Lucene search
K

43 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/26 2:0 p.m.9 views

CVE-2026-9552

A security flaw has been discovered in Das Parking Management System 停车场管理系统 6.2.0. This vulnerability affects unknown code of the component Search API Endpoint. The manipulation of the argument Value results in sql injection. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.8AI score0.00318EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/26 2:0 p.m.19 views

CVE-2026-9552

CVE-2026-9552 affects Das Parking Management System 6.2.0, specifically the Search API Endpoint. The vulnerability is a SQL injection triggered by manipulating the Value parameter, allowing remote exploitation. Public exploits exist. The vendor was contacted but did not respond. No remediation de...

7.5CVSS6.8AI score0.00318EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/17 8:15 a.m.18 views

EUVD-2026-30692

A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqxpersistentsessionds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race condition. The attack may be performed from remote. A high complexity level is...

3.1CVSS5AI score0.00282EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.10 views

EMQX 竞争条件问题漏洞

EMQX is an MQTT message server provided by the EMQX company. Versions of EMQX 6.2.0 and earlier contained a race condition vulnerability. This vulnerability stemmed from unknown functions in the QoS 2 PUBLISH Packet Handler component, specifically the emqxpersistentsessionds.erl file. Attackers...

3.1CVSS5.6AI score0.00282EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.8 views

Assimp 资源管理错误漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Version 6.0.2 of Assimp contains a resource management vulnerability. This vulnerability originates from the ConvertMeshMultiMaterial method in FBXConverter.cpp, and it could all...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

fast-jwt 安全漏洞

fast-jwt is a JSON Web Token implementation open-sourced by Nearform. Versions of fast-jwt up to 6.2.0 contained security vulnerabilities. These vulnerabilities occurred when the allowedAud verification option used regular expressions, and if the aud declaration controlled by the attacker trigger...

6.5CVSS5.7AI score0.00262EPSS
Exploits1References4
OSV
OSV
added 2026/03/31 9:16 p.m.4 views

CVE-2026-34405 Nuxt OG Image vulnerable to reflected XSS via query parameter injection into HTML attributes

Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a vulnerability that allows injection of arbitrary attributes into the HTML page body. This issue has been patched in...

6.1CVSS6AI score0.00216EPSS
Exploits1References3
OSV
OSV
added 2026/02/18 6:16 a.m.4 views

CVE-2026-2023

The WP Plugin Info Card plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.2.0. This is due to missing nonce validation in the ajaxsavecustomplugin function, which is disabled by prefixing the check with 'false &&'. This makes it possible for...

4.3CVSS5.7AI score0.00156EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/21 10:24 p.m.7 views

CVE-2026-21944

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

6.8CVSS5.5AI score0.00274EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.5 views

PT-2026-1308

Name of the Vulnerable Software and Affected Versions UniFi Protect Application versions 6.1.79 and earlier Description A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi...

8.8CVSS6.5AI score0.00401EPSS
Exploits0References13
Oracle linux
Oracle linux
added 2025/10/30 12:0 a.m.7 views

redis:6 security update

6.2.20-1.0.1 - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 6.2.20-1 - rebase to 6.2.20 for CVE-2025-49844 CVE-2025-46817 CVE-2025-46818 CVE-2025-46819...

9.9CVSS7AI score0.86767EPSS
Exploits15
OSV
OSV
added 2025/10/18 11:25 a.m.5 views

MAL-2025-48458 Malicious code in src_plugin_index_ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 396cc58d08775057aef35e59ad51a28c7379449f6f00332d193138ff8b9de09a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CVE
CVE
added 2025/10/07 6:3 p.m.13 views

CVE-2025-3450

CVE-2025-3450 describes an Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime . Affected versions are before 6.3 and before Q4.93, where an unauthenticated, network-based attacker could delete data, leading to denial of service. The issue stems from resource lo...

10CVSS6.5AI score0.00254EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/05 12:0 a.m.4 views

AllStarLink Supermon 代码注入漏洞

AllStarLink Supermon is a web front-end management and monitoring tool from AllStarLink. A code injection vulnerability exists in AllStarLink Supermon 6.2 and earlier versions, which stems from unknown code in the AllMon2 component that could lead to a cross-site scripting attack...

5.3CVSS4.9AI score0.00303EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/28 12:0 a.m.4 views

zuluCrypt 安全漏洞

zuluCrypt is an open source disk encryption front-end tool by mhogomchungu individual developer. A security vulnerability exists in zuluCrypt 6.2.0-1 and earlier versions, which stems from an improperly set PolicyKit that could result in local user privileges being elevated to root...

9.3CVSS6.1AI score0.00147EPSS
Exploits0References4
Snyk
Snyk
added 2025/06/03 7:43 p.m.4 views

Arbitrary Code Injection

Overview org.hibernate.validator:hibernate-validator is a Hibernate Validator Engine Relocation Artifact. Affected versions of this package are vulnerable to Arbitrary Code Injection due to the interpolation of user-supplied input in constraint violation messages with Expression Language. An...

7.3CVSS7.7AI score0.00615EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:36 a.m.8 views

CVE-2024-53426

A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 in the Flow::dissectMDNS function...

6.2CVSS6.8AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:12 a.m.9 views

CVE-2023-48068

DedeCMS v6.2 was discovered to contain a Cross-site Scripting XSS vulnerability via specadd.php...

5.4CVSS6.4AI score0.00409EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.6 views

CVE-2023-39675

SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php...

9.8CVSS8.3AI score0.00785EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.9 views

CVE-2020-22819

MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter...

9.8CVSS8.1AI score0.0085EPSS
Exploits1
Rows per page
Query Builder