Lucene search
K

11092 matches found

CNNVD
CNNVD
added 2026/05/22 12:0 a.m.7 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in versions of Mattermost 11.6.0 and earlier 11.6.x series, as well as versions prior to 11.5.3 11.5.x series, 11.4.4 and earlier 11.4.x series, and 10.11.14 and earlier 10.11.x...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.6 views

Vifm 安全漏洞

Vifm is a Vim-style file manager developed by Vifm. Versions 0.12.1 to 0.14.3 of Vifm contain security vulnerabilities. These vulnerabilities stem from heap buffer overflows during historical merges, which could lead to memory corruption or application crashes...

4.8CVSS5.9AI score0.0014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: qt5-qtsvg (UTSA-2026-016645)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016645 advisory. Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend called from QPainterPath::addPath and...

5.5CVSS6.2AI score0.01343EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.16 views

PT-2026-42792

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 throug...

5.8AI score0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.10 views

PT-2026-42788

Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of a user's password to bypass the user's multi-factor authentication after the user reconfigures their factors. This issue affects : Devolutions...

5.8AI score0.00215EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.24 views

RockyLinux 10 : java-25-openjdk (RLSA-2026:9693)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:9693 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013...

8.2CVSS7.2AI score0.01052EPSS
Exploits2References25
Vulnrichment
Vulnrichment
added 2026/05/21 9:48 p.m.6 views

CVE-2026-4929 Simple Hierarchical Select (Drupal 7) XSS in term-derived output

Simple Hierarchical Select SHS for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output shsfieldformatterview and term-tree child-term data generation shstermgetchildren. Malicious taxonomy term...

5.1CVSS5.6AI score0.00205EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/05/21 9:35 p.m.7 views

antgent (>=0.3.0 <=0.3.2), ara-cli (>=0.1.14.13 <=0.1.14.14) +44 more potentially affected by CVE-2026-46678 via pydantic-ai-slim (>=1.56.0 <=1.98.0)

pydantic-ai-slim PYPI version =1.56.0, =0.3.0, =0.1.14.13, =1.5.0, =0.1.0a1, =0.0.400, =0.0.1, =1.0.0, =1.0.3, =0.0.498, =0.1.1, =0.7.0rc1, =0.1.1, =0.1.0, =0.3.1 and more Source cves: CVE-2026-46678 Source advisory: OSV:GHSA-CQP8-FCVH-X7R3...

5.5AI score0.00039EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:35 p.m.12 views

Security Bulletin: IBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables (CVE-2026-6053)

Summary is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables. Vulnerability Details CVEID:CVE-2026-6053 DESCRIPTION: IBM Db2 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables. CWE:CWE-770:...

5.5CVSS5.8AI score0.00098EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/05/21 11:49 a.m.24 views

CVE-2026-6841

The CVE-2026-6841 entry describes a reflected cross-site scripting (XSS) vulnerability in Request Tracker (RT) that is triggered via the Page parameter in GET requests, allowing arbitrary JavaScript execution in the victim’s browser. Affected RT versions are 5.0.4–5.0.9 and 6.0.0–6.0.2. The vulne...

6.1CVSS5.9AI score0.00235EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/21 8:16 a.m.20 views

CVE-2026-7835

A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers incorrect format string processing...

3.1CVSS0.00294EPSS
Exploits0References1
NVD
NVD
added 2026/05/21 8:16 a.m.11 views

CVE-2026-44070

An unbounded memory reallocation in the charset conversion code in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted character conversion requests...

3.1CVSS0.00318EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 8:14 a.m.8 views

CVE-2026-44074

Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...

3.7CVSS5.8AI score0.00329EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/21 8:14 a.m.8 views

EUVD-2026-31243

A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...

3.1CVSS5.9AI score0.00186EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/21 7:35 a.m.5 views

databricks-agents (>=0.1.0 <=1.0.0rc1), datamint (>=2.5.0 <=2.5.2) +3 more potentially affected by CVE-2026-2734 via mlflow (>=3.0.0rc2 <=3.0.1)

mlflow PYPI version =3.0.0rc2, =0.1.0, =2.5.0, =0.2.0.dev0, =0.6.7, =0.8.1 Source cves: CVE-2026-2734 Source advisory: SNYK:PYTHON-MLFLOW-16787326...

6.5CVSS6.5AI score0.00441EPSS
Exploits1
Cvelist
Cvelist
added 2026/05/21 7:35 a.m.47 views

CVE-2026-7836 hextoint macro uppercase bug

An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...

3.1CVSS0.00257EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/21 7:34 a.m.8 views

EUVD-2026-31215

Incomplete sanitization of extended attribute EA path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via crafted EA names...

7.6CVSS5.8AI score0.00322EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/21 7:34 a.m.15 views

CVE-2026-44068

Incomplete sanitization of extended attribute EA path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via crafted EA names...

7.6CVSS5.8AI score0.00322EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/21 7:34 a.m.7 views

CVE-2026-44066

Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0 through 4.4.2 allow a remote authenticated attacker to obtain sensitive information or cause a minor service disruption...

7.1CVSS5.9AI score0.0029EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/21 7:34 a.m.9 views

EUVD-2026-31238

An LDAP injection vulnerability in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to manipulate LDAP queries and obtain limited information or modify LDAP entries via crafted filter input...

4.2CVSS5.8AI score0.00213EPSS
Exploits0References1
Rows per page
Query Builder