Lucene search
K

13 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/01 9:12 p.m.4 views

CVE-2026-54263

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, reflected cross-site scripting XSS vulnerability exists on the dynamic image URL generator view within the Wagtail admin interface. A user with a limited-permission editor account for...

7.3CVSS5.5AI score0.00203EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 9:9 p.m.15 views

CVE-2026-54259

Wagtail (Django-based CMS) has a vulnerability in older branches where the Documents and Images chooser endpoint could show items to users who lack choose permission. Affected versions: < 7.0.8, < 7.3.3, and

4.3CVSS5.6AI score0.00162EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 9:8 p.m.12 views

CVE-2026-54260

CVE-2026-54260 affects Wagtail (Django-based CMS). In versions prior to 7.0.8, 7.3.3, and 7.4.2, an authenticated admin user can trigger expensive rendition processing via crafted filter specs in the image preview, leading to potential service degradation. This is not exploitable by anonymous vis...

4.3CVSS5.6AI score0.0022EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54839

Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.8 Wagtail versions prior to 7.3.3 Wagtail versions prior to 7.4.2 Description A low-level user granted the "Can submit translation" permission can create translations for any page, regardless of whether they have...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in imagemagick

In GammaImage of /MagickCore/enhance.c, depending on the gamma value, it is possible for a divide-by-zero condition to occur when a specially crafted input file is processed by ImageMagick. This could affect the availability of the application. The patch uses PerceptibleReciprocal to prevent such...

5.5CVSS6.8AI score0.01365EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017557)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017557 advisory. A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in t...

4.3CVSS6.7AI score0.00914EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-21987

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior t...

7.8CVSS7.3AI score0.00671EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.4 views

CloudLinux CageFS Security Vulnerability

CloudLinux CageFS is a virtualized file system and set of tools from CloudLinux. A security vulnerability exists in CloudLinux CageFS version 7.0.8-2 and prior versions. An attacker could exploit the vulnerability to read and write arbitrary files outside of the CageFS environment in a limited wa...

4.4CVSS6.8AI score0.00378EPSS
Exploits3References6
OSV
OSV
added 2023/04/18 8:15 p.m.3 views

CVE-2023-21998

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

4.6CVSS6.7AI score
Exploits0References1
OSV
OSV
added 2023/04/18 8:15 p.m.3 views

CVE-2023-21990

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

8.2CVSS6.9AI score0.00332EPSS
Exploits0References1
OSV
OSV
added 2023/04/18 8:15 p.m.6 views

UBUNTU-CVE-2023-22002

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

6CVSS6.8AI score0.00337EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/04/18 12:0 a.m.4 views

Oracle Virtualization 安全漏洞

Oracle Virtualization is a suite of virtualization solutions from Oracle. The product is used to unify the management of the entire hardware and software architecture from applications to disk, enabling virtualization from the desktop to the data center. A security vulnerability exists in the Cor...

4.6CVSS7.2AI score0.00309EPSS
Exploits0References2
OSV
OSV
added 2020/12/03 5:15 p.m.2 views

UBUNTU-CVE-2020-27762

A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could...

5.5CVSS6.7AI score0.01091EPSS
Exploits0References5
Rows per page
Query Builder