Lucene search
K

3104 matches found

CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

SAMSUNG Members 安全漏洞

Samsung Members is a community platform app developed by South Korea’s Samsung Corporation. Versions of Samsung Members prior to 5.8.01.5 contained security vulnerabilities. These vulnerabilities were due to improper input validation, which could allow local attackers to use Samsung Members...

7.1CVSS5.5AI score0.00105EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/04 12:52 p.m.10 views

WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by ParkHyunWoo in WordPress Plugin RD Station versions = 5.6.0...

9.9CVSS5.7AI score0.0028EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/04 2:30 a.m.13 views

SUSE CVE-2026-8404

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not match Cache-Control response directives case-insensitively, which allows remote attackers to read responses that were incorrectly cached because their...

5.9CVSS5.8AI score0.00285EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/06/03 2:16 p.m.5 views

arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +49 more potentially affected by CVE-2026-7666 via django (>=5.2.0 <=5.2.14)

django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-7666 Source advisory: OSV:PYSEC-2026-200...

3.1CVSS5.7AI score0.0015EPSS
Exploits0
EUVD
EUVD
added 2026/06/03 1:16 p.m.14 views

EUVD-2026-34088

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not match Cache-Control response directives case-insensitively, which allows remote attackers to read responses that were incorrectly cached because their...

3.1CVSS5.8AI score0.00285EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/03 1:16 p.m.10 views

CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS5.7AI score0.0015EPSS
Exploits0
Mageia
Mageia
added 2026/06/02 5:23 a.m.18 views

Updated assimp packages fix security vulnerabilities

CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

9.8CVSS5.9AI score0.00618EPSS
Exploits6References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

TP-Link Tapo C200 安全漏洞

The TP-Link Tapo C200 is a webcam device produced by TP-Link Corporation. The TP-Link Tapo C200 v5 version has a security vulnerability. This vulnerability stems from an improper validation of the length of the Authorization header field during RTSP authentication processing. This can lead to a...

7.1CVSS5.6AI score0.00305EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

DesDev DedeCMS SQL注入漏洞

DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation. It is built using PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection...

7.5CVSS5.6AI score0.00308EPSS
Exploits0References4
CVE
CVE
added 2026/06/01 5:49 p.m.27 views

CVE-2026-40989

CVE-2026-40989 affects Spring Cloud Function lineages (3.2.x, 4.1.x, 4.2.x, 4.3.x, 5.0.x) with older/unsupported versions also impacted. The issue is an infinite recursion in the routing layer that can cause an Out-Of-Memory (OOM) condition during request handling. The root cause is not fully dis...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/01 4:59 p.m.35 views

CVE-2026-45286 Nextcloud: Calendar app leaked user identifiers via attendee suggestion endpoint

Nextcloud is an open source content collaboration platform. From versions 5.5.13 to before 5.5.17, and 6.2.0 to before 6.2.3, an authenticated user can enumerate users on the same Nextcloud instance by using the Calendar app's endpoint for suggesting attendees. The sharing restrictions, applied t...

4.3CVSS0.00281EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/01 4:3 p.m.15 views

CVE-2026-7459

The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated Subscriber+ account takeover in all versions up to, and including, 5.26.0 via the event reaction endpoints reacttoevent / unreacttoevent. The endpoints register getitemspermissionschec...

7.5CVSS5.8AI score0.00593EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/01 3:13 p.m.31 views

CVE-2026-42679 WordPress Classified Listing plugin <= 5.3.8 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8...

6.5CVSS0.00295EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/01 8:45 a.m.10 views

WordPress Slimstat Analytics plugin < 5.4.0 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by mcdruid in WordPress Plugin Slimstat Analytics versions 5.4.0...

6.5CVSS5.8AI score0.00252EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45377

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.7 Apache ActiveMQ versions 6.0.0 through 6.2.5 Description Incomplete authorization in the server allows authenticated connections to remove existing destinations when they possess the proper permissions...

4.3CVSS5.4AI score0.00335EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.24 views

PT-2026-45483

Impact When relying solely on a git commit ID SHA-1 or SHA-256 to qualify if a checkout of a repository is equivalent to the state validated while adding its commit ID to a kas configuration, users may be tricked to check out a branch of the same name from this repository. This implies that the...

2.1CVSS5.7AI score0.00018EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/31 1:40 p.m.16 views

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in minimatch (CVE-2026-26996, CVE-2026-27903, CVE-2026-27904)

Summary Multiple vulnerabilities in the minimatch matching utility CVE-2026-26996, CVE-2026-27903, CVE-2026-27904 used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the component to version 5.1.8. Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a...

8.7CVSS5.7AI score0.00519EPSS
Exploits3Affected Software1
CVE
CVE
added 2026/05/30 9:29 a.m.41 views

CVE-2026-7459

The CVE concerns the Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress (

7.5CVSS5.8AI score0.00593EPSS
Exploits1References12
Snyk
Snyk
added 2026/05/29 10:7 p.m.10 views

Insertion of Sensitive Information into Log File

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the setCookie and start functions. An attacker can gain unauthorized access to...

6.7CVSS5.8AI score0.00015EPSS
Exploits0References2
OSV
OSV
added 2026/05/29 8:16 p.m.11 views

DEBIAN-CVE-2026-45149

The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like 1..10000000, the sequence generation loop generates all 10 million intermediate...

7.5CVSS6AI score0.00278EPSS
Exploits0References1
Rows per page
Query Builder