Lucene search
K

2557 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 7 : keepalived-1.3.5-8.el7 (AXSA:2019-3747:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3747:01 advisory. Security Fix - keepalived DoSCVE-2018-19115 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux...

9.8CVSS7.8AI score0.03746EPSS
Exploits0References2
Wordfence Blog
Wordfence Blog
added 2026/01/15 4:14 p.m.16 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 5, 2026 to January 11, 2026)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

9.8CVSS7AI score0.01709EPSS
Exploits7
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

Number withdrawal

“ring” is a library developed by Brian Smith as an individual contributor. This CVE number has been withdrawn...

5.7AI score0.00027EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/14 10:14 a.m.5 views

EUVD-2026-2517

External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticate...

8.6CVSS6.2AI score0.00417EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/14 12:31 a.m.4 views

EUVD-2026-2633

EUVD-2026-2633...

9.8CVSS6.4AI score0.00792EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/14 12:0 a.m.7 views

EUVD-2026-2514

Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the mpegl3encode.c file...

5.3CVSS6.3AI score0.00312EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/13 8:16 p.m.4 views

EUVD-2026-2034

A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access VIA client. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges...

7.8CVSS7.1AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/13 7:30 p.m.5 views

EUVD-2026-2023

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the code doesn't validate that the JWT header specifies "alg":"RS256". This vulnerability is fixed in 2.2...

6.9CVSS6.5AI score0.00128EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/13 5:56 p.m.4 views

EUVD-2026-2175

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00375EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/13 5:56 p.m.7 views

EUVD-2026-2174

Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS6.4AI score0.0046EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/13 3:31 p.m.4 views

EUVD-2026-2273

In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAXDIRHASHDEPTH. When RENAMEWHITEOUT operations are performed on such...

5.6AI score0.00173EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/13 12:0 a.m.4 views

EUVD-2026-2282

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security5g parameter of the sub4CA50 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.1AI score0.00384EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/11 11:2 a.m.6 views

EUVD-2026-1899

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

4.8CVSS3.9AI score0.00165EPSS
Exploits0References9
EUVD
EUVD
added 2026/01/09 9:19 a.m.4 views

EUVD-2026-1766

The Top Position Google Finance plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 0.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS5.2AI score0.00208EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/09 7:57 a.m.4 views

EUVD-2026-1777

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted...

7.6CVSS6.2AI score0.00291EPSS
Exploits0References3
Wordfence Blog
Wordfence Blog
added 2026/01/08 6:20 p.m.28 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 15, 2025 to January 4, 2026)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

9.9CVSS8.4AI score0.05821EPSS
Exploits12
EUVD
EUVD
added 2026/01/08 10:8 a.m.3 views

EUVD-2026-1575

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

5.3CVSS6.3AI score0.00457EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/08 12:0 a.m.4 views

EUVD-2026-1501

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

6.5CVSS6.6AI score0.02981EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/07 12:37 p.m.5 views

EUVD-2026-1219

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit Pro allows Reflected XSS.This issue affects WidgetKit Pro: from n/a through 1.13.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/02 6:30 p.m.3 views

EUVD-2026-0133

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
Rows per page
Query Builder