Lucene search
+L

15608 matches found

cve
cve
added 2026/05/12 9:46 p.m.43 views

CVE-2026-42544

CVE-2026-42544 (Granian) affects Granian versions 1.2.0–2.7.4, where an unauthenticated client sending a WebSocket upgrade request with a non-ASCII Sec-WebSocket-Protocol header causes the server to abort the worker in the WebSocket scope construction path, yielding an unauthenticated DoS. The cr...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References1
redhat
redhat
added 2026/05/12 9:15 p.m.22 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.3.3

Red Hat OpenShift Service Mesh 3.3.3 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.3....

9.8CVSS7.4AI score0.00615EPSS
Exploits0References8
euvd
euvd
added 2026/05/12 8:2 p.m.14 views

EUVD-2026-29801

Pulpy is a lightweight, cross-platform desktop application packager for web apps. Prior to 0.1.1, Pulpy injects a pulpy.fs JavaScript API into every packaged web application, giving it access to the host filesystem. A validateFsPath function is supposed to sandbox this access, but its blocklist i...

9.3CVSS5.9AI score0.01102EPSS
Exploits2References1
euvd
euvd
added 2026/05/12 6:30 p.m.11 views

EUVD-2026-29527

Uncontrolled search path for some IntelR Connectivity Performance Suite software installers before version 50.25.1121.193 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may...

5.4CVSS5.7AI score0.00089EPSS
Exploits0References2
nvd
nvd
added 2026/05/12 5:16 p.m.35 views

CVE-2025-35990

Improper input validation for some Intel Endpoint Management Assistant EMA software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable escalation...

8.7CVSS0.00188EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/12 4:35 p.m.49 views

CVE-2025-36515

Uncontrolled search path for some AI Playground software before version 3.0.0 alpha within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This...

5.4CVSS0.00089EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/12 4:34 p.m.8 views

CVE-2026-20738

Untrusted pointer dereference for some IntelR QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of...

8.5CVSS5.7AI score0.00112EPSS
Exploits0References1
euvd
euvd
added 2026/05/12 12:32 p.m.9 views

EUVD-2026-29447

The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...

2.9CVSS5.8AI score0.00092EPSS
Exploits0References2
nvd
nvd
added 2026/05/12 11:16 a.m.44 views

CVE-2026-32684

The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...

2.9CVSS0.00092EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/12 10:51 a.m.5 views

CVE-2026-32684

The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...

2.9CVSS5.8AI score0.00092EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/05/12 10:51 a.m.13 views

CVE-2026-32684

The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...

2.9CVSS5.8AI score0.00092EPSS
Exploits0References1
cve
cve
added 2026/05/12 10:51 a.m.27 views

CVE-2026-32684

Technical details are not publicly available in the provided documents. Monitor for updates.

2.9CVSS5.8AI score0.00092EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/12 10:51 a.m.65 views

CVE-2026-32684

The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...

2.9CVSS0.00092EPSS
Exploits0References1
nvd
nvd
added 2026/05/12 7:16 a.m.44 views

CVE-2026-0541

ACAP applications can gain elevated privileges due to improper input validation during the installation process, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if a...

7.3CVSS0.00096EPSS
Exploits0References1
nvd
nvd
added 2026/05/12 7:16 a.m.14 views

CVE-2026-0802

An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

7.3CVSS0.00396EPSS
Exploits0References1
cve
cve
added 2026/05/12 5:46 a.m.24 views

CVE-2026-0804

Technical details are not publicly available in the provided documents. Monitor for updates.

7.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2026/05/12 5:46 a.m.9 views

CVE-2026-0804

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6.7CVSS5.8AI score0.00128EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/12 5:46 a.m.43 views

CVE-2026-0804

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6.7CVSS0.00128EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/12 5:46 a.m.14 views

CVE-2026-0804

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6.7CVSS5.8AI score0.00128EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/05/12 5:44 a.m.59 views

CVE-2026-0802

An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6CVSS0.00396EPSS
Exploits0References1
Rows per page
Query Builder