Lucene search
+L

341 matches found

CNVD
CNVD
added 2026/03/19 12:0 a.m.5 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-14390)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from a browser-initiated WebSocket connection that can bypass origin authentication under certain configurations, which can be exploited by an attacker ...

8.1CVSS5.8AI score0.00153EPSS
Exploits0References1
OSV
OSV
added 2026/02/19 11:37 a.m.2 views

SUSE-SU-2026:0579-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2026-1536: Always validate the headers value when coming from untrusted source to avoid HTTP header injection bsc1257440. - CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow...

8.6CVSS6.2AI score0.00947EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2026/02/05 12:0 a.m.5 views

Ubuntu: Security Advisory (USN-8011-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS5.4AI score0.0256EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/27 10:47 p.m.6 views

Use of Less Trusted Source

Overview Affected versions of this package are vulnerable to Use of Less Trusted Source that can circumvent the trusted dependencies list. An attacker can cause unintended dependencies to be loaded by including malicious file:, link:, git:, or github: URLs to import packages whose names also exis...

6.9CVSS5.9AI score0.00108EPSS
Exploits0References2
NVD
NVD
added 2026/01/23 4:16 a.m.12 views

CVE-2026-0770

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

9.8CVSS0.10371EPSS
Exploits8References1
OSV
OSV
added 2026/01/16 7:20 p.m.4 views

CVE-2026-23645 SiYuan Vulnerable to Stored Cross-Site Scripting (XSS) via Unrestricted SVG File Upload

SiYuan is self-hosted, open source personal knowledge management software. Prior to 3.5.4-dev2, a Stored Cross-Site Scripting XSS vulnerability exists in SiYuan Note. The application does not sanitize uploaded SVG files. If a user uploads and views a malicious SVG file e.g., imported from an...

5.3CVSS5.4AI score0.00251EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.5 views

PT-2026-3304

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.5.4-dev2 Description SiYuan Note does not properly sanitize uploaded SVG files. This allows a user to upload a malicious SVG file, such as one obtained from an untrusted source, which can then execute arbitrary...

6.1CVSS5.9AI score0.00251EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.11 views

PT-2026-26327

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.2CVSS6.2AI score0.00471EPSS
Exploits1References8
Snyk
Snyk
added 2025/11/20 9:57 p.m.3 views

Inclusion of Web Functionality from an Untrusted Source

Overview github.com/mindersec/minder/internal/datasources/rest is an implementation of a REST data source Affected versions of this package are vulnerable to Inclusion of Web Functionality from an Untrusted Source via the http.send function in Rego programs. A user can access internal network...

9.1CVSS6.7AI score0.00249EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Excessive Iteration (CVE-2023-3817)

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

5.3CVSS6.7AI score0.05533EPSS
Exploits0References9
Snyk
Snyk
added 2025/11/07 5:37 p.m.3 views

Inclusion of Web Functionality from an Untrusted Source

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Inclusion of Web Functionality from an Untrusted Source via the execute event handler used by the Direct Connections feature. An attacker can gain access to authentication tokens, take over user accounts, and...

8CVSS7.7AI score0.07874EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27352

Malware in sbrugna...

7.2CVSS6AI score0.01065EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-1169

Malware in sbrugna...

7.1CVSS6.9AI score0.00897EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-19515

Malware in sbrugna...

8.8CVSS8.4AI score0.03991EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-2730

Malware in sbrugna...

7.5CVSS7.8AI score0.00412EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2021-0034

Malware in sbrugna...

7.5CVSS7.4AI score0.01106EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2017-17794

Malware in sbrugna...

7.8CVSS7.6AI score0.03297EPSS
Exploits5References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-0882

Malicious code in bioql PyPI...

9.8CVSS7.6AI score0.04506EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-32671

Malicious code in bioql PyPI...

6.5CVSS7AI score0.00704EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52840

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01619EPSS
Exploits1References1
Rows per page
Query Builder