CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

276107 matches found

Vulnrichment•added 2026/05/10 12:30 a.m.•6 views

CVE-2026-8215 Industrial Application Software IAS Canias ERP RMI iasRequestFileEvent path traversal

A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface. This manipulation of the argument mstrSourceFileName causes path traversal. The attack can be initiated remotely. The...

6.9CVSS5.8AI score0.0055EPSS

Exploits0References5

Vulnrichment•added 2026/05/10 12:15 a.m.•7 views

CVE-2026-8214 Industrial Application Software IAS Canias ERP RMI doAction improper authentication

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

6.9CVSS5.7AI score0.00403EPSS

Exploits0References5

CVE•added 2026/05/10 12:15 a.m.•17 views

CVE-2026-8214

The CVE-2026-8214 entry concerns Industrial Application Software IAS Canias ERP 8.03. The vulnerability lies in the RMI Interface’s doAction function, where manipulating the sessionId argument leads to improper authentication. This can be exploited remotely, and public proof-of-concept exploit in...

6.9CVSS5.7AI score0.00403EPSS

Exploits0References5

Cvelist•added 2026/05/10 12:15 a.m.•40 views

CVE-2026-8214 Industrial Application Software IAS Canias ERP RMI doAction improper authentication

6.9CVSS0.00403EPSS

Exploits0References5

Positive Technologies•added 2026/05/10 12:0 a.m.•8 views

PT-2026-39460

A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlib worker loop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure...

5.1CVSS5.6AI score0.0019EPSS

Exploits0References4

Positive Technologies•added 2026/05/10 12:0 a.m.•6 views

PT-2026-39466

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

6.3CVSS5.2AI score0.00289EPSS

Exploits0References5

Positive Technologies•added 2026/05/10 12:0 a.m.•6 views

PT-2026-39470

Name of the Vulnerable Software and Affected Versions Industrial Application Software IAS Canias ERP version 8.03 Description An issue exists in the Login RMI Interface component where manipulation of the clientVersion argument leads to improper authentication. This allows a remote attacker to...

6.9CVSS6AI score0.00403EPSS

Exploits0References10

Positive Technologies•added 2026/05/10 12:0 a.m.•9 views

PT-2026-39427

Name of the Vulnerable Software and Affected Versions Industrial Application Software IAS Canias ERP version 8.03 Description Improper authentication exists in the RMI Interface component. A remote attacker can manipulate the sessionId argument within the doAction function to bypass authenticatio...

6.9CVSS5.7AI score0.00403EPSS

Exploits0References9

Tenable Nessus•added 2026/05/10 12:0 a.m.•4 views

Fedora 44 : dotnet10.0 (2026-32952baba5)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-32952baba5 advisory. Update to .NET SDK 10.0.107 and Runtime 10.0.7 Fixes: CVE-2026-40372 Release Notes: - SDK:...

9.1CVSS6AI score0.1035EPSS

Exploits0References2

Packet Storm News•added 2026/05/10 12:0 a.m.•4 views

Trust Me, Import This: Dependency Steering Attacks Via Malicious Agent Skills

LLM-powered coding agents increasingly make software supply chain decisions. They generate imports, recommend packages, and write installation commands. Prior work showed that these systems can hallucinate non-existent package names, which attackers may register as malicious packages. In this...

5.8AI score

Exploits0

OSV•added 2026/05/09 11:16 p.m.•3 views

DEBIAN-CVE-2026-8212

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be...

5.5CVSS5.8AI score0.00205EPSS

Exploits1References1

NVD•added 2026/05/09 8:16 p.m.•21 views

CVE-2026-42571

Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7.22.3, 7.23.0 to before 7.23.3, and 7.24.0 to before 7.24.2, there is a a privilege escalation vulnerability affecting Pelican's Web User Interface WebUI. This attack allows any user...

9CVSS0.0032EPSS

Exploits0References2

OSV•added 2026/05/09 12:33 p.m.•4 views

OESA-2026-2261 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

7.8CVSS5.5AI score0.00364EPSS

Exploits1References2

OSV•added 2026/05/09 6:10 a.m.•13 views

BELL-CVE-2026-43282 CVE-2026-43282 does not affect BellSoft software

Bulletin has no description...

5.5CVSS5.7AI score0.00112EPSS

Exploits0References1

OSV•added 2026/05/09 6:10 a.m.•13 views

BELL-CVE-2026-43247 CVE-2026-43247 does not affect BellSoft software

Bulletin has no description...

5.5CVSS5.7AI score0.00121EPSS

Exploits0References1