Lucene search
K

192540 matches found

EUVD
EUVD
added 2026/06/02 12:31 a.m.14 views

EUVD-2026-33818

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...

5.3CVSS5.5AI score0.00222EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/02 12:31 a.m.12 views

EUVD-2026-33786

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00073EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 12:31 a.m.11 views

EUVD-2026-33778

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00075EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 12:31 a.m.11 views

EUVD-2018-21955

WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wpaskeys parameter. Attackers can send GET requests to autosuggest.php with crafted wpaskeys values to extract sensitive...

8.8CVSS6.1AI score0.00341EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/02 12:30 a.m.13 views

EUVD-2026-33856

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function syncanthropicentryfromcredentialsfile of the file agent/credentialpool.py of the component Credential Pool Synchronization. The manipulation results in improper authentication. The attack...

5.3CVSS5.6AI score0.0014EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/02 12:0 a.m.10 views

CVE-2026-10528

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

4.8CVSS5.8AI score0.00124EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Cast Streaming component’s ability to reuse resources after they were released, potentially allowing attacker...

8.8CVSS5.9AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.12 views

PT-2026-46410

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out-of-bounds read and write issue exists in the ANGLE graphics engine. This flaw allows a remote attacker to potentially perform a sandbox escape and execute code on the operating...

9.6CVSS6.1AI score0.00493EPSS
Exploits0References449
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.8 views

PT-2026-46718

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds memory access issue exists in ANGLE, a compatibility layer between OpenGL ES and native graphics APIs. This flaw allows a remote attacker to potentially perform out of...

9.6CVSS5.8AI score0.00493EPSS
Exploits0References437
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.9 views

PT-2026-46527

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read exists in the Media component. This allows an attacker located on the local network segment to perform an out of bounds memory read by sending malicious network...

9.6CVSS5.8AI score0.00985EPSS
Exploits0References434
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-46521

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient data validation in the Animation component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

9.6CVSS5.8AI score0.00493EPSS
Exploits0References437
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.9 views

PT-2026-46693

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in SVG allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is the ability to execute scripts across different origins, by usin...

9.6CVSS6.1AI score0.00985EPSS
Exploits0References434
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.13 views

SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2131-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2131-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.34 fixes various security issues The following security issues were fixed: -...

7.8CVSS5.4AI score0.03663EPSS
Exploits17References16
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.6 views

Operationalizing Cyber Attack Prediction: A Gap-Prioritized Framework with Dataset and Model Selection Guidelines

While AI and machine learning for cyber attack prediction have advanced, a critical gap persists between theoretical research and practical operational deployment. Building on Ankalaki et al. 2025, this paper provides a comprehensive analysis of 150+ benchmark datasets and 200+ studies to identif...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.13 views

PT-2026-45810

Name of the Vulnerable Software and Affected Versions Dräger Infinity M300 versions prior to VG2.3.2 Description A network-based denial of service issue exists that allows network-adjacent attackers to repeatedly trigger device reboots by sending malicious requests over the Infinity Network. This...

7.1CVSS5.5AI score0.00187EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.19 views

PT-2026-45683

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm state security mode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an...

3.1CVSS5AI score0.00224EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.16 views

PT-2026-46758

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in TabGroups allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, via malicious...

9.6CVSS5.8AI score0.00985EPSS
Exploits0References434
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.9 views

From Untrusted Input to Trusted Memory: A Systematic Study of Memory Poisoning Attacks in LLM Agents

Memory is a core component of AI agents, enabling them to accumulate knowledge across interactions and improve performance. However, persistent memory introduces the risk of memory poisoning, where a single adversarial memory write can exert long-term influence over agent behavior. We present a...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.10 views

PT-2026-45886

Name of the Vulnerable Software and Affected Versions johnhuang316 code-index-mcp versions prior to 2.14.1 Description A weakness exists in the is safe regex pattern function within the search code advanced component. A remote attacker can manipulate the regex argument to cause inefficient regula...

5.3CVSS5.6AI score0.0031EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.18 views

PT-2026-45801

NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page modules/Core/pages/profile.php processes wall post submissions and replies before verifying whether the viewer is authorized to access the profile. This allows any user with the profile.post permission to wri...

5.3CVSS5.9AI score0.00236EPSS
Exploits0References2
Rows per page
Query Builder