Lucene search
K

192404 matches found

EUVD
EUVD
added 2026/03/10 6:31 p.m.4 views

EUVD-2026-10614

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.03239EPSS
Exploits3References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.6 views

EUVD-2026-10626

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network...

6.5CVSS5.9AI score0.00347EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10646

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.0037EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10608

Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack...

6.8CVSS6.2AI score0.0043EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.6 views

EUVD-2026-10522

A Stack-based Buffer Overflow vulnerability CWE-121 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0.2 through 7.0.12 may allow a remote authenticated attacker who can bypass stack protection a...

6.6CVSS6.1AI score0.00632EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.4 views

EUVD-2026-10623

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00205EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.6 views

EUVD-2026-10641

Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...

8CVSS5.9AI score0.00886EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10640

Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...

8CVSS5.9AI score0.00886EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.11 views

EUVD-2026-10570

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.02044EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.4 views

EUVD-2025-208465

PROBLEMTYPE in COMPONENT in VENDOR PRODUCT VERSION on PLATFORMS allows ATTACKER to IMPACT via VECTOR...

9.8CVSS5.8AI score0.02153EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2025-208466

PROBLEMTYPE in COMPONENT in VENDOR PRODUCT VERSION on PLATFORMS allows ATTACKER to IMPACT via VECTOR...

9.8CVSS5.8AI score0.02153EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/10 6:31 p.m.4 views

EUVD-2026-10453

SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...

5CVSS5.9AI score0.00176EPSS
Exploits0References3
OSV
OSV
added 2026/03/10 6:28 p.m.7 views

GO-2026-4594 Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (Slowloris DOS) in github.com/traefik/traefik

Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes Slowloris DOS in github.com/traefik/traefik...

7.5CVSS5.8AI score0.00539EPSS
Exploits0References4
OSV
OSV
added 2026/03/10 6:23 p.m.4 views

GHSA-PMGJ-GMM4-JH6J Craft Commerce is vulnerable to SQL Injection in Commerce Inventory Table Sorting

Summary Craft Commerce is vulnerable to SQL Injection in the inventory levels table data endpoint. The sort0direction and sort0sortField parameters are concatenated directly into an addOrderBy clause without any validation or sanitization. An authenticated attacker with access to the Commerce...

8.7CVSS6AI score0.00436EPSS
Exploits1References5
OSV
OSV
added 2026/03/10 6:18 p.m.6 views

CVE-2026-2741

Specially crafted ZIP archives can escape the intended extraction directory during Node.js download and extraction in Vaadin 14.2.0 through 14.14.0, 15.0.0 through 23.6.6, 24.0.0 through 24.9.8, and 25.0.0 through 25.0.2. Vaadin’s build process can automatically download and extract Node.js if it...

2.3CVSS5.8AI score0.00342EPSS
Exploits0References6
NVD
NVD
added 2026/03/10 6:18 p.m.3 views

CVE-2026-26130

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS0.02818EPSS
Exploits0References18
NVD
NVD
added 2026/03/10 6:18 p.m.10 views

CVE-2026-26128

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00447EPSS
Exploits1References3
NVD
NVD
added 2026/03/10 6:18 p.m.2 views

CVE-2026-26127

Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network...

7.5CVSS0.02049EPSS
Exploits0References1
OSV
OSV
added 2026/03/10 6:18 p.m.3 views

CVE-2026-26118

Server-side request forgery ssrf in Azure MCP Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.00959EPSS
Exploits0References1
NVD
NVD
added 2026/03/10 6:18 p.m.5 views

CVE-2026-26116

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.01191EPSS
Exploits0References1
Rows per page
Query Builder