Lucene search
K

6783 matches found

EUVD
EUVD
added 2026/02/04 7:32 p.m.7 views

EUVD-2026-5371

melange allows users to build apk packages using declarative pipelines. From version 0.10.0 to before 0.40.3, an attacker who can influence inputs to the patch pipeline could execute arbitrary shell commands on the build host. The patch pipeline in pkg/build/pipelines/patch.yaml embeds...

7.8CVSS6AI score0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/04 7:31 p.m.4 views

CVE-2026-24844

melange allows users to build apk packages using declarative pipelines. From version 0.3.0 to before 0.40.3, an attacker who can provide build input values, but not modify pipeline definitions, could execute arbitrary shell commands if the pipeline uses $vars. or $inputs. substitutions in...

7.9CVSS5.8AI score0.00176EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/02/04 8:25 a.m.19 views

CVE-2025-15260

The CVE applies to the WordPress plugin “MyRewards – Loyalty Points and Rewards for WooCommerce.” Connected sources confirm: vulnerable in all versions up to 5.6.0 (and PwC+ sources indicate up to 5.6.0) where the plugin fails to verify user authorization in the ajax function. This permits authen...

6.5CVSS6AI score0.00274EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2026/02/04 7:16 a.m.4 views

CVE-2026-24447

If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user's environment. Note that Movable Type 7 series and 8.4 series,...

6.5CVSS6.6AI score0.00216EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/04 7:4 a.m.9 views

EUVD-2026-5509

If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user's environment. Note that Movable Type 7 series and 8.4 series,...

6.5CVSS5.5AI score0.00216EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/04 7:4 a.m.3 views

CVE-2026-24447

If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user's environment. Note that Movable Type 7 series and 8.4 series,...

6.5CVSS5.5AI score0.00216EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/04 7:4 a.m.35 views

CVE-2026-24447

If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user's environment. Note that Movable Type 7 series and 8.4 series,...

6.5CVSS0.00216EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.6 views

CVE-2026-24933

The API communication component fails to validate the SSL/TLS certificate when sending HTTPS requests to the server. An improper certificates validation vulnerability allows an unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to intercept the cleartext communication,...

8.9CVSS5.5AI score0.00204EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/02/04 12:30 a.m.6 views

SUSE CVE-2025-65834

Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...

9.8CVSS5.7AI score0.0034EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.5 views

PT-2026-6419

Summary An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. Impact A local process on the same machine could execute arbitrary...

8.4CVSS6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.8 views

PT-2026-6361

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

8.8CVSS5.4AI score0.0011EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

Movable Type 安全漏洞

Movable Type is a content management system developed by Movable Type Inc. There is a security vulnerability in Movable Type, which stems from CSV files generated when is entered; these files may contain malicious code, potentially allowing arbitrary code to execute on the user’s system...

6.5CVSS7AI score0.00216EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/03 11:48 p.m.9 views

melange pipeline working-directory could allow command injection

An attacker who can provide build input values, but not modify pipeline definitions, could execute arbitrary shell commands if the pipeline uses $vars. or $inputs. substitutions in working-directory. The field is embedded into shell scripts without proper quote escaping. Fix: Fixed with e51ca30c,...

8.8CVSS5.8AI score0.00176EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/03 4:7 p.m.5 views

CVE-2026-1287

A flaw was found in Django. This vulnerability allows a remote attacker to perform SQL injection by using specially crafted control characters within column aliases. When these crafted aliases are passed through dictionary expansion to QuerySet methods like annotate or values, it can lead to the...

8.3CVSS5.8AI score0.00754EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:36 p.m.5 views

CVE-2026-1287

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. FilteredRelation is subject to SQL injection in column aliases via control characters, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed to QuerySet methods annotate, aggregat...

5.6AI score0.00754EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/02/03 7:16 a.m.6 views

CVE-2026-1058

The Form Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via hidden field values in all versions up to, and including, 1.15.35. This is due to insufficient output escaping when displaying hidden field values in the admin submissions list. The plugin uses htmlentitydecode o...

7.1CVSS0.0032EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 6:38 a.m.4 views

CVE-2026-1058

The Form Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via hidden field values in all versions up to, and including, 1.15.35. This is due to insufficient output escaping when displaying hidden field values in the admin submissions list. The plugin uses htmlentitydecode o...

7.1CVSS5.6AI score0.0032EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/02/02 10:10 a.m.4 views

kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping

A flaw was found in the Linux kernel’s ASoC Intel bytcrrt5640 driver. When an invalid value is passed via the driver’s “quirk” input option, the driver merely logs an error and retains the invalid value, rather than correcting it. This can result in out-of-bounds OOB memory access...

5.8AI score0.00175EPSS
Exploits0References5
Veracode
Veracode
added 2026/01/30 7:56 a.m.6 views

Sandbox Escape

vm2 is vulnerable to Sandbox Escape. The vulnerability is due to incomplete sanitization of Promise callbacks, where globalPromise.prototype.then and catch are not sanitized while localPromise is, this allowing attackers to bypass sandbox restrictions via async function return values and execute...

10CVSS6.2AI score0.01222EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/01/29 10:15 p.m.7 views

CVE-2026-25126

PolarLearn is a free and open-source learning program. Prior to version 0-PRERELEASE-15, the vote API route POST /api/v1/forum/vote trusts the JSON body’s direction value without runtime validation. TypeScript types are not enforced at runtime, so an attacker can send arbitrary strings e.g., "x" ...

7.1CVSS0.00339EPSS
Exploits2References2
Rows per page
Query Builder