Lucene search
K

569292 matches found

BDU FSTEC
BDU FSTEC
added yesterday5 views

The vulnerability of the Directum RX ECM system, related to deficiencies in access control, allows a perpetrator to compromise data integrity.

The vulnerability of the Directum RX ECM system is related to deficiencies in access control. Exploiting this vulnerability could allow a remote attacker to compromise data integrity...

5CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added yesterday5 views

The vulnerability of the MmMapIoSpace() function in the ThrottleBlood.sys driver allows a hacker to escalate their privileges, execute arbitrary code, or cause a service failure.

The vulnerability of the MmMapIoSpace function in the ThrottleBlood.sys driver, as part of the ThrottleStop utility, is related to open IOCTLs with insufficient access control. Exploiting this vulnerability could allow an attacker to enhance their privileges, execute arbitrary code, or cause...

7.5CVSS6AI score0.08963EPSS
Exploits8References3Affected Software1
NVD
NVD
added yesterday4 views

CVE-2026-14439

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to...

9.4CVSS
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-41210

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to...

9.4CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added yesterday3 views

CVE-2026-14439 Path Traversal in Altium Git Service Allows Remote Code Execution

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to...

9.4CVSS
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-14439

CVE-2026-14439 describes a path-traversal in the Git Service shared by Altium Enterprise Server and Altium 365. The vulnerability arises from a post-clone file-manipulation primitive that accepts user-supplied paths without validation, enabling an authenticated user with basic git access to move ...

9.4CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added yesterday4 views

CVE-2026-14399

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
Cvelist
Cvelist
added yesterday3 views

CVE-2026-14408

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2026-14402

CVE-2026-14402 affects Google Chrome on Windows via ANGLE. The issue is an uninitialized use in ANGLE, allowing a remote attacker to obtain potentially sensitive information from a process memory space through a crafted HTML page. Affected product/version: Chrome on Windows prior to 150.0.7871.46...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2026-14406

CVE-2026-14406 concerns an out-of-bounds read in V8 inside Google Chrome prior to 150.0.7871.46. If a user is persuaded to install a crafted malicious extension, memory contents could be exposed to the attacker’s extension. Affected component: V8 in Chrome; root cause: out-of-bounds read. Consequ...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-14422

CVE-2026-14422 : Out-of-bounds read and write in Tint components of Google Chrome (Chromium-based) prior to 150.0.7871.46 allows a remote attacker to potentially access memory via a crafted HTML page. The issue affects Chrome versions before the 150.0.7871.46 update. Affected product: Google Chro...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-14385

Affected software: Google Chrome on macOS. Issue: heap buffer overflow in ANGLE leading to out-of-bounds memory access via a crafted HTML page. Severity: High. Remediation: not explicitly stated in the provided documents. Exploitation details: not provided.

6.1AI score
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-54261

Wagtail (Django-based CMS) has a permission-check flaw in the image preview endpoint. In versions prior to 7.0.8, 7.3.3, and 7.4.2, a user with admin access could preview any image due to a missing permission check; this does not expose the image data itself to ordinary site visitors. The issue h...

6.5CVSS5.6AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-54259

Wagtail (Django-based CMS) has a vulnerability in older branches where the Documents and Images chooser endpoint could show items to users who lack choose permission. Affected versions: < 7.0.8, < 7.3.3, and

4.3CVSS5.6AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-40297

Rancher has over-inclusive team membership expansion in GitHub App authentication provider...

8.8CVSS5.8AI score0.0037EPSS
Exploits0References6
EUVD
EUVD
added yesterday3 views

EUVD-2026-41128

Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by injecting unsanitized input through the smacfilterconf handler in the commuos web backend. Attackers...

9.8CVSS6.1AI score
Exploits0References3
CVE
CVE
added yesterday7 views

CVE-2026-58457

CVE-2026-58457 affects Shenzhen Aitemi M300 MT02 (Wi‑Fi Repeater). An unauthenticated OS command injection exists in the commuos web backend via the smacfilter_conf handler. Attackers can append semicolon-delimited payloads to the name, enable, or mac GET parameters, which are unsanitized and pas...

9.8CVSS6.1AI score
Exploits0References3
CVE
CVE
added yesterday25 views

CVE-2026-53489

CVE-2026-53489 affects containerd CRI: when checkpoint restore occurs, the CRI plugin may read a host file by following a symlink for container.log. Vulnerable versions are prior to 2.3.2, 2.2.5 and 2.1.9. Impact described as arbitrary host file read via kubectl logs, with LOCAL attack potential ...

8.2CVSS5.9AI score
Exploits0References1
Debian CVE
Debian CVE
added yesterday6 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3...

8.2CVSS5.8AI score
Exploits0
CVE
CVE
added yesterday17 views

CVE-2026-50160

Hoppscotch self-hosted deployments (Hoppscotch-backend

10CVSS6.1AI score0.00061EPSS
Exploits0References3
Rows per page
Query Builder