
added 3 days ago5 views

PYSEC-2026-463 PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)

Summary executecode in praisonaiagents/tools/pythontools.py v1.6.37, subprocess sandbox mode can be fully bypassed using print.self to retrieve the real Python builtins module, from which import can be extracted via vars and runtime string construction. This achieves arbitrary OS command executio...

9.9CVSS6.4AI score0.0012EPSS
Exploits0References5
OSV
OSV
added 4 days ago2 views

OSV-2026-987 Index-out-of-bounds in print_insn_tic6x

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=528509499 Crash type: Index-out-of-bounds Crash state: printinsntic6x disassemblesection bfdmapoversections...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

EulerOS 2.0 SP15 : cups (EulerOS-SA-2026-2478)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local...

7.8CVSS6.7AI score0.00502EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 5 days ago7 views

EulerOS 2.0 SP15 : cups (EulerOS-SA-2026-2437)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local...

7.8CVSS6.7AI score0.00502EPSS
Exploits7References8
NVD
NVD
added 6 days ago6 views

CVE-2026-56060

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...

7.5CVSS0.00303EPSS
Exploits0References1
CVE
CVE
added 6 days ago7 views

CVE-2026-56060

The CVE concerns the WordPress plugin Print Invoice & Delivery Notes for WooCommerce . Affected: WooCommerce plugin versions up to and including 7.1.1 . Vulnerability: Unauthenticated Sensitive Data Exposure when generating prints for invoices and delivery notes, allowing access to confidential d...

7.5CVSS5.8AI score0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-56060 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...

7.5CVSS0.00303EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/23 6:38 a.m.4 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.5AI score0.12797EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2026/06/23 1:27 a.m.5 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.5AI score0.12797EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2026/06/23 1:24 a.m.4 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.5AI score0.12797EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2026/06/23 1:16 a.m.4 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.5AI score0.12797EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2026/06/23 1:1 a.m.10 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.5AI score0.12797EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2026/06/23 12:46 a.m.8 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.5AI score0.12797EPSS
Exploits7References5
CVE
CVE
added 2026/06/22 3:24 a.m.20 views

CVE-2026-6645

The CVE-2026-6645 vulnerability affects the PaperCut Print Deploy Client for Windows, specifically the pc-printer-updater.exe component. The issue arises when the application performs an internal validation by invoking a secondary system utility without an absolute path, relying on the OS search ...

7.3CVSS6.1AI score0.00136EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 3:24 a.m.9 views

EUVD-2026-38209

An insecure process execution vulnerability exists in the pc-printer-updater.exe component of the PaperCut Print Deploy Client for Windows. The application, which typically operates with high-level system privileges, attempts to perform an internal validation check by invoking a secondary system...

7.3CVSS6.1AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 3:24 a.m.29 views

CVE-2026-6645 Insecure Search Path Vulnerability in PaperCut Print Deploy Client for Windows

An insecure process execution vulnerability exists in the pc-printer-updater.exe component of the PaperCut Print Deploy Client for Windows. The application, which typically operates with high-level system privileges, attempts to perform an internal validation check by invoking a secondary system...

7.3CVSS0.00136EPSS
Exploits0References1
Rows per page
Query Builder