Lucene search
K

107 matches found

EUVD
EUVD
added 3 days ago4 views

EUVD-2025-210383

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to cause a temporary denial using a specially crafted HTTP request due to improper allocation of resource throttling...

4.3CVSS5.8AI score0.00422EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago4 views

EUVD-2025-210382

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

6.4CVSS5.5AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2025-36327 Vulnerabilities found in Watson Data Intelligence

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security...

6.5CVSS0.00375EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.6 views

EUVD-2026-36823

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 10:55 p.m.31 views

CVE-2026-49482 ClipBucket: SQL Wildcard Injection in Subtitle Edit Endpoint Allows Mass Subtitle Overwrite

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 141, ClipBucket v5 contains an improper neutralization of SQL wildcard characters in the subtitle editing endpoint. An authenticated user can send a % character as the number parameter to overwrite all subtitle title...

4.3CVSS0.00169EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:16 a.m.20 views

CVE-2026-41840

Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 through 7.0.7, 6.2.0 through 6.2.18, 6.1.0 through 6.1.27, 5.3.0 through 5.3.48...

5.9CVSS0.00247EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 5:16 a.m.6 views

UBUNTU-CVE-2026-41853

Spring MVC and WebFlux applications are vulnerable to Multipart request smuggling attacks. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...

5.3CVSS5.5AI score0.00186EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 3:50 a.m.12 views

EUVD-2026-35330

Spring MVC and WebFlux applications are vulnerable to Denial of Service DoS attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...

7.5CVSS5.5AI score0.00399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.10 views

CVE-2026-7563

The Classified Listing – AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 5.3.10. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it...

4.3CVSS5.6AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 3:13 p.m.30 views

CVE-2026-42679 WordPress Classified Listing plugin <= 5.3.8 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8...

6.5CVSS0.00295EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.19 views

PT-2026-45483

Impact When relying solely on a git commit ID SHA-1 or SHA-256 to qualify if a checkout of a repository is equivalent to the state validated while adding its commit ID to a kas configuration, users may be tricked to check out a branch of the same name from this repository. This implies that the...

2.1CVSS5.7AI score0.00018EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:32 p.m.18 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse [CVE-2026-25679]

Summary IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse, which may cause acceptance of some invalid URLs CVE-2026-25679. url.Parse is used in our speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediation below...

7.5CVSS7.1AI score0.00728EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/04 11:53 a.m.4 views

CVE-2026-3120 RCE in Profelis Informatics' SambaBox

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection. This issue affects SambaBox: from 5.1 before 5.3...

7.2CVSS5.8AI score0.01182EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/29 2:25 p.m.5 views

WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Classified Listing versions = 5.3.9...

5.8AI score0.00242EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/24 3:28 a.m.4 views

CVE-2026-41324 basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()

basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to...

7.5CVSS5.4AI score0.00332EPSS
Exploits1References1
CVE
CVE
added 2026/04/24 3:28 a.m.39 views

CVE-2026-41324

CVE-2026-41324 affects the Node.js FTP client library basic-ftp . Versions prior to 5.3.0 are vulnerable to a denial-of-service caused by unbounded memory growth when processing directory listings from a remote FTP server. A malicious server can send an extremely large or never-ending listing to ...

7.5CVSS5.8AI score0.00332EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/04/24 3:28 a.m.31 views

CVE-2026-41324 basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()

basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to...

7.5CVSS0.00332EPSS
Exploits1References1
Patchstack
Patchstack
added 2026/04/22 4:4 p.m.9 views

WordPress Feed KuantoKusta for WooCommerce – Free plugin <= 5.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by TruongLV1 From FPT Night Wolf in WordPress Plugin Feed KuantoKusta for WooCommerce – Free versions = 5.3...

5.8AI score0.00283EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-3841

A command injection vulnerability has been identified in the Telnet command-line interface CLI of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. An authenticated attacker with elevated privileges may be able to execute...

8.5CVSS6AI score0.01774EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 2:10 p.m.11 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to handshake corruption due to the crypto/tls package (CVE-2025-68121)

Summary Crypto/tls is used as part of secure encryption by DataStage on Cloud Pak for Data. Vulnerability Details CVEID:CVE-2025-68121 DESCRIPTION: During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the...

10CVSS5.9AI score0.00765EPSS
Exploits1Affected Software1
Rows per page
Query Builder