Lucene search
K

186 matches found

EUVD
EUVD
added 2026/01/22 4:51 p.m.3 views

EUVD-2026-4045

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TangibleWP MyHome Core myhome-core allows PHP Local File Inclusion.This issue affects MyHome Core: from n/a through = 4.1.0...

5.5AI score0.00463EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:51 p.m.7 views

EUVD-2026-4111

Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through = 1.8.2...

5.4AI score0.00311EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 1:56 p.m.4 views

EUVD-2026-3429

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds...

8.7CVSS5.5AI score0.00525EPSS
Exploits0References2
Circl
Circl
added 2026/01/20 1:57 a.m.6 views

CVE-2026-1195

creationtimestamp| type| source ---|---|--- 2026-01-20 01:57:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mct2lbe6d52i...

7.5CVSS5AI score0.00216EPSS
Exploits1References1
EUVD
EUVD
added 2026/01/16 7:9 p.m.7 views

EUVD-2026-2907

Ubee EVW327 contains a cross-site request forgery vulnerability that allows attackers to enable remote access without user interaction. Attackers can craft a malicious webpage that automatically submits a form to change router remote access settings to port 8080 without the user's consent...

5.3CVSS6.4AI score0.00186EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/15 1:10 p.m.6 views

EUVD-2026-2826

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01,...

7.6CVSS5.9AI score0.00046EPSS
Exploits0References7
EUVD
EUVD
added 2026/01/13 5:56 p.m.5 views

EUVD-2026-2157

Out-of-bounds read in Capability Access Management Service camsvc allows an authorized attacker to disclose information locally...

5.5CVSS6AI score0.00535EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/13 5:56 p.m.6 views

EUVD-2026-2153

Use of a broken or risky cryptographic algorithm in Windows Kerberos allows an authorized attacker to disclose information locally...

5.5CVSS6AI score0.00363EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/13 3:31 p.m.1 views

EUVD-2026-2267

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use-after-free in case...

6AI score0.00125EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/13 3:29 p.m.2 views

EUVD-2026-2296

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

6.1AI score0.00173EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/13 3:29 p.m.1 views

EUVD-2026-2320

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...

5.8AI score0.00173EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/09 7:53 a.m.4 views

EUVD-2026-1781

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...

8.8CVSS6.3AI score0.00707EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/07 5:46 p.m.4 views

EUVD-2026-1175

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39...

7.5CVSS6.4AI score0.00379EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/07 4:47 p.m.11 views

EUVD-2026-1203

The absence of permissions control for the user XXX allows the current configuration in the sudoers file to escalate privileges without any restrictions...

8.6CVSS6.5AI score0.00121EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 1:0 p.m.4 views

EUVD-2026-1225

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...

6.9CVSS7.4AI score0.00946EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/07 12:35 p.m.3 views

EUVD-2026-1223

Missing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Pro: from n/a before 6.3.7...

6.5CVSS6.4AI score0.00174EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 11:51 a.m.5 views

EUVD-2026-1261

Missing Authorization vulnerability in ThemeHunk Oneline Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Oneline Lite: from n/a through 6.6...

4.3CVSS6.5AI score0.00152EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 7:17 a.m.4 views

EUVD-2026-1336

The Premmerce WooCommerce Customers Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'moneyspentfrom', 'moneyspentto', 'registeredfrom', and 'registeredto' parameters in all versions up to, and including, 1.1.14 due to insufficient input sanitization and output...

6.1CVSS5.2AI score0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/06 4:36 p.m.3 views

EUVD-2026-0992

Missing Authorization vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Store Kit Elementor Addons: from n/a through = 2.9.4...

4.3CVSS6.5AI score0.00162EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/06 7:22 a.m.3 views

EUVD-2026-1069

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the taxopressaiaddpostterm function in all versions up to, and including, 3.41.0. This makes it possible for authenticat...

4.3CVSS4.6AI score0.00193EPSS
Exploits0References3
Rows per page
Query Builder