Lucene search
K

2186 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-48050

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References2
Circl
Circl
added 2026/06/08 4:45 a.m.11 views

CVE-2022-50953

creationtimestamp| type| source ---|---|--- 2026-06-08 04:45:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnquqk7yuu2k...

6.9CVSS5.3AI score0.00342EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

AlmaLinux 10 : kernel (ALSA-2026:19569)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:19569 advisory. kernel: net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 kernel: net/sched: Make cakeenqueue return NETXMITCN when past...

9.8CVSS7.2AI score0.93235EPSS
Exploits45References15
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.8 views

CVE-2026-11029

Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00233EPSS
Exploits0
Circl
Circl
added 2026/06/04 2:57 p.m.11 views

CVE-2026-10854

creationtimestamp| type| source ---|---|--- 2026-06-04 14:57:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnhv3u7pcq2x...

5.3CVSS5.8AI score0.00176EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/03 3:56 a.m.8 views

CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

2.3CVSS5.8AI score0.00349EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.15 views

RockyLinux 9 : nginx:1.24 (RLSA-2026:19371)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19371 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References3
Rosalinux
Rosalinux
added 2026/06/01 11:45 a.m.15 views

Advisory ROSA-SA-2026-3306

Component: PHP 7.4.33 OS: ROSA-CHROME Affected versions: = php-7.4.33-13 Affected versions: php-7.4.33-13 CVE-ID: CVE-2024-5458 BDU-ID: 2024-04846 CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability in the filtervar function of the PHP interpreter involves insufficient validation of data...

5.3CVSS5.8AI score0.12117EPSS
Exploits1
EUVD
EUVD
added 2026/06/01 3:32 a.m.14 views

EUVD-2026-33550

An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X...

3.5CVSS5.8AI score0.00143EPSS
Exploits0References1
Circl
Circl
added 2026/05/26 7:0 p.m.14 views

CVE-2026-8856

creationtimestamp| type| source ---|---|--- 2026-05-26 19:00:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmroikayjn2t...

9.1CVSS5.8AI score0.00197EPSS
Exploits0References1
Circl
Circl
added 2026/05/22 5:4 p.m.9 views

CVE-2022-31231

creationtimestamp| type| source ---|---|--- 2026-05-22 17:04:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhg4jwbkx2t...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/21 9:52 p.m.8 views

@airalogy/airalogy-engine (>=0.0.1 <=0.0.2) potentially affected by CVE-2026-46695 via @boxlite-ai/boxlite (=0.8.2)

@boxlite-ai/boxlite NPM version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on @boxlite-ai/boxlite and may be impacted: - @airalogy/airalogy-engine =0.0.1, =0.0.2 Source cves: CVE-2026-46695 Source advisory: OSV:GHSA-G6WW-W5J2-R7X3...

10CVSS5.4AI score0.00289EPSS
Exploits0
Wolfi
Wolfi
added 2026/05/20 7:48 p.m.25 views

CVE-2026-46378 vulnerabilities

Vulnerabilities for packages: vale...

5.8AI score0.0005EPSS
Exploits0
Snyk
Snyk
added 2026/05/18 8:37 p.m.11 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.2CVSS5.9AI score0.00116EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2026/05/18 8:36 p.m.23 views

CVE-2026-6638 affecting package postgresql for versions less than 16.14-1

CVE-2026-6638 affecting package postgresql for versions less than 16.14-1. An upgraded version of the package is available that resolves this issue...

8.8CVSS5.8AI score0.0018EPSS
Exploits0
Circl
Circl
added 2026/05/14 6:32 a.m.15 views

CVE-2026-6271

creationtimestamp| type| source ---|---|--- 2026-05-14 06:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mls72nq6sn2q 2026-05-14 09:06:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlshon6mjj2k 2026-05-14 13:30:30+00:00| seen|...

9.8CVSS5.7AI score0.00665EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/05/12 11:49 p.m.11 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS7.7AI score0.00744EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/12 3:31 p.m.11 views

EUVD-2026-29491

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

8.8CVSS6.2AI score0.00883EPSS
Exploits0References2
Circl
Circl
added 2026/05/11 6:0 a.m.10 views

CVE-2026-8274

creationtimestamp| type| source ---|---|--- 2026-05-11 06:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116554414807477280 2026-05-11 06:00:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mlklvhdkzv23 2026-05-11 07:01:13+00:00| seen|...

5.3CVSS6AI score0.00173EPSS
Exploits0References3
Circl
Circl
added 2026/05/10 3:11 p.m.34 views

CVE-2022-50955

creationtimestamp| type| source ---|---|--- 2026-05-10 15:11:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlj2ackmlb2r...

5.3CVSS5.8AI score0.0013EPSS
Exploits0References1
Rows per page
Query Builder