Lucene search
K

1281 matches found

Nuclei
Nuclei
added yesterday108 views

Atom CMS v2.0 - SQL Injection

AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. id: CVE-2022-24223 info: name: Atom CMS v2.0 - SQL Injection author: theamanrawat severity: critical description: | AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php...

9.8CVSS7.1AI score0.61965EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday62 views

Atom CMS v2.0 - Cross-Site Scripting

Atom CMS v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the "A" parameter in /widgets/debug.php. id: CVE-2022-25489 info: name: Atom CMS v2.0 - Cross-Site Scripting author: theamanrawat severity: medium description: | Atom CMS v2.0 was discovered to contain ...

5.4CVSS6.2AI score0.01459EPSS
Exploits1References3
Nuclei
Nuclei
added 2 days ago83 views

Atom CMS v2.0 - Remote Code Execution

Atom CMS v2.0 was discovered to contain a remote code execution RCE vulnerability via /admin/uploads.php. id: CVE-2022-25487 info: name: Atom CMS v2.0 - Remote Code Execution author: theamanrawat severity: critical description: | Atom CMS v2.0 was discovered to contain a remote code execution RCE...

9.8CVSS7.4AI score0.54766EPSS
Exploits4References5
EUVD
EUVD
added 5 days ago16 views

EUVD-2026-34013

Tesla vulnerable to atom exhaustion via untrusted URL scheme...

8.2CVSS5.9AI score0.00301EPSS
Exploits0References5
NVD
NVD
added 2026/07/03 9:16 p.m.5 views

CVE-2026-27761

Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope...

4.3CVSS0.00367EPSS
Exploits0References4
CVE
CVE
added 2026/07/03 8:19 p.m.20 views

CVE-2026-27761

Gitea versions up to and including 1.26.2 expose private repository commit data via RSS/Atom feed endpoints by bypassing API access token scope checks. This affects feeds that do not enforce repository scope, allowing tokens without repository scope to access private data. Public references indic...

4.3CVSS7.1AI score0.00367EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 8:19 p.m.4 views

CVE-2026-27761 Gitea repository feeds bypass API token scope enforcement

Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope...

4.3CVSS7.1AI score0.00367EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/02 12:31 a.m.8 views

EUVD-2026-41219

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/02 12:31 a.m.8 views

EUVD-2026-41216

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 10:16 p.m.6 views

CVE-2026-36909

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.2CVSS0.0012EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 10:16 p.m.4 views

CVE-2026-36912

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS0.00343EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 5:48 p.m.2 views

GHSA-JR2X-6QF6-Q5MC Open Babel has uninitialized pointer dereference in MSI atom parser

Summary A memory-safety vulnerability in Open Babel's MSI parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the atom handling of the MSI reader. A malformed record caused the parser to dereference an atom pointer that had never been...

7.8CVSS7.1AI score0.00816EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.33 views

CVE-2026-36909

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 12:0 a.m.13 views

CVE-2026-36909

Summary of CVE-2026-36909 (MPC-BE): A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function in Aleksoid1978 MPC-BE prior to commit 4341cb3 allows a crafted MP4 file to trigger a Denial of Service. Affected component: MPC-BE (Aleksoid1978). Root cause: NULL pointer dereference in Get...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.38 views

CVE-2026-36912

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00343EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.11 views

PT-2026-54757

Name of the Vulnerable Software and Affected Versions Aleksoid1978 MPC-BE versions prior to commit 4341cb3 Description A NULL pointer dereference occurs in the AP4 AtomSampleTable::GetSample function. This issue allows an attacker to trigger a Denial of Service DoS by providing a specially crafte...

7.5CVSS5.9AI score0.00343EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 6:47 p.m.5 views

GHSA-4W5W-4FHM-Q483 Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge

Summary A memory-safety vulnerability in Open Babel's MOL2 file format parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in OBAtom::SetFormalCharge as called from the MOL2 parser. A malformed atom record caused the parser to call the method on a NULL...

5.5CVSS6.1AI score0.007EPSS
Exploits1References10
NVD
NVD
added 2026/06/29 8:17 p.m.7 views

CVE-2026-53426

Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx.parsedocument/2 accepts a :json, json source. In lib/mdex.ex, the private jsontonode/1 function passes the attacker-controlled nodetype value to Module.concat/1, which calls...

8.2CVSS0.00126EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 7:11 p.m.19 views

CVE-2026-53426

Summary: CVE-2026-53426 affects the MDEx JSON parser. An attacker-controlled node_type in JSON fed to MDEx.parse_document/2 causes repeated String.to_atom/1 calls via Module.concat/1, creating permanent atoms and eventually exhausting the BEAM atom table. Consequence is unauthenticated denial-of-...

8.2CVSS5.8AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/29 7:11 p.m.25 views

CVE-2026-53426 Atom-table exhaustion denial-of-service via JSON parse_document in MDEx

Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx.parsedocument/2 accepts a :json, json source. In lib/mdex.ex, the private jsontonode/1 function passes the attacker-controlled nodetype value to Module.concat/1, which calls...

8.2CVSS0.00126EPSS
Exploits0References4
Rows per page
Query Builder