Lucene search
K

192420 matches found

CNNVD
CNNVD
added 2026/03/10 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.71 contained a security vulnerability. This vulnerability stemmed from excessive memory access in WebML, which could allow remote attackers to exploit heap corruption through specially crafted HT...

8.8CVSS7.3AI score0.00291EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.2 views

SonicWALL SonicOS NULL Pointer Dereference (CVE-2026-0401)

A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

4.9CVSS5.8AI score0.00342EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.5 views

SonicWALL SonicOS Out-of-bounds Read(CVE-2026-0402)

A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

4.9CVSS5.8AI score0.00342EPSS
Exploits0References2
Redos
Redos
added 2026/03/10 12:0 a.m.7 views

ROS-20260310-73-0044

Vulnerability in python-django related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS5.8AI score0.00993EPSS
Exploits0
EUVD
EUVD
added 2026/03/09 9:31 p.m.4 views

EUVD-2025-208453

A security vulnerability has been detected in open-webui up to 0.6.16. Affected is an unknown function of the file backend/startwindows.bat of the component JWT Key Handler. Such manipulation of the argument WEBUISECRETKEY leads to insufficiently random values. It is possible to launch the attack...

6.3CVSS5.3AI score0.00289EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/09 9:31 p.m.11 views

EUVD-2025-208452

A security vulnerability has been detected in open-webui up to 0.6.16. Affected is an unknown function of the file backend/startwindows.bat of the component JWT Key Handler. Such manipulation of the argument WEBUISECRETKEY leads to insufficiently random values. It is possible to launch the attack...

6.3CVSS5.3AI score0.00289EPSS
Exploits0References5
NVD
NVD
added 2026/03/09 9:16 p.m.5 views

CVE-2025-15603

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor explains: "The 't0p-s3cr3t' default was dead code on every supported startup path: start.sh...

0.00289EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/09 8:32 p.m.41 views

CVE-2025-15603

...

0.00289EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/09 8:32 p.m.8 views

CVE-2025-15603

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor explains: "The 't0p-s3cr3t' default was dead code on every supported startup path: start.sh, startwindows.ba...

5AI score0.00289EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/09 8:32 p.m.6 views

CVE-2025-15603

...

4.9AI score0.00289EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/09 7:54 p.m.4 views

CVE-2026-3741

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/DfriendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

5.4CVSS4.2AI score0.00196EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/09 5:24 p.m.6 views

EUVD-2026-10406

Pocket ID: OAuth redirecturi validation bypass via userinfo/host confusion...

7.1CVSS5.8AI score0.00204EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/09 4:37 p.m.123 views

challenge-yourself-level-1

Attack Path Lab !GitHubhttps://img.shields.io/badge/GitHu...

6.1AI score
Exploits0
EUVD
EUVD
added 2026/03/09 3:30 p.m.3 views

EUVD-2026-10333

Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...

5.8AI score0.00359EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/09 12:32 p.m.4 views

EUVD-2026-10336

A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=managereservation of the component Reservation Management Module. Such manipulation of the argument ID leads to cross site scripting. The attack may be...

5.4CVSS4.1AI score0.00257EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/09 12:10 p.m.32 views

CVE-2026-2261 blocklistd(8) socket leak

Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...

0.00359EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2026/03/09 10:57 a.m.6 views

New Attack Against Wi-Fi

It's called AirSnitch: Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a client across these and higher layers, other nodes, and other network names such as SSIDs Service Set Identifiers. This cross-layer identity...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/09 10:39 a.m.3 views

CVE-2026-25604 Apache Airflow AWS Auth Manager - Host Header Injection Leading to SAML Authentication Bypass

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

5.7AI score0.00359EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/09 10:32 a.m.3 views

CVE-2026-3815

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be us...

9CVSS7.6AI score0.00787EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/03/09 9:30 a.m.4 views

EUVD-2025-208384

In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS5.9AI score0.00563EPSS
Exploits0References2
Rows per page
Query Builder