Lucene search
+L

16916 matches found

CNNVD
CNNVD
added 2026/02/18 12:0 a.m.9 views

QEMU 安全漏洞

QEMU Quick Emulator is a simulation software for processors developed by Fabrice Bellard from France. This software features high speed and cross-platform capabilities. QEMU has a security vulnerability, which stems from the lack of length restrictions on the virtio-crypto device. This...

5.5CVSS6.7AI score0.00137EPSS
Exploits0References3
OSV
OSV
added 2026/02/17 6:9 p.m.9 views

GO-2026-4487 Mattermost Server allows an attacker to specify a full pathname of a log file in github.com/mattermost/mattermost-server

Mattermost Server allows an attacker to specify a full pathname of a log file in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...

9.8CVSS5.6AI score0.01387EPSS
Exploits0References4
OSV
OSV
added 2026/02/17 12:45 p.m.4 views

USN-8046-1 frr vulnerabilities

It was discovered that FRR incorrectly handled certain malformed OSPF and update packets. A remote attacker could possibly use these issues to cause FRR to crash, resulting in a denial of service...

7.5CVSS5.8AI score0.00582EPSS
Exploits9References10
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.11 views

PT-2026-20301

Name of the Vulnerable Software and Affected Versions Dell SmartFabric OS10 Software versions prior to 10.5.6.12 Description Dell SmartFabric OS10 Software is affected by an issue related to improper neutralization of special elements used in a command, potentially leading to command execution. A...

6.6CVSS5.6AI score0.00944EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/14 7:22 p.m.11 views

CVE-2026-1619

Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36...

8.3CVSS5.4AI score0.00297EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 9:16 p.m.8 views

CVE-2020-37193

ZIP Password Recovery 2.30 contains a denial of service vulnerability that allows attackers to crash the application by providing maliciously crafted input. Attackers can create a specially prepared text file with specific characters to trigger an application crash when selecting a ZIP file...

7.5CVSS0.00383EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/11 8:49 p.m.2 views

CVE-2020-37104

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...

8.7CVSS5.5AI score0.00565EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.5 views

CVE-2026-21330

After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

7.8CVSS6.3AI score0.00211EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

Nsasoft Dnss Domain Name Search Software 安全漏洞

Nsasoft Dnss Domain Name Search Software is a domain name search and analysis tool developed by the American companyNsasoft. The software has a security vulnerability, which stems from a buffer overflow in the registration key field, potentially causing the application to crash...

7.5CVSS6AI score0.00441EPSS
Exploits1References3
NVD
NVD
added 2026/02/10 6:16 p.m.10 views

CVE-2026-21358

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue...

5.5CVSS0.00154EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 6:16 p.m.2 views

CVE-2026-20841

Improper neutralization of special elements used in a command 'command injection' in Windows Notepad App allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.1165EPSS
Exploits9References2
Cvelist
Cvelist
added 2026/02/10 5:51 p.m.22 views

CVE-2026-21261 Microsoft Excel Information Disclosure Vulnerability

...

5.5CVSS0.00596EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/08 4:32 a.m.8 views

CVE-2026-2135

A vulnerability was detected in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub43F020 of the file /goform/formPdbUpConfig. Performing a manipulation of the argument policyNames results in command injection. It is possible to initiate the attack remotely. The exploit is now...

6.5CVSS6.5AI score0.04232EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/08 12:2 a.m.5 views

CVE-2026-2118

A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub4407D4 of the file /goform/formReleaseConnect of the component rehttpd. Executing a manipulation of the argument IspName can lead to command injection. The attack can be launched remotely. The...

8.6CVSS6.8AI score0.04239EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/06 7:18 p.m.4 views

CVE-2025-15320 Tanium addressed a denial of service vulnerability in Tanium Client.

Tanium addressed a denial of service vulnerability in Tanium Client...

3.3CVSS5.3AI score0.00096EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/06 1:26 a.m.9 views

CVE-2025-70073

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function...

7.2CVSS6AI score0.00657EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/05 6:24 p.m.2 views

CVE-2025-15330

Tanium addressed an improper input validation vulnerability in Deploy...

8.8CVSS5.3AI score0.00339EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.41 views

CVE-2025-61649

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from 7cedd58781d261f110651b6af4f41d2d11ae7309...

4.8CVSS5.3AI score0.00313EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 7:19 a.m.34 views

CVE-2025-8590 Information Disclosure in AKCE Software's SKSPro

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Directory Indexing. This issue affects SKSPro: through 07012026...

7.5CVSS0.00335EPSS
Exploits0References2
OSV
OSV
added 2026/02/02 11:16 p.m.1 views

DEBIAN-CVE-2025-6590

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php. This issue affects MediaWiki: from through 1.39.12, 1.42.76 1.43.1, 1.44.0...

4.6CVSS5.2AI score0.00325EPSS
Exploits0References1
Rows per page
Query Builder