Lucene search
K

1033 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Ruby-Rack

There is a possible denial-of-service vulnerability in Rack versions 2.0.9.1, 2.1.4.1, and 2.2.3.1, specifically in the multipart parsing component of Rack...

7.5CVSS6.4AI score0.02056EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of Skia in Google Chrome prior to version 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...

4.3CVSS6.8AI score0.00845EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 2:26 a.m.10 views

EUVD-2026-37973

Integer Overflow or Wraparound vulnerability in the EtherNet/IP function of Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module FX5-EIP versions 1.000 and prior allows a remote attacker to cause a denial-of-service DoS condition in the affected product by rapidly establishing a larg...

8.7CVSS5.4AI score0.00379EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50902

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An incorrect conversion between numeric types occurs in NI grpc-device due to missing range checks in CodeGen. This issue may result in the silent discarding of high bits if a size value...

6.3CVSS5.8AI score0.0018EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/17 12:47 p.m.7 views

EUVD-2026-37692

Unauthenticated Cross Site Scripting XSS in Royal Elementor Addons Pro 1.7.1041 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:57 p.m.8 views

CVE-2026-39547

CVE-2026-39547 : Unauthenticated Local File Inclusion in WordPress Theme Getaway versions before 1.8. The connected records confirm, for Getaway

8.1CVSS5.2AI score0.00338EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-9694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain...

4.3CVSS5.7AI score0.00211EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 2:59 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in dompurify-3.2.6.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in dompurify-3.2.6.tgz Vulnerability Details CVEID:CVE-2026-41238 DESCRIPTION: DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a prototype...

6.9CVSS5.4AI score0.00263EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-48261

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A heap-based buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold. This issue could result in arbitrary code execution in...

7.8CVSS6.3AI score0.00174EPSS
Exploits0References5
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.8 views

CVE-2026-3219 affecting package python-virtualenv for versions less than 20.36.1-4

CVE-2026-3219 affecting package python-virtualenv for versions less than 20.36.1-4. A patched version of the package is available...

4.6CVSS6.2AI score0.00144EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 3:37 a.m.8 views

CVE-2026-39834 affecting package cert-manager for versions less than 1.12.15-8

CVE-2026-39834 affecting package cert-manager for versions less than 1.12.15-8. A patched version of the package is available...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
NVD
NVD
added 2026/05/28 11:16 p.m.7 views

CVE-2026-9944

Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS0.00197EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 5:45 p.m.12 views

CVE-2026-45021

Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin bootstrap token and signing keys to any webpage the operator visits while the control plane is...

5.1CVSS5.8AI score0.00204EPSS
Exploits0References9Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Volcano 安全漏洞

Volcano is a batch processing system built using Kubernetes, developed by Volcano OpenSource. Vulnerabilities exist in versions of Volcano before v1.14.2, v1.13.3, and v1.12.4. These vulnerabilities stem from the Webhook server’s lack of a limit on the size of the HTTP request bodies. Pods that...

6.8CVSS5.9AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the Base component’s ability to be reused after being released, potentially allowing remote attackers to execute...

8.8CVSS6.2AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.31 views

Webmin 安全漏洞

Webmin is a set of web-based system management tools for Unix-like operating systems, developed by the Webmin community. Versions of Webmin prior to 2.640 contained a security vulnerability, which stemmed from the insecure construction of the attachment save file name in the mailboxes/detachall.c...

9.4CVSS5.8AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/23 12:0 a.m.13 views

New API SQL注入漏洞

The New API is an interface software developed by QuantumNous. Versions of the New API prior to 0.12.1 have a SQL injection vulnerability. This vulnerability originates from the SearchUserTopUps/SearchAllTopUps function in the model/topup.go file of the self Endpoint component, which may lead to...

6.5CVSS6.7AI score0.00192EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.6 views

Mozilla Firefox ESR < 115.36

The version of Firefox ESR installed on the remote Windows host is prior to 115.36. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-47 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR...

9.8CVSS6AI score0.0056EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/14 5:36 p.m.18 views

EUVD-2025-209858

Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Library Automation System: from v.19.5...

8.8CVSS5.8AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

WordPress plugin CC Child Pages 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.8AI score0.00156EPSS
Exploits0References1
Rows per page
Query Builder