Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.9 views

EulerOS 2.0 SP11 : ncurses (EulerOS-SA-2026-2218)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyzestring in progs/infocmp.c.CVE-2025-69720...

9.8CVSS6AI score0.00414EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/11 2:52 p.m.3 views

CVE-2026-30903

External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access...

9.6CVSS5.8AI score0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/09 10:54 p.m.39 views

CVE-2026-30919 facileManager Affected by Stored Cross-Site Scripting (XSS)

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , stored XSS also known as persistent or second-order XSS occurs when an application receives data from an untrusted source and includes that data in its subsequent HTTP responses in an unsafe manner. Thi...

7.6CVSS0.00187EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/01/02 12:0 a.m.4 views

listmonk 跨站脚本漏洞

listmonk is a high-performance, self-hosted, newsletter and mailing list manager with a modern dashboard by the individual developer Kailash Nadh. A cross-site scripting vulnerability exists in listmonk versions prior to 6.0.0, which originates from a low-privileged user who can inject malicious...

6.4CVSS6.1AI score0.00198EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/09 2:14 p.m.4 views

CVE-2025-67572 WordPress PenNews theme < 6.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through 6.7.4...

5.3CVSS6.6AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 9:48 p.m.8 views

CVE-2025-58131 Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 or before 6.2.15 and 6.3.12 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

6.6CVSS0.00101EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-39427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.40. Easily...

8.8CVSS7.4AI score0.00349EPSS
Exploits0References2
OSV
OSV
added 2025/08/21 7:15 p.m.3 views

CVE-2025-38743

Dell iDRAC Service Module iSM, versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges...

7.8CVSS5.9AI score0.00135EPSS
Exploits0References1
OSV
OSV
added 2025/07/04 2:15 p.m.11 views

AZL-64779 CVE-2025-38227 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...

7.8CVSS6.3AI score0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/03/24 10:15 p.m.4 views

CVE-2025-26512

SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed...

9.9CVSS7.4AI score0.00645EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.12 views

PT-2024-32788

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description The issue is related to the firmware loader in the Linux kernel, where certain code paths construct firmware file names from string components passed through from devices or semi-privileged...

7.8CVSS7.1AI score0.00286EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.11 views

PT-2024-21502

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8 Description A race condition in the Linux kernel's swap cache can cause data corruption when two or more threads swap in the same entry at the same time. This can lead to a stalled page being installed into t...

5.5CVSS5.4AI score0.00252EPSS
Exploits0
CNVD
CNVD
added 2024/01/30 12:0 a.m.5 views

FFmpeg Command Execution Vulnerability (CNVD-2024-28709)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A command execution vulnerability exists in versions of Ffmpeg prior to n6.1, which can be exploited by an attacker to execute arbitrary commands on a system...

9.8CVSS7.7AI score0.01192EPSS
Exploits0References1
CNVD
CNVD
added 2024/01/29 12:0 a.m.13 views

Unspecified vulnerability in Linux kernel (CNVD-2024-06430)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel prior to version 6.5.9, which stems from a null pointer dereference in sendacknowledge in net/nfc/nci/spi.c. The vulnerability i...

5.5CVSS6.4AI score0.00237EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.4 views

Archer Platform Security Vulnerability

Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists in Archer Platform version 6.x prior to 6.13.0.2.2, which stems from the inclusion of a sensitive information disclosure vulnerability, where an authenticated attacker may be able to...

6.5CVSS6AI score0.00457EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/22 6:14 p.m.10 views

CVE-2023-25813 SQL Injection via replacements in sequelize

Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fix...

10CVSS10AI score0.01444EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.2 views

PT-2022-36023 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to a use-after-free in the snd soc exit function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-35954 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to kprobes and ftrace. It involves skipping the clearing of aggrprobe's post handler in the kprobe-on-ftrace case. The actual impact and attack plausibility have not yet...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.5 views

PT-2022-35074 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: A memory leak issue was discovered in the airspy probe. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v6.0.3, update ...

7.2AI score
Exploits0References1
CNNVD
CNNVD
added 2022/06/23 12:0 a.m.2 views

Pure Storage FlashBlade 和 FlashArray 安全漏洞

Pure Storage FlashArray and Pure Storage FlashBlade are both products of Pure Storage, Inc. the Pure Storage FlashArray is an all QLC flash storage array. the Pure Storage FlashBlade is a consolidated storage platform for file and object Pure Storage FlashBlade is a consolidated storage platform...

9CVSS7.9AI score0.01047EPSS
Exploits0References2
Rows per page
Query Builder