Lucene search
K

1894 matches found

Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-58208

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a WebSocket listener could route requests for the MQTT-over-WebSocket path into MQTT handling even when MQTT was not configured, allowing an unauthenticated client with...

7.5CVSS6AI score0.00593EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/07 7:8 a.m.35 views

CVE-2026-8309 Reflected XSS in Armiya Technologies' Access Control System

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Reflected XSS. This issue affects Access Control System GKS: before Version 2...

5.4CVSS0.00133EPSS
Exploits0References1
CVE
CVE
added 2026/07/05 1:0 a.m.17 views

CVE-2026-14688

CVE-2026-14688 affects itsourcecode Online Hotel Management System 1.0. The vulnerability is SQL injection in an unknown function of /admin/login.php triggered by manipulating the email parameter. Exploitation can be remote and publicly available proofs-of-concept exist. Impact metrics indicate l...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.9 views

EulerOS 2.0 SP15 : cups (EulerOS-SA-2026-2437)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local...

7.8CVSS6.7AI score0.00502EPSS
Exploits7References8
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52956

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field of this struct is accessed. This happens without any guarantee that t...

7.5CVSS5.8AI score0.00359EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and earlier, there was a heap-based buffer overflow in the CUPS scheduler when constructing filter option strings from job attributes. As of publication, there are no publicly...

5.3CVSS6AI score0.00379EPSS
Exploits1References3
NVD
NVD
added 2026/06/16 8:16 p.m.13 views

CVE-2026-0152

In OSMMapPMRGeneric of pmros.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8CVSS0.00071EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 7:27 p.m.18 views

CVE-2026-46816

...

3.2CVSS0.00162EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.18 views

CVE-2026-50874

Summary: CVE-2026-50874 describes an OS command injection in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0. The vulnerability allows an attacker to execute arbitrary commands by supplying crafted input. This flaw is documented across multiple feeds (NVD/NVD-derived en...

8.1CVSS5.9AI score0.01119EPSS
Exploits0References1
Chainguard
Chainguard
added 2026/06/13 7:18 p.m.14 views

CVE-2026-49854 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, litellm, mitmproxy, airflow, tensorflow-gpu-jupyter...

6.1AI score0.00027EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.14 views

CVE-2026-11558

A security vulnerability has been detected in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /homesalary.php. The manipulation of the argument rate/salaryrate leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

6.5CVSS6.4AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 10:16 a.m.21 views

CVE-2026-46748

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...

8.8CVSS0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft HTTP.sys 缓冲区错误漏洞

Microsoft HTTP.SYS is an HTTP application protocol developed by Microsoft Corporation. There are security vulnerabilities in Microsoft HTTP.SYS. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Windows 10 Version 1809 for 32-bit system...

9.8CVSS6.1AI score0.21506EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper handling of file backend mounting by the erofs file system. This issue may allow I/O...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/09 12:0 a.m.11 views

Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability

Arista Extensible Operating System EOS contains an incomplete comparison with missing factors vulnerability when the switch incorrectly decapsulate and forwards other unexpected tunneled packet with a destination IP matching its configured decapsulation IP...

6.9CVSS5.4AI score0.00836EPSS
In wildExploits1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:30 a.m.9 views

CVE-2026-11484

A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /archive3.php. This manipulation of the argument sy causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public an...

7.5CVSS7AI score0.00275EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-37598

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution RCE via /scheduler/classes/SystemSettings.php?f=updatesettings...

2.7CVSS6.2AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

HAX 操作系统命令注入漏洞

HAX is an open-source microsite developed by HAX The Web, managed using PHP as the backend. Versions of HAX prior to 26.0.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from an authenticated file overwrite vulnerability, which could allow...

9.4CVSS5.7AI score0.00291EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:45 p.m.8 views

CVE-2026-10877

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack can be executed...

7.5CVSS6.9AI score0.00328EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:30 p.m.7 views

CVE-2026-10876

A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown function of the file /admin/. This manipulation of the argument page causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made available...

6.5CVSS6.3AI score0.0027EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder