Lucene search
K

192441 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.5 views

SonicWALL SonicOS Out-of-bounds Read(CVE-2026-0402)

A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

4.9CVSS5.8AI score0.00342EPSS
Exploits0References2
Redos
Redos
added 2026/03/10 12:0 a.m.5 views

ROS-20260310-73-0015

A vulnerability in the ANGLE library of the Google Chrome browser is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.8CVSS5.7AI score0.00314EPSS
Exploits0
Redos
Redos
added 2026/03/10 12:0 a.m.7 views

ROS-20260310-73-0044

Vulnerability in python-django related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS5.8AI score0.00993EPSS
Exploits0
Redos
Redos
added 2026/03/10 12:0 a.m.5 views

ROS-20260310-73-0046

Vulnerability in python-django related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS5.8AI score0.00993EPSS
Exploits0
Redos
Redos
added 2026/03/10 12:0 a.m.3 views

ROS-20260310-73-0023

Vulnerability in coredns related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.7CVSS5.8AI score0.00412EPSS
Exploits0
EUVD
EUVD
added 2026/03/09 9:31 p.m.4 views

EUVD-2025-208453

A security vulnerability has been detected in open-webui up to 0.6.16. Affected is an unknown function of the file backend/startwindows.bat of the component JWT Key Handler. Such manipulation of the argument WEBUISECRETKEY leads to insufficiently random values. It is possible to launch the attack...

6.3CVSS5.3AI score0.00289EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/09 9:31 p.m.11 views

EUVD-2025-208452

A security vulnerability has been detected in open-webui up to 0.6.16. Affected is an unknown function of the file backend/startwindows.bat of the component JWT Key Handler. Such manipulation of the argument WEBUISECRETKEY leads to insufficiently random values. It is possible to launch the attack...

6.3CVSS5.3AI score0.00289EPSS
Exploits0References5
NVD
NVD
added 2026/03/09 9:16 p.m.6 views

CVE-2025-15603

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor explains: "The 't0p-s3cr3t' default was dead code on every supported startup path: start.sh...

0.00289EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/09 8:32 p.m.41 views

CVE-2025-15603

...

0.00289EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/09 8:32 p.m.8 views

CVE-2025-15603

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor explains: "The 't0p-s3cr3t' default was dead code on every supported startup path: start.sh, startwindows.ba...

5AI score0.00289EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/09 8:32 p.m.6 views

CVE-2025-15603

...

4.9AI score0.00289EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/09 7:54 p.m.4 views

CVE-2026-3741

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/DfriendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

5.4CVSS4.2AI score0.00196EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/09 5:24 p.m.6 views

EUVD-2026-10406

Pocket ID: OAuth redirecturi validation bypass via userinfo/host confusion...

7.1CVSS5.8AI score0.00204EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/09 4:37 p.m.123 views

challenge-yourself-level-1

Attack Path Lab !GitHubhttps://img.shields.io/badge/GitHu...

6.1AI score
Exploits0
EUVD
EUVD
added 2026/03/09 3:30 p.m.3 views

EUVD-2026-10333

Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...

5.8AI score0.00359EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/09 12:32 p.m.4 views

EUVD-2026-10336

A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=managereservation of the component Reservation Management Module. Such manipulation of the argument ID leads to cross site scripting. The attack may be...

5.4CVSS4.1AI score0.00257EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/09 12:10 p.m.32 views

CVE-2026-2261 blocklistd(8) socket leak

Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes...

0.00359EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2026/03/09 10:57 a.m.6 views

New Attack Against Wi-Fi

It's called AirSnitch: Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a client across these and higher layers, other nodes, and other network names such as SSIDs Service Set Identifiers. This cross-layer identity...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/09 10:39 a.m.3 views

CVE-2026-25604 Apache Airflow AWS Auth Manager - Host Header Injection Leading to SAML Authentication Bypass

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

5.7AI score0.00359EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/09 10:32 a.m.3 views

CVE-2026-3815

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be us...

9CVSS7.6AI score0.00787EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder