Lucene search
+L

793 matches found

CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

D-Link M60 授权问题漏洞

The D-Link M60 is a wireless routing device from China-based D-Link. An authorization issue vulnerability exists in D-Link M60 version 1.20B02 and prior versions, which stems from a weak password recovery issue in the file /usr/bin/httpd, and can be exploited by an attacker to cause...

8.1CVSS6.1AI score0.01097EPSS
Exploits1References2
OSV
OSV
added 2026/04/17 3:19 p.m.7 views

JLSEC-2026-129

There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...

5.5CVSS5.8AI score0.01007EPSS
Exploits0References4
NVD
NVD
added 2026/04/13 5:16 a.m.4 views

CVE-2026-34862

Race condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect availability...

6.3CVSS0.00064EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.9 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stack overflow vulnerability exists in the Huawei HarmonyOS media platform, which can be exploited by an attacker to cause availability to be compromised...

6.5CVSS5.9AI score0.00156EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An access control vulnerability exists in the Huawei HarmonyOS memoization module, which can be exploited by an attacker to cause confidentiality and...

6.5CVSS5.8AI score0.00135EPSS
Exploits0References2
Redos
Redos
added 2026/04/03 12:0 a.m.6 views

ROS-20260403-73-0003

A vulnerability in the ksmbdsessionrpcopen function in the fs/smb/server/mgmt/usersession.c module of the Linux kernel SMB server support is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availabili...

7.8CVSS6.6AI score0.00195EPSS
Exploits0
EUVD
EUVD
added 2026/04/02 12:31 p.m.5 views

EUVD-2026-18176

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...

9.1CVSS6.1AI score0.00415EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/02 8:59 a.m.29 views

CVE-2026-33615 MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the setinfo Endpoint

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...

9.1CVSS0.00415EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/23 9:36 p.m.27 views

CVE-2026-32012

...

Exploits0
NVD
NVD
added 2026/03/19 2:16 a.m.3 views

CVE-2026-28449

OpenClaw versions prior to 2026.2.25 lack durable replay state for Nextcloud Talk webhook events, allowing valid signed webhook requests to be replayed without suppression. Attackers can capture and replay previously valid signed webhook requests to trigger duplicate inbound message processing an...

6.5CVSS0.00267EPSS
Exploits0References3
Redos
Redos
added 2026/03/19 12:0 a.m.7 views

ROS-20260319-73-0012

A vulnerability in the tagkey validation mechanism of the Fluent Bit log collection and processing tool is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity and availability of protected information...

5.4CVSS5.8AI score0.00348EPSS
Exploits0
Redos
Redos
added 2026/03/17 12:0 a.m.5 views

ROS-20260317-73-0025

A vulnerability in the cryptmessage function in the fs/smb/client/smb2ops.c module of the SMB client support module of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability...

7.8CVSS5.8AI score0.00278EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/02/11 2:34 p.m.4 views

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

7.1CVSS5.6AI score0.00101EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 2:34 p.m.3 views

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

7.1CVSS5.6AI score0.00101EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/11 2:33 p.m.6 views

CVE-2024-36320

Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability...

7CVSS5.5AI score0.00134EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 7:50 p.m.27 views

CVE-2024-36311

A Time-of-check time-of-use TOCTOU race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability...

4.6CVSS0.00121EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 7:50 p.m.14 views

CVE-2024-36311

CVE-2024-36311 describes a TOCTOU race in the SMM communications buffer that could allow a privileged attacker to bypass input validation and perform an out-of-bounds read or write, potentially impacting confidentiality, integrity, and availability. The Red Hat, NVD, CVE lists and vendor advisori...

4.6CVSS5.8AI score0.00121EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/02/09 12:0 a.m.21 views

MUZZLE: Adaptive Agentic Red-Teaming of Web Agents against Indirect Prompt Injection Attacks

Large language model LLM based web agents are increasingly deployed to automate complex online tasks by directly interacting with web sites and performing actions on users' behalf. While these agents offer powerful capabilities, their design exposes them to indirect prompt injection attacks...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

EulerOS Virtualization 2.10.0 : edk2 (EulerOS-SA-2026-1161)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an...

5.9CVSS6AI score0.0037EPSS
Exploits0References2
Redos
Redos
added 2026/01/28 12:0 a.m.6 views

ROS-20260128-73-0008

A vulnerability in the ieee802154hdrpeekaddrs function of the Linux kernel is related to buffer copying without checking the size of input data. Exploitation of the vulnerability may allow a remote attacker to affect confidentiality, integrity and availability of protected information...

5.5CVSS6.2AI score0.00184EPSS
Exploits0
Rows per page
Query Builder