Lucene search
+L

131 matches found

OSV
OSV
added 2026/06/29 5:18 p.m.3 views

CVE-2026-57947 Pinpoint - Server-Side Request Forgery via Alarm Webhook Registration

Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook registration endpoint that allows authenticated users to register internal URLs due to missing SSRF protection. Attackers can trigger alarm threshold breaches to force the server to issue POST requests to...

6.3CVSS6AI score0.00239EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/10 5:16 p.m.11 views

EUVD-2026-36086

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send server-side requests to...

7.6CVSS5.6AI score0.00255EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.9 views

Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0602)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0602 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3,...

7.6CVSS5.6AI score0.00255EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/29 12:32 p.m.10 views

CVE-2026-49324

Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...

4.6CVSS5.8AI score0.00174EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...

5.4CVSS6.7AI score0.00291EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver, along with the ad7091r-base driver. These drivers declare iio events to notify user space when ADC readings fall...

5.5CVSS6AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The use of the new logical assignment operators in a JavaScript switch statement could lead to a type confusion, resulting in memory corruption and potentially exploitable crashes. This vulnerability affects Firefox 85, Thunderbird 78.7, and Firefox ESR 78.7...

8.8CVSS7.3AI score0.011EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/23 3:31 a.m.109 views

Exploit for Path Traversal in Jenkins

jenkinsscan Find jenkins environment and checks for CVE-2024-...

9.8CVSS7.4AI score0.99999EPSS
Exploits46
Anthropic
Anthropic
added 2026/03/29 8:43 p.m.18 views

ANT-2026-9SZMPW41 · MapServer · Heap Buffer Overflow

heap-buffer-overflow medium CVE-2026-33721 Severity Claude medium · Security research firm medium · Maintainer unknown Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Trail of Bits. ANT-2026-9SZMPW41: Heap buffer...

7.5CVSS6AI score0.00865EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.5 views

SUSE CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer's SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.9AI score0.00865EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 1:16 a.m.4 views

DEBIAN-CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.3AI score0.00865EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/03/27 1:16 a.m.5 views

CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.9AI score0.00865EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 1:16 a.m.4 views

UBUNTU-CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.8AI score0.00865EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/27 12:15 a.m.34 views

CVE-2026-33721 MapServer has heap buffer overflow in SLD `Categorize` Threshold parsing

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

5.3CVSS0.00865EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/27 12:15 a.m.3 views

CVE-2026-33721 MapServer has heap buffer overflow in SLD `Categorize` Threshold parsing

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

5.3CVSS5.9AI score0.00865EPSS
Exploits1References2
CVE
CVE
added 2026/03/27 12:15 a.m.65 views

CVE-2026-33721

MapServer (CVE-2026-33721) has a heap-buffer-overflow in the SLD parser triggered by a crafted SLD containing more than 100 Threshold elements in a ColorMap/Categorize structure, exploitable by an unauthenticated remote attacker via WMS GetMap with SLD_BODY. Affects versions up to 4.2 prior to 8....

7.5CVSS5.8AI score0.00865EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/03/27 12:15 a.m.4 views

EUVD-2026-16501

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

5.3CVSS5.8AI score0.00865EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/03/27 12:15 a.m.7 views

CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.3AI score0.00865EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.9 views

PT-2026-28511

Name of the Vulnerable Software and Affected Versions MapServer versions 4.2 through 8.6.0 Description MapServer is a system for developing web-based GIS applications. A heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser allows a remote, unauthenticated attacker to crash...

5.3CVSS5.9AI score0.00865EPSS
Exploits1References6
NVD
NVD
added 2026/03/18 7:16 a.m.9 views

CVE-2026-32608

Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables e.g., name, key that are populated with runtime...

7CVSS0.00243EPSS
Exploits1References3
Rows per page
Query Builder