Lucene search
K

206166 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/14 6:27 p.m.3 views

CVE-2025-71164

Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...

5.4CVSS5.6AI score0.00194EPSS
Exploits1References4
Snyk
Snyk
added 2026/01/14 4:54 p.m.3 views

Arbitrary Code Injection

Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Arbitrary Code Injection in the map function, where closures and arrays are not properly checked against the allow list. Note: This is a regression of the fix to CVE-2023-2017. Remediatio...

8.8CVSS7.2AI score0.02083EPSS
Exploits2References2
Snyk
Snyk
added 2026/01/14 4:54 p.m.2 views

Arbitrary Code Injection

Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to Arbitrary Code Injection in the map function, where closures and arrays are not properly checked against the allow list. Note: This is a regression of...

8.8CVSS7.2AI score0.02083EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/01/14 10:25 a.m.5 views

CVE-2025-40942

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...

8.8CVSS7.4AI score0.00144EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/01/14 9:53 a.m.4 views

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2026/01/14 5:20 a.m.8 views

USN-7959-1: klibc vulnerabilities

It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...

9.8CVSS7.5AI score0.0595EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/14 12:36 a.m.3 views

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/14 12:26 a.m.4 views

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/01/14 12:24 a.m.3 views

SUSE CVE-2026-0891

Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

7.5CVSS5.9AI score0.00414EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2026/01/14 12:24 a.m.3 views

SUSE CVE-2026-0892

Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 147 and Thunderbird 147...

7.5CVSS5.9AI score0.00404EPSS
Exploits0References3
NVD
NVD
added 2026/01/14 12:15 a.m.3 views

CVE-2026-22686

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical sandbox escape vulnerability in enclave-vm that allows untrusted, sandboxed JavaScript code to execute arbitrary code in the host Node.js runtime. When a tool invocation fails,...

10CVSS0.00588EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2026/01/14 12:10 a.m.2 views

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.4 views

sumatrapdf 代码问题漏洞

sumatrapdf is sumatrapdfreader open source a PDF reader. sumatrapdf 3.5.2 and previous versions of the code problematic vulnerability , the vulnerability stems from the execution of notepad.exe does not specify the absolute path , which may lead to arbitrary code execution...

8.6CVSS6.2AI score0.00191EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 3 : libvorbis-1.1.2-3.3.1AXS3 (AXSA:2009-385:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-385:01 advisory. The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and...

9.3CVSS6.3AI score0.02715EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Adobe InCopy < 20.5.1 / 21.0 < 21.1.0 Arbitrary code execution (APSB26-04)

The version of Adobe InCopy installed on the remote host is prior to 20.5.1, 21.1.0. It is, therefore, affected by a vulnerability as referenced in the APSB26-04 advisory. - InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in...

7.8CVSS6.3AI score0.00186EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 4 : dbus-1.2.24-7.AXS4 (AXSA:2012-954:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-954:01 advisory. D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messagin...

6.9CVSS7.6AI score0.04514EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Adobe Illustrator < 29.8.4 / 30.0 < 30.1 Multiple Vulnerabilities (APSB26-03)

The version of Adobe Illustrator installed on the remote Windows host is prior to 29.8.4, 30.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-03 advisory. - Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability th...

8.6CVSS6.4AI score0.00221EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 3 : libvorbis-1.1.2-3.4.1AXS3 (AXSA:2009-422:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-422:02 advisory. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrat...

10CVSS8.8AI score0.05372EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 4 : libexif-0.6.21-5.AXS4 (AXSA:2012-974:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-974:01 advisory. Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you t...

7.5CVSS6.3AI score0.07557EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 3 : kernel-2.6.18-194.5.AXS3 (AXSA:2010-440:14)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-440:14 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

7.2CVSS6.9AI score0.00716EPSS
Exploits1References2
Rows per page
Query Builder