Lucene search
K

11 matches found

EUVD
EUVD
added 2026/06/12 8:23 p.m.9 views

EUVD-2026-36586

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a flaw in how replies to whisper posts are handled allows authenticated users outside the groups configured in...

5.4CVSS5.3AI score0.00148EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.39 views

PT-2026-48692

Name of the Vulnerable Software and Affected Versions @grpc/grpc-js versions prior to 1.9.16 @grpc/grpc-js versions prior to 1.10.12 @grpc/grpc-js versions prior to 1.11.4 @grpc/grpc-js versions prior to 1.12.7 @grpc/grpc-js versions prior to 1.13.5 @grpc/grpc-js versions prior to 1.14.4...

7.5CVSS5.8AI score0.00052EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-31825

Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy without validation. An attacker can inject arbitrary DQL. The issue is fixed in...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 8:2 a.m.4 views

CVE-2024-14026 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in th...

5.4CVSS6AI score0.00624EPSS
Exploits0References1
Debian
Debian
added 2026/01/15 3:59 a.m.60 views

[SECURITY] [DSA 6100-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6100-1 [email protected] https://www.debian.org/security/ Andres Salomon January 14, 2026 https://www.debian.org/security/faq -...

9.8CVSS7.6AI score0.00382EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2025/05/12 8:46 p.m.11 views

About Remote Code Execution – Erlang/OTP (CVE-2025-32433) vulnerability

About Remote Code Execution - Erlang/OTP CVE-2025-32433 vulnerability. Erlang is a programming language used to build massively scalable soft real-time systems with requirements for high availability. Used in telecom, banking, e-commerce, telephony, and messaging. OTP is a set of Erlang libraries...

10CVSS8.5AI score0.97859EPSS
Exploits36
Github Security Blog
Github Security Blog
added 2025/04/17 6:33 p.m.15 views

Rasa Pro Missing Authentication For Voice Connector APIs

Vulnerability A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the credentials.yml file. This could allow an attacker to submit voice data to the Rasa Pro assistant from an unauthenticate...

6.5CVSS7AI score0.00429EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/24 12:51 p.m.3 views

azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity

A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library MSAL. The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalatio...

5.5CVSS7.3AI score0.00788EPSS
Exploits0References8
NCSC
NCSC
added 2022/04/21 12:0 a.m.7 views

Vulnerability fixed in Jira Seraph

A vulnerability has been fixed in Jira Seraph, the web framework used for authentication within Jira. The vulnerability allows a remote malicious party to circumvent authentication bypass authentication by sending a specially prepared HTTP request to the server. The application is only vulnerable...

9.8CVSS6.9AI score0.88057EPSS
Exploits2
NCSC
NCSC
added 2021/06/24 12:0 a.m.6 views

Vulnerability fixed in MediaWiki

A vulnerability has been fixed in MediaWiki. The vulnerability allows an authenticated remote malicious person to delete delete pages while the account is locked. MediaWiki has released new versions to fix the vulnerability. fix. More information can be found on the page below:...

7.5CVSS6.5AI score0.01943EPSS
Exploits1
securityvulns
securityvulns
added 2004/08/25 12:0 a.m.30 views

Hastymail security update

---Software--- Hastymail is a web based IMAP client written in PHP4 released under the GNU GPL. More information about Hastymail can be found at our homepage: http://hastymail.sourceforge.net ---Problem--- A problem was discovered yesterday regarding the use of the "download" link to download...

6.8AI score
Exploits0
Rows per page
Query Builder