Lucene search
K

67 matches found

RedHat Linux
RedHat Linux
•added 2026/06/24 6:54 p.m.•4 views

perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob

A flaw was found in perl-IO-Compress, a component used for data compression and decompression. A remote attacker could exploit this vulnerability by crafting a malicious input, specifically an output glob, that bypasses the intended security measures. This could lead to the execution of...

7.3CVSS6.1AI score0.00292EPSS
Exploits2References6
Cvelist
Cvelist
•added 2026/06/24 6:43 p.m.•31 views

CVE-2026-13032

Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00217EPSS
Exploits0References2
CVE
CVE
•added 2026/06/02 7:8 p.m.•26 views

CVE-2026-10584

Graph Explorer before 3.0.1 uses an HTTP fallback when certificate files are missing, exposing potential interception of HTTPS requests. The vulnerability affects the proxy component of Graph Explorer and can lead to disclosure of sensitive information. The recommended remediations are to upgrade...

8.2CVSS5.8AI score0.00101EPSS
Exploits0References2
CNNVD
CNNVD
•added 2026/05/27 12:0 a.m.•10 views

Google Chrome ē¼“å†²åŒŗé”™čÆÆę¼ę“ž

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a buffer overflow vulnerability. This vulnerability stemmed from out-of-bounds read operations in Headless mode, which could allow remote attackers with compromised rendering...

8.3CVSS6.1AI score0.00185EPSS
Exploits0References3
EUVD
EUVD
•added 2026/05/25 9:0 a.m.•12 views

EUVD-2026-31657

A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be launched remotely...

5.8CVSS5.7AI score0.00258EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/05/19 1:58 a.m.•12 views

CVE-2026-8745

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogstimeradd in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available an...

6.5CVSS5.5AI score0.00372EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/03 10:15 p.m.•39 views

CVE-2026-7706 Open5GS AMF gmm-handler.c gmm_handle_service_request denial of service

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmmhandleservicerequest of the file /src/amf/gmm-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public a...

5.3CVSS0.00276EPSS
Exploits0References5
Vulnrichment
Vulnrichment
•added 2026/04/30 6:35 p.m.•6 views

CVE-2026-7461 OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...

7.5CVSS5.7AI score0.00547EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/04/29 2:48 p.m.•6 views

CVE-2026-7219

A flaw has been found in Totolink N300RT 3.4.0-B20250430. This affects an unknown function of the file /boafrm/formIpQoS. Executing a manipulation of the argument entryname can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

8.6CVSS7.5AI score0.00589EPSS
Exploits0References1
Positive Technologies
Positive Technologies
•added 2026/04/08 12:0 a.m.•6 views

PT-2026-31471

Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parse compressed.py that allows remote attackers to cause denial of service. Attackers can submit highly compressed payloads via URL parameters to the /json/visjs endpoint that expand to gigabytes, exhausting server...

8.7CVSS6AI score0.00508EPSS
Exploits1References5
RedhatCVE
RedhatCVE
•added 2026/04/02 4:56 p.m.•2 views

CVE-2026-20093

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

9.8CVSS6.2AI score0.00991EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/01/30 9:23 p.m.•5 views

CVE-2026-1597

A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument cisession leads to improper authorization. The attack may be performed from remote. The exploit has been disclos...

8.8CVSS5.4AI score0.00272EPSS
Exploits1References1
OpenVAS
OpenVAS
•added 2025/12/31 12:0 a.m.•1 views

Huawei EulerOS: Security Advisory for avahi (EulerOS-SA-2025-2605)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.7AI score0.00681EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2025/12/08 12:15 p.m.•5 views

CVE-2025-14117

A vulnerability has been found in fit2cloud Halo 2.21.10. Impacted is an unknown function. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure...

6.5CVSS6.3AI score0.00199EPSS
Exploits1References1
OpenVAS
OpenVAS
•added 2025/10/24 12:0 a.m.•3 views

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2025-2274)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS6.7AI score0.00184EPSS
Exploits0References2
EUVD
EUVD
•added 2025/10/07 12:30 a.m.•5 views

EUVD-2018-9665

Malware in sbrugna...

8.6CVSS8.5AI score0.043EPSS
Exploits0References3
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-17581

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.01129EPSS
Exploits0References2
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-50366

Malicious code in bioql PyPI...

8.7CVSS9.3AI score0.00757EPSS
Exploits0References4
NVD
NVD
•added 2025/09/26 6:15 p.m.•3 views

CVE-2025-11032

A flaw has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This issue affects some unknown processing of the file /Profilers/PriProfile/COUNT3s6.php. Executing manipulation of the argument CPU can lead to sql injection. The attack may be performed from...

9.8CVSS0.00412EPSS
Exploits1References4
Positive Technologies
Positive Technologies
•added 2025/09/08 12:0 a.m.•4 views

PT-2025-36499

Name of the Vulnerable Software and Affected Versions: code-projects Online Event Judging System version 1.0 Description: A weakness exists in code-projects Online Event Judging System 1.0. The issue impacts an unknown function of the file /home.php. Manipulation of the main event argument can le...

9.8CVSS7.4AI score0.00441EPSS
Exploits1References12
Rows per page
Query Builder