Lucene search
K

6408 matches found

RedhatCVE
RedhatCVE
added 2026/04/14 7:22 p.m.6 views

CVE-2026-6198

A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclos...

9CVSS7.9AI score0.00447EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/14 5:20 p.m.1 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS5.7AI score0.00343EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/14 5:18 p.m.3 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS5.7AI score0.00343EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/14 2:45 p.m.4 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS5.7AI score0.00343EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/14 2:45 p.m.10 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.27.3 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

8.8CVSS5.9AI score0.01125EPSS
Exploits2References49
OSV
OSV
added 2026/04/14 1:10 p.m.4 views

JLSEC-2026-98 Deno's static imports inside dynamically imported modules do not adhere to permission checks

Impact Modules that are dynamically imported through import or new Worker might have been able to bypass network and file system permission checks when statically importing other modules. In Deno 1.5.x and 1.6.x only programs dynamically importing especially transitively untrusted code are...

9.8CVSS7.3AI score0.01113EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/14 12:31 p.m.6 views

EUVD-2026-22245

Kiuwan SAST improperly authorizes SSO logins for locally disabled mapped user accounts, allowing disabled users to continue accessing the application. Kiuwan Cloud was affected, and Kiuwan SAST on-premise KOP was affected before 2.8.2509.4...

5.4CVSS5.8AI score0.00189EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/13 9:30 p.m.7 views

EUVD-2026-22058

A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclos...

9CVSS6.2AI score0.00447EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/13 6:30 p.m.7 views

EUVD-2026-21984

A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit...

9CVSS7.6AI score0.00612EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/13 6:15 p.m.19 views

CVE-2026-6198 Tenda F456 NatStaticSetting fromNatStaticSetting stack-based overflow

A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclos...

9CVSS0.00447EPSS
Exploits0References5
NVD
NVD
added 2026/04/13 4:16 p.m.7 views

CVE-2026-6186

A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit...

9CVSS0.00612EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/13 1:22 p.m.4 views

CVE-2026-6106

A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/staticheadersmiddleware.py of the component Public Chat Interface. The manipulation of the argument Name results in cross site scripting...

5.1CVSS4.3AI score0.00266EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/12 2:23 p.m.164 views

BayreuthWing

A transformer-based deep learning system for detecting securit...

10CVSS7.2AI score0.99999EPSS
Exploits349
NVD
NVD
added 2026/04/11 11:16 p.m.3 views

CVE-2026-6106

A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/staticheadersmiddleware.py of the component Public Chat Interface. The manipulation of the argument Name results in cross site scripting...

5.1CVSS0.00266EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/11 10:15 p.m.2 views

CVE-2026-6106

A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/staticheadersmiddleware.py of the component Public Chat Interface. The manipulation of the argument Name results in cross site scripting...

5.1CVSS4.3AI score0.00266EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/04/11 10:15 p.m.28 views

CVE-2026-6106 1Panel-dev MaxKB Public Chat static_headers_middleware.py StaticHeadersMiddleware cross site scripting

A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/staticheadersmiddleware.py of the component Public Chat Interface. The manipulation of the argument Name results in cross site scripting...

5.1CVSS0.00266EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/11 10:15 p.m.4 views

CVE-2026-6106 1Panel-dev MaxKB Public Chat static_headers_middleware.py StaticHeadersMiddleware cross site scripting

A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/staticheadersmiddleware.py of the component Public Chat Interface. The manipulation of the argument Name results in cross site scripting...

5.1CVSS4.3AI score0.00266EPSS
Exploits0References8
CVE
CVE
added 2026/04/11 10:15 p.m.15 views

CVE-2026-6106

CVE-2026-6106 affects 1Panel-dev MaxKB

5.1CVSS4.3AI score0.00266EPSS
Exploits0References8
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.11 views

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: nri-consul, task, aactl, flannel, frp, oras, pulumi, http-echo, local-path-provisioner, kubernetes-csi-node-driver-registrar, dive, terraform-docs, hugo, infinispan-operator, istio, polaris, dynamic-localpv-provisioner, terraform-provider-tls, atlantis, bento,...

7.5CVSS7.1AI score0.00349EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/11 1:21 a.m.3 views

CVE-2026-39408

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a path traversal issue in toSSG allows files to be written outside the configured output directory during static site generation. When using dynamic route parameters via ssgParams, specially...

7.5CVSS5.6AI score0.00532EPSS
Exploits1References1
Rows per page
Query Builder