Lucene search
K

9806 matches found

Debian CVE
Debian CVE
added 2026/01/30 8:11 p.m.5 views

CVE-2025-24293

Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...

9.2CVSS6AI score0.02388EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/01/30 8:11 p.m.3 views

CVE-2025-24293

Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...

9.2CVSS5.7AI score0.02388EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/30 8:11 p.m.6 views

CVE-2025-24293

Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...

9.2CVSS6AI score0.02388EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/01/30 8:11 p.m.7 views

EUVD-2025-29509

Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...

9.2CVSS6.2AI score0.02388EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/01/30 8:11 p.m.31 views

CVE-2025-24293

Active Storage allowed transformation methods potentially unsafe Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allow for the circumvention of the safe defaults which enables...

9.2CVSS0.02388EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.7 views

Active Storage security vulnerability

Active Storage is a plugin that allows for file uploads to various cloud storage services and attaches files to Active Record objects. There is a security vulnerability in Active Storage, which stems from the use of potentially insecure image conversion methods, potentially leading to command...

9.2CVSS6AI score0.02388EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/01/29 9:36 a.m.188 views

Exploit for CVE-2020-1472

Active Directory Attack Path Suggestion Engine !Python Versi...

10CVSS6AI score0.99759EPSS
Exploits142
The Hacker News
The Hacker News
added 2026/01/28 4:49 a.m.16 views

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-24858 CVSS score: 9.4, has been described as an authentication bypass related to FortiOS single...

9.8CVSS6.1AI score0.85844EPSS
Exploits0
EUVD
EUVD
added 2026/01/28 12:18 a.m.6 views

EUVD-2026-4907

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a critical command injection vulnerability exists in Dokploy's WebSocket endpoint /docker-container-terminal. The containerId and activeWay parameters are directly interpolated into shell commands without...

9.9CVSS6.2AI score0.02518EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.6 views

PT-2026-5046

Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.26.6 Description Dokploy is a Platform as a Service PaaS. A command injection issue exists in versions prior to 0.26.6 within the /docker-container-terminal WebSocket endpoint. The containerId and activeWay paramete...

9.9CVSS5.8AI score0.02518EPSS
Exploits2References14
GithubExploit
GithubExploit
added 2026/01/27 1:56 p.m.751 views

Exploit for CVE-2026-21509

🛡️ CVE-2026-21509 — Microsoft Office Zero-Day !OFFICEhttps...

9.3CVSS7.7AI score0.99945EPSS
Exploits43
SUSE CVE
SUSE CVE
added 2026/01/27 12:27 a.m.5 views

SUSE CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

6.7CVSS5.8AI score0.0013EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.3 views

CentOS 9 : sssd-2.9.8-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the sssd-2.9.8-1.el9 build changelog. - SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux CVE-2025-11561 Note that Nessus has not tested for this issue but...

8.8CVSS5.9AI score0.00768EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/01/27 12:0 a.m.4 views

Burp Suite 2025.12.4 Extension Advanced ReDoS Detector

This Burp Suite Java extension integrates an advanced timing-based ReDoS detection engine into Burp's Active Scanner. It automatically tests HTTP parameters using crafted payloads to identify exponential regex backtracking vulnerabilities. The extension performs warm-up requests, collects baselin...

5.9AI score
Exploits0
CISA
CISA
added 2026/01/26 12:0 p.m.15 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2018-14634link is external Linux Kernel Integer Overflow Vulnerability CVE-2025-52691link is external SmarterTools SmarterMail Unrestricted Upload of File with...

10CVSS7.4AI score0.98871EPSS
In wildExploits96References10
GithubExploit
GithubExploit
added 2026/01/26 7:47 a.m.184 views

Exploit for CVE-2026-24061

CVE-2026-24061 Scanner: GNU Inetutils Telnet Exploit Checker...

9.8CVSS6.1AI score0.98871EPSS
Exploits60
The Hacker News
The Hacker News
added 2026/01/24 8:9 a.m.13 views

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerability ...

9.8CVSS7AI score0.54143EPSS
Exploits0
NVD
NVD
added 2026/01/23 4:15 p.m.8 views

CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

7.8CVSS0.0013EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/01/23 4:15 p.m.4 views

CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

7.8CVSS6.3AI score0.0013EPSS
Exploits0References25
The Hacker News
The Hacker News
added 2026/01/23 3:24 p.m.13 views

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2025-68645 CVSS score: 8.8 - A PHP remote fi...

9.2CVSS6.5AI score0.83479EPSS
Exploits17
Rows per page
Query Builder