Lucene search
K

3650 matches found

NVD
NVD
added 2026/06/17 8:16 p.m.7 views

CVE-2026-11407

Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed and checkPropertyAllowed implementations in the custom Twig SecurityPolicy. Attackers can...

8.6CVSS0.00623EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 8:7 p.m.9 views

EUVD-2026-37795

Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed and checkPropertyAllowed implementations in the custom Twig SecurityPolicy. Attackers can...

8.6CVSS6.7AI score0.00623EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/17 8:7 p.m.18 views

CVE-2026-11407 Pimcore CMS 12.3.8 Twig Sandbox Bypass via SecurityPolicy checkMethodAllowed

Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed and checkPropertyAllowed implementations in the custom Twig SecurityPolicy. Attackers can...

8.6CVSS0.00623EPSS
Exploits0References3
CVE
CVE
added 2026/06/17 8:7 p.m.23 views

CVE-2026-11407

PIMCORE CMS/DXP 12.3.8 contains a sandbox bypass in the Twig SecurityPolicy (checkMethodAllowed and checkPropertyAllowed). Authenticated administrative attackers can craft malicious Twig templates via DataObject ClassDefinition Layout\Text to execute arbitrary PHP object methods, perform file rea...

8.6CVSS6.8AI score0.00623EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46872

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Install. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise Oracle...

9CVSS0.00277EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:53 a.m.8 views

CVE-2026-46770

Vulnerability in the Oracle Application Development Framework ADF product of Oracle Fusion Middleware component: Security Framework. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS0.00245EPSS
Exploits0References1
NCSC
NCSC
added 2026/06/17 9:5 a.m.8 views

Vulnerabilities in Oracle VM VirtualBox

Oracle has identified several vulnerabilities in Oracle VM VirtualBox version 7.2.8. These vulnerabilities are located in various components of Oracle VM VirtualBox 7.2.8, including the Shared Folders and the VMSVGA device. An attacker with low to high privileges and access to the underlying...

7.5CVSS5.5AI score0.00167EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.6 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.5AI score0.00463EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-50158

Name of the Vulnerable Software and Affected Versions Hugo versions 0.123.0 through 0.161.1 Description A regression in the virtual filesystem allows a symlink confinement bypass. The RootMappingFs.statRoot function calls Stat, which follows symlinks, instead of Lstat. This allows a direct lookup...

6.9CVSS6AI score0.00024EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/15 7:15 p.m.30 views

CVE-2026-52722 Gstreamer1-plugins-bad-free: gstreamer: signed integer overflow in vmnc decoder cursor payload handling

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS0.00288EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/15 7:15 p.m.7 views

CVE-2026-52722

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS5.4AI score0.00288EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/15 7:15 p.m.7 views

CVE-2026-53435

A flaw was found in Jenkins. Attackers can exploit a deserialization vulnerability by submitting a specially crafted config.xml file. This allows them to deserialize arbitrary types, leading to the ability to impersonate users and send HTTP requests on their behalf. The most critical impact is th...

8.8CVSS6.2AI score0.14907EPSS
Exploits2References4
OSV
OSV
added 2026/06/15 5:35 p.m.11 views

GHSA-WQVQ-JVPQ-H66F Nodemailer jsonTransport bypasses disableFileAccess and disableUrlAccess during message normalization

Summary Nodemailer's disableFileAccess and disableUrlAccess options are intended to prevent message content and attachments from reading local files or fetching URLs. The normal MIME streaming path enforces those options in MimeNode.getStream. However, jsonTransport serializes messages by calling...

5.4CVSS5.5AI score
Exploits0References2
EUVD
EUVD
added 2026/06/15 8:36 a.m.11 views

EUVD-2026-36702

A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth Open Authorization access token before a user logs out, they...

5.3CVSS5.3AI score0.00284EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49338

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS5.4AI score0.00288EPSS
Exploits0References4
OSV
OSV
added 2026/06/13 3:8 a.m.16 views

MAL-2026-5726 Malicious code in ecto_module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e66c690abd94ee498cd359eb076451c0f6ea3956d8221616bbf8990d35a38c5 On npm install, the package's preinstall hook node index.js reads /flag.txt falling back to execSync'cat /flag' and transmits the captured contents i...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/12 11:28 p.m.10 views

MGASA-2026-0202 Updated libssh packages fix security vulnerabilities

CVE-2026-0964 Improper sanitation of paths received from SCP servers CVE-2026-0965 The libssh can attempt to read non-regular files when misconfigured, which could cause resource exhaustion or blocking. CVE-2026-0966 Providing 0-length input for the sshgethexa causes 1-byte buffer underflow on...

8.2CVSS5.6AI score0.00582EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/12 8:57 p.m.10 views

Malicious code in claudechor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a9cbb36cf7ed82685830b5d3a2b341bff9ef86e2688842d1f54259b2b6fb533 The package's bin entry reads installer-owned Claude credential files /.claude/.credentials.json and /.claude.json — written by Anthropic's official...

5.3AI score
Exploits0References5
OSV
OSV
added 2026/06/12 8:57 p.m.10 views

MAL-2026-5717 Malicious code in claudechor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a9cbb36cf7ed82685830b5d3a2b341bff9ef86e2688842d1f54259b2b6fb533 The package's bin entry reads installer-owned Claude credential files /.claude/.credentials.json and /.claude.json — written by Anthropic's official...

5.4AI score
Exploits0References5
NVD
NVD
added 2026/06/12 7:16 p.m.14 views

CVE-2026-50099

During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits...

5.1CVSS0.00171EPSS
Exploits0References2
Rows per page
Query Builder