Lucene search
K

30470 matches found

EUVD
EUVD
added 7 hours ago4 views

EUVD-2026-42165

Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...

8.4CVSS6.1AI score
Exploits0References2
Nuclei
Nuclei
added yesterday83 views

XWiki < 4.10.15 - Information Disclosure

The Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki but not some protected...

7.5CVSS7.1AI score0.7282EPSS
Exploits0
OSV
OSV
added yesterday2 views

PYSEC-2026-1477 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...

7.3CVSS7.1AI score0.00154EPSS
Exploits0References6
NVD
NVD
added yesterday5 views

CVE-2026-14474

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS0.00508EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14474

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS5.9AI score0.00508EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2 days ago7 views

How to tell if an image is AI-generated

A photo of an injured dog by the roadside. A dating profile with pictures that look almost too perfect. A donation appeal showing a family stranded on a rooftop after a flood. Scammers are already using AI-generated images to support fake stories, build trust, and persuade people to send money or...

5.8AI score
Exploits0
NVD
NVD
added 2 days ago7 views

CVE-2026-6901

Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5...

8.4CVSS0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-6901 Untrusted Search Path

Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5...

8.4CVSS0.0012EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-41870

Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-6901

Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References2
CVE
CVE
added 2 days ago12 views

CVE-2026-6901

CVE-2026-6901 affects B&R Industrial Automation GmbH APROL (pre-R 4.4-01P5). The vulnerability is described as an Untrusted Search Path issue. According to the provided metrics, the impact is high for confidentiality and integrity (CVSS v3.1: HIGH/C:H/I:H; LOCAL access, no user interaction) with ...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References1
CVE
CVE
added 2 days ago11 views

CVE-2026-46453

Technical details for CVE-2026-46453 are not publicly available in the provided documents. No affected products, versions, impact, or fixes are enumerated here. Monitor official advisories for updates.

5.3CVSS6AI score0.00288EPSS
Exploits0References2Affected Software1
NVD
NVD
added 3 days ago6 views

CVE-2026-14766

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql injection...

6.5CVSS0.00204EPSS
Exploits0References6
CVE
CVE
added 3 days ago11 views

CVE-2026-14766

CVE-2026-14766 affects CodeAstro Apartment Visitor Management System 1.0. The vulnerability targets the POST Parameter Handler, specifically the /apartment-visitor/search-result.php endpoint, where manipulation of the searchdata parameter leads to SQL injection. According to the sources, exploita...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-14766 CodeAstro Apartment Visitor Management System POST Parameter search-result.php sql injection

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql injection...

6.5CVSS0.00204EPSS
Exploits0References6
NVD
NVD
added 3 days ago5 views

CVE-2026-14751

A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...

6.5CVSS0.00204EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-41757

A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...

6.5CVSS6.4AI score0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-14751

A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...

6.5CVSS6.4AI score0.00204EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago24 views

CVE-2026-14751 mjperpinosa stumasy search_scratch_data.php search_scratch_data sql injection

A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...

6.5CVSS0.00204EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago9 views

EUVD-2026-41721

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS5.2AI score0.00108EPSS
Exploits0References7
Rows per page
Query Builder