Lucene search
K

3520 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.15 views

CVE-2026-20175

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

6.1CVSS5.9AI score0.0018EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.11 views

Chromium: CVE-2026-11233 Insufficient validation of untrusted input in FoldableAPIs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.7CVSS5.4AI score0.00177EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.13 views

Chromium: CVE-2026-11273 Insufficient validation of untrusted input in Omnibox

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.1CVSS5.4AI score0.00159EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.10 views

Chromium: CVE-2026-11161 Insufficient data validation in DataTransfer

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.4AI score0.00152EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/05 8:59 a.m.14 views

CVE-2026-49777 WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability

Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...

10CVSS5.4AI score0.01656EPSS
Exploits3References1
OSV
OSV
added 2026/06/05 12:17 a.m.6 views

DEBIAN-CVE-2026-11283

Insufficient validation of untrusted input in Shortcuts in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a malicious file. Chromium security severity: Low...

6.5CVSS5.5AI score0.002EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/04 2:23 a.m.9 views

SUSE CVE-2026-43660

A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Policy from being...

7.1CVSS5.8AI score0.0027EPSS
Exploits0References10
Ubuntu
Ubuntu
added 2026/06/02 4:24 p.m.13 views

USN-8372-1: age vulnerability

It was discovered that age did not properly validate plugin names. An attacker could possibly use this issue to cause execution of an arbitrary program by supplying a crafted recipient or identity string...

9.8CVSS5.9AI score0.00472EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.12 views

CVE-2026-35222

Improperly validated order clauses lead to a SQL injection vulnerability in comtags...

9.8CVSS5.9AI score0.0031EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/06/02 1:0 p.m.10 views

USN-8367-1: tar-fs vulnerabilities

It was discovered that tar-fs did not properly limit paths when extracting crafted tar files. An attacker could possibly use this issue to write or overwrite files outside the intended extraction directory. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-12905 It was...

8.7CVSS6.2AI score0.02186EPSS
Exploits2
CVE
CVE
added 2026/06/01 12:0 a.m.20 views

CVE-2026-37222

FlexRIC v2.0.0 contains a vulnerability where the stack asserts exact Information Element (IE) counts in decoded E2AP messages instead of validating against protocol ranges. An unauthenticated remote attacker can send a valid E2AP PDU (for example, an E2setupRequest with extra optional fields) th...

7.5CVSS5.9AI score0.00428EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper input validation in the client backend module, which may allow access to...

5.7CVSS5.3AI score0.00198EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.21 views

RHEL 10 : go-fdo-client and go-fdo-server (RHSA-2026:22141)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22141 advisory. This package provides a server-side implementation of the FIDO Device Onboard FDO specification, written in Go. FDO is an open standard fo...

10CVSS7.3AI score0.00765EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44849

Name of the Vulnerable Software and Affected Versions AVideo versions 29.0 and earlier Description An issue exists in the 'plugin/AuthorizeNet/processPayment.json.php' endpoint that allows any logged-in user to add arbitrary funds to their own wallet when the AuthorizeNet and YPTWallet plugins ar...

7.1CVSS6AI score0.0012EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.18 views

Erlang/OTP 19.3 < 26.2.5.21 / 27.0 < 27.3.4.12 / 28.0 < 28.5.0.1 / 29.0 < 29.0.1 DNS nameConstraints Bypass (CVE-2026-42790)

The version of Erlang/OTP installed on the remote host is 19.3 prior to 26.2.5.21, 27.0 prior to 27.3.4.12, 28.0 prior to 28.5.0.1, or 29.0 prior to 29.0.1. It is, therefore, affected by a vulnerability: - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeycert and...

8.1CVSS5.8AI score0.00338EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 9:32 p.m.12 views

EUVD-2025-209941

A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to access sensitive user data...

5.5CVSS5.8AI score0.00139EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/26 9:32 p.m.14 views

CVE-2025-43289

A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to access sensitive user data...

5.8AI score0.00139EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/26 9:32 p.m.14 views

CVE-2025-46284

A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to gain root privileges...

5.8AI score0.00103EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 2:16 p.m.21 views

CVE-2026-48135

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS0.02607EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 12:57 p.m.14 views

CVE-2026-48135 HTTP service can incorrectly process malformed HTTP requests

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

5.3CVSS5.8AI score0.02607EPSS
Exploits0References1
Rows per page
Query Builder