Lucene search
K

120948 matches found

UbuntuCve
UbuntuCve
added 2026/04/09 5:16 p.m.4 views

CVE-2026-30479

A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...

9.1CVSS6.2AI score0.00316EPSS
Exploits0References3
NVD
NVD
added 2026/04/09 3:16 p.m.12 views

CVE-2025-70810

Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the login function and the authentication mechanism...

8.8CVSS0.00246EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/04/09 12:12 p.m.3 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.7AI score0.00537EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/09 12:12 p.m.4 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.5AI score0.00591EPSS
Exploits1References6
Rockylinux
Rockylinux
added 2026/04/09 12:7 p.m.9 views

gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

An update is available for gstreamer1-plugins-bad-free, gstreamer1-plugins-good, gstreamer1-plugins-ugly-free, gstreamer1-plugins-base. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.7AI score0.00867EPSS
Exploits0
OSV
OSV
added 2026/04/09 12:7 p.m.2 views

RLSA-2026:5913 Moderate: ncurses security update

The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo...

7.8CVSS6.1AI score0.00414EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2026/04/09 6:2 a.m.7 views

gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

An update is available for gstreamer1-plugins-bad-free, gstreamer1-plugins-good, gstreamer1-plugins-base. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStream...

8.8CVSS7.7AI score0.00867EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/04/09 6:2 a.m.5 views

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...

9.8CVSS6.6AI score0.00656EPSS
Exploits5
OSV
OSV
added 2026/04/09 6:2 a.m.8 views

RLSA-2026:6750 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS6.5AI score0.00867EPSS
Exploits0References7
OSV
OSV
added 2026/04/09 6:2 a.m.5 views

RLSA-2026:6918 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP heap-use-after-free CVE-2026-22856 freerdp: FreeRDP...

8.8CVSS6.5AI score0.00656EPSS
Exploits5References14
OSV
OSV
added 2026/04/09 6:2 a.m.6 views

RLSA-2026:6915 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via crafted swap file CVE-2026-28421 vim: Vim: Arbitrary code...

7.3CVSS6.2AI score0.01162EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/09 12:31 a.m.3 views

EUVD-2026-20773

MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...

8.5CVSS6.5AI score0.00142EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/09 12:0 a.m.1 views

CVE-2026-30479

A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...

6.3AI score0.00316EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.7 views

PT-2026-31645

A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable...

6.3AI score0.00316EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.6 views

OSGeo MapServer 安全漏洞

OSGeo MapServer is an open-source geospatial data publishing and map rendering service developed by OSGeo. Prior to OSGeo MapServer 8.0, there were security vulnerabilities; these vulnerabilities stemmed from dynamic link library injections, which could allow attackers to execute arbitrary code...

9.1CVSS6.2AI score0.00316EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 12:0 a.m.1 views

CVE-2025-70810

Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the login function and the authentication mechanism...

6.3AI score0.00246EPSS
Exploits1References4
CNVD
CNVD
added 2026/04/09 12:0 a.m.2 views

Tenda AC6 goform/QuickIndex file buffer overflow vulnerability

The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.05.16. The vulnerability stems from the parameter PPPOEPassword in the file /goform/QuickIndex that fails to properly validate the length and size of the input data...

9CVSS8.1AI score0.00773EPSS
Exploits1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

phpBB 安全漏洞

phpBB is a set of web forum software developed by Ariefibis. Version phpBB 3.3.15 has a security vulnerability, which stems from cross-site request forgery in the login function and authentication mechanism. This vulnerability could allow for the execution of arbitrary code...

8.8CVSS6AI score0.00246EPSS
Exploits1References4
CNVD
CNVD
added 2026/04/09 12:0 a.m.3 views

Fleet OS Command Injection Vulnerability

Fleet is Fleet Device Management open source a device management platform that supports a wide range of operating systems and devices to help IT and security teams with device management, vulnerability reporting, MDM and more. An operating system command injection vulnerability exists in Fleet...

9.8CVSS6AI score0.01282EPSS
Exploits0
CVE
CVE
added 2026/04/09 12:0 a.m.29 views

CVE-2025-70810

CVE-2025-70810: Cross Site Request Forgery in Phpbb phbb3 v3.3.15 allows a local attacker to execute arbitrary code via the login function and authentication mechanism. Documented by Red Hat, NVD and CVE lists; CVSS v3.1 base score 8.8 (HIGH) with network attack vector, low attack complexity, no ...

8.8CVSS6.3AI score0.00246EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder