Lucene search
+L

171 matches found

osv
osv
added 2026/07/08 12:4 a.m.3 views

CVE-2026-59995

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

4.2CVSS6.1AI score0.00241EPSS
Exploits0References5
nessus
nessus
added 2026/07/07 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-54433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, there is Stored Cross-Site Scripting XSS via a crafted plain-text email message. The...

7.2CVSS6.1AI score0.00276EPSS
Exploits0References3
nessus
nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-56091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This...

8.2CVSS5.8AI score0.00422EPSS
Exploits0References3
nvd
nvd
added 2026/06/17 3:17 p.m.12 views

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS0.0019EPSS
Exploits0References2
nessus
nessus
added 2026/06/17 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12308...

5.3CVSS6.1AI score0.00261EPSS
Exploits0References2
cve
cve
added 2026/06/16 7:27 p.m.19 views

CVE-2026-46944

Technical details (affected product, vulnerable component, impact, remediation) are not publicly available in the provided documents. Monitor for updates from Oracle and CVE feeds.

9.1CVSS5.2AI score0.00453EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2026/06/10 12:0 a.m.11 views

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2026-2272)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 Tenable has...

8.8CVSS7.6AI score0.96267EPSS
Exploits257References3
redhatcve
redhatcve
added 2026/06/07 4:38 a.m.10 views

CVE-2026-10971

An insufficient validation of untrusted input flaw was found in the Printing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513005991...

9.6CVSS5.4AI score0.00324EPSS
Exploits0References5
nessus
nessus
added 2026/06/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

8.8CVSS6.1AI score0.00355EPSS
Exploits0References2
nessus
nessus
added 2026/05/27 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-42496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar...

9.1CVSS7.1AI score0.0043EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.21 views

PT-2026-42469

Name of the Vulnerable Software and Affected Versions Apex One/SEP agent affected versions not specified Description An origin validation error in the process protection mechanism allows a local attacker to escalate privileges. To exploit this issue, the attacker must first have the ability to...

7.8CVSS7.1AI score0.00213EPSS
Exploits0References5
circl
circl
added 2026/05/13 8:0 p.m.12 views

CVE-2018-6400

creationtimestamp| type| source ---|---|--- 2026-05-13 20:00:00+00:00| seen| https://jvn.jp/en/jp/JVN14434132...

7.8CVSS7.1AI score0.00336EPSS
Exploits2References1
vulnrichment
vulnrichment
added 2026/05/13 2:12 p.m.9 views

CVE-2026-40067 BIG-IP APM Vulnerability

When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.8AI score0.00324EPSS
Exploits0References1
vulnersosv
vulnersosv
added 2026/05/11 9:0 p.m.11 views

@tanstack/solid-start (>=1.121.0-alpha.28 <=1.167.62) potentially affected by CVE-2026-45321 via @tanstack/solid-start-client (>=1.121.0-alpha.28 <=1.166.5)

@tanstack/solid-start-client NPM version =1.121.0-alpha.28, =1.121.0-alpha.28, =1.167.62 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKSOLIDSTARTCLIENT-16640233...

9.6CVSS8AI score0.02342EPSS
Exploits3
vulnersosv
vulnersosv
added 2026/05/05 9:48 p.m.8 views

@akemona-org/strapi-connector-mongoose (>=3.13.0 <=3.17.2), @andybeat/clothingshop-nestjs (>=2.9.0 <=2.12.0) +88 more potentially affected by CVE-2026-42334 via mongoose (>=8.0.0 <=8.21.0)

mongoose NPM version =8.0.0, =3.13.0, =2.9.0, =0.10.18, =0.10.21, =1.3.5, =3.8.0, =1.0.1, =8.10.0, =0.8.7, =1.0.1, =1.5.1, =1.12.42, =7.0.0, =0.0.1-20250418035022-6dadadb.0, =0.4.1 and more Source cves: CVE-2026-42334 Source advisory: SNYK:JS-MONGOOSE-16425765...

7.5CVSS5.7AI score0.00274EPSS
Exploits0
osv
osv
added 2026/05/02 6:9 a.m.6 views

BELL-CVE-2026-43049

Bulletin has no description...

7.8CVSS5.7AI score0.00116EPSS
Exploits0References1
osv
osv
added 2026/05/02 6:9 a.m.7 views

BELL-CVE-2026-43057

Bulletin has no description...

7.5CVSS5.7AI score0.00389EPSS
Exploits0References1
cgr
cgr
added 2026/05/01 7:17 p.m.7 views

GHSA-MP3R-6558-HVG8 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-aws, linux-vmware, linux-gcp, linux-qemu...

6.1AI score
Exploits0
cgr
cgr
added 2026/04/22 7:18 a.m.8 views

GHSA-Q49F-XG75-M9XW vulnerabilities

Vulnerabilities for packages: zed, wasmcloud, wizer, yara-x...

6.1AI score
Exploits0
nessus
nessus
added 2026/04/21 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-6753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS7.1AI score0.00306EPSS
Exploits0References2
Rows per page
Query Builder