Lucene search
K

223 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/29 12:0 a.m.4 views

CVE-2026-30769

An issue in the TVicPort64.sys component of EnTech Taiwan TVicPort Product v4.0, File v5.2.1.0 allows attackers to escalate privileges via sending crafted IOCTL 0x80002008 requests...

5.2AI score0.0013EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 3:16 p.m.6 views

CVE-2026-35548

An issue was discovered in guardsix formerly Logpoint ODBC Enrichment Plugins before 5.2.1 5.2.1 is used in guardsix 7.9.0.0. A logic flaw allowed stored database credentials to be reused after modification of the target Host, IP address, or Port. When editing an existing Enrichment Source,...

8.5CVSS0.00213EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/04/09 5:26 p.m.6 views

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs

Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit SDK called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox...

5.9AI score
Exploits0
OSV
OSV
added 2026/04/08 8:2 p.m.2 views

GHSA-CHQC-8P9Q-PQ6Q basic-ftp has FTP Command Injection via CRLF

Summary basic-ftp version 5.2.0 allows FTP command injection via CRLF sequences \r\n in file path parameters passed to high-level path APIs such as cd, remove, rename, uploadFrom, downloadTo, list, and removeDir. The library's protectWhitespace helper only handles leading spaces and returns other...

8.6CVSS6.1AI score0.02185EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/07 2:22 p.m.7 views

CVE-2026-3902

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores. Earlier, unsupported Django...

5.9AI score0.00436EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/07 2:0 p.m.10 views

UBUNTU-CVE-2026-33033

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads with Content-Transfer-Encoding: base64 including excessive whitespace. Earlier, unsupported Django series such as...

6.5CVSS5.8AI score0.00879EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/04 12:0 a.m.8 views

REDAXO 跨站请求伪造漏洞

REDAXO is an open-source content management system developed by REDAXO. Version 5.2 of Redaxo contains a cross-site request forgeing vulnerability. This vulnerability is due to a susceptibility to cross-site request forgery attacks, which may allow unauthorized attackers to create administrative...

6.9CVSS5.7AI score0.00146EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/01 5:0 a.m.7 views

CVE-2026-27697

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

9.8CVSS7.1AI score0.00412EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/31 10:43 p.m.6 views

EUVD-2026-17265

baserCMS has OS command injection vulnerability in installer...

9.2CVSS7.1AI score0.02059EPSS
Exploits0References4
OSV
OSV
added 2026/03/31 10:43 p.m.3 views

GHSA-6HPG-8RX3-CWGV baserCMS has OS command injection vulnerability in installer

baserCMS has an OS command injection vulnerability in the installer. Target baserCMS 5.2.2 and earlier versions Vulnerability If baserCMS is placed on a server but not installed, malicious commands may be executed. Countermeasures Update to the latest version of baserCMS Please refer to the...

9.2CVSS7.1AI score0.02059EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/31 10:35 p.m.7 views

EUVD-2026-17259

baserCMS Update Functionality Vulnerable to OS Command Injection...

9.1CVSS5.9AI score0.01516EPSS
Exploits0References4
NVD
NVD
added 2026/03/31 1:16 a.m.4 views

CVE-2026-32734

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag creation. This issue has been patched in version 5.2.3...

7.1CVSS0.00258EPSS
Exploits0References3
OSV
OSV
added 2026/03/31 12:45 a.m.3 views

CVE-2026-30879 baserCMS: Cross-site scripting vulnerability in blog post

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a cross-site scripting vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS7AI score0.00233EPSS
Exploits0References5
CVE
CVE
added 2026/03/31 12:45 a.m.11 views

CVE-2026-30879

Summary: CVE-2026-30879 affects baserCMS prior to version 5.2.3, where a cross-site scripting (XSS) vulnerability in blog posts could be exploited. The issue is resolved by updating to version 5.2.3. Affected software: baserCMS (website development framework). Vulnerability details (from connecte...

6.9CVSS7AI score0.00233EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/31 12:45 a.m.4 views

CVE-2026-30877 baserCMS: OS Command Injection in the baserCMS Update Functionality

baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges o...

9.1CVSS6AI score0.01516EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/31 12:45 a.m.4 views

CVE-2026-30877

baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges o...

9.1CVSS6AI score0.01516EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 12:44 a.m.2 views

CVE-2026-27697 baserCMS: SQL injection vulnerability in blog post

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS5.8AI score0.00412EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.7 views

PT-2026-29153

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag creation. This issue has been patched in version 5.2.3...

7.1CVSS5.7AI score0.00258EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/18 6:31 p.m.4 views

EUVD-2026-12914

Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size...

8.2CVSS5.8AI score0.00618EPSS
Exploits1References2
NVD
NVD
added 2026/03/03 8:16 p.m.12 views

CVE-2025-14604

IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors...

7.8CVSS0.00132EPSS
Exploits0References1
Rows per page
Query Builder