Lucene search
K

16 matches found

Cvelist
Cvelist
added 2026/06/11 12:28 p.m.33 views

CVE-2026-11561 SSTI in Soagen Informatics' Apinizer

Improper neutralization of special elements used in an expression language statement 'expression language injection' vulnerability in Soagen Informatics Technologies Software and Consulting Inc. Apinizer allows Code Injection. This issue affects Apinizer: from 2026.04.0 before 2026.04.6...

9.8CVSS0.00417EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS6.1AI score0.00283EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.12 views

MiracleLinux 8 : ruby:3.3 (AXSA:2026-769:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-769:01 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the...

8.1CVSS6AI score0.01131EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/03 10:0 p.m.8 views

CVE-2026-7705

A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function setiptvinfo of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to command injection. It is possible to launch the attack remotely. The exploit has...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.9 views

runZero Platform 安全漏洞

runZero Platform is an asset discovery and attack surface management platform developed by the US company runZero. Versions of runZero Platform prior to 4.0.260203.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could allow the MCP proxy to...

3CVSS5.8AI score0.00118EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.10 views

Oracle Linux 8 : mysql:8.4 (ELSA-2026-6391)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6391 advisory. mecab mecab-ipadic mysql 8.4.8-1 - Rebase to 8.4.8 Tenable has extracted the preceding description block directly from the Oracle Linux security...

6.5CVSS7.1AI score0.00337EPSS
Exploits0References7
CVE
CVE
added 2026/03/25 8:46 a.m.34 views

CVE-2026-3608

CVE-2026-3608 affects Kea daemons (kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, kea-dhcp6). A maliciously crafted message over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow. Affected versions: 2.6.0–2.6.4 and 3.0.0–3.0.2. Exploitation details a...

7.5CVSS5.8AI score0.01361EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.5 views

WordPress plugin CF7 Submissions 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

4.3CVSS6.5AI score0.0023EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/09/15 2:21 p.m.4 views

CVE-2022-50267

In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxpci: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...

5.5CVSS5.3AI score0.00145EPSS
Exploits0
NVD
NVD
added 2025/04/16 3:15 p.m.8 views

CVE-2025-22026

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...

5.5CVSS0.00178EPSS
Exploits0References8
OSV
OSV
added 2023/04/29 12:15 a.m.2 views

DEBIAN-CVE-2023-31485

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks...

5.9CVSS5.9AI score0.00651EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.4 views

PT-2023-23360 · Gitlab +1 · Gitlab::Api::V4 +1

Name of the Vulnerable Software and Affected Versions: GitLab::API::v4 versions 0.26 and earlier Description: The issue allows for machine-in-the-middle attacks due to the lack of TLS certificate verification when connecting to a GitLab server. Recommendations: For GitLab::API::v4 versions 0.26 a...

5.9CVSS5.3AI score0.00651EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.4 views

SUSE CVE-2018-8976

In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service image.cpp Exiv2::Internal::stringFormat out-of-bounds read via a crafted file...

3.3CVSS8.7AI score0.02109EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/10/25 9:10 a.m.7 views

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS7.3AI score0.01318EPSS
Exploits0References4
OSV
OSV
added 2021/10/20 11:16 a.m.3 views

CVE-2021-35584

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: ndbcluster/plugin DDL. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster...

4.3CVSS6.5AI score
Exploits0References2
CNVD
CNVD
added 2018/02/13 12:0 a.m.5 views

Exiv2 'readHeader' Function Denial of Service Vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A security vulnerability exists in the 'readHeader' functi...

6.5CVSS6.9AI score0.01173EPSS
Exploits1References1
Rows per page
Query Builder