Lucene search
K

420 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.2 views

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

9.8CVSS6AI score0.00401EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.5 views

Studio Fabryka DobryCMS 代码问题漏洞

Studio Fabryka DobryCMS is a content management system developed by Studio Fabryka. Versions of Studio Fabryka DobryCMS prior to version 5.0 had code vulnerabilities. These vulnerabilities stemmed from defects in the file upload functionality, which could lead to remote code execution...

9.8CVSS6.1AI score0.00536EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/26 9:56 p.m.22 views

CVE-2026-27457 Weblate: Missing access control for the AddonViewSet API exposes all addon configurations

Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's AddonViewSet weblate/api/views.py, line 2831 uses queryset = Addon.objects.all without overriding getqueryset to scope results by user permissions. This allows any authenticated user or anonymous users if REQUIRELOG...

4.3CVSS0.00303EPSS
Exploits0References6
OSV
OSV
added 2026/02/24 8:27 p.m.4 views

CVE-2026-23858

Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script Injection...

5.4CVSS5.9AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 8:27 p.m.5 views

CVE-2026-22765

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges...

8.8CVSS5.9AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/24 7:24 p.m.7 views

CVE-2026-22765

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges...

8.8CVSS5.5AI score0.00396EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

bn.js 安全漏洞

bn.js is a large number processing library developed by Fedor Indutny. Versions of bn.js prior to 5.2.3 contained security vulnerabilities. These vulnerabilities stemmed from calling maskn0 on any BN instance, which could corrupt internal state. This allowed methods like toString and divmod to...

6.9CVSS5.8AI score0.00467EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

QNAP Systems File Station 5 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. Versions of QNAP Systems File Station 5 prior to 5.5.6.5068 had a buffer error vulnerability. This vulnerability stemmed from out-of-bounds read attacks, which could lead to the...

7.1CVSS6AI score0.00336EPSS
Exploits0References2
OSV
OSV
added 2026/02/03 8:15 p.m.3 views

CVE-2026-25615

Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668...

7.2CVSS5.8AI score0.00454EPSS
Exploits1References2
CVE
CVE
added 2026/02/03 7:21 p.m.16 views

CVE-2026-25616

Blesta CVE-2026-25616 affects Blesta versions 3.x through 5.x before 5.13.3 due to mishandling of input validation (CORE-5665). Multiple sources (Red Hat, CVE listing, PacketStorm) indicate impacts include input handling defects that enable cross-site scripting in certain endpoints, with the cano...

6.1CVSS5.3AI score0.00383EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/27 3:51 p.m.5 views

CVE-2026-24872 Pointer arithmetic error in SkyFire_548

improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire548.This issue affects SkyFire548: before 5.4.8-stable5...

9.8CVSS5.3AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.5 views

CVE-2026-24381

Server-Side Request Forgery SSRF vulnerability in ThemeGoods PhotoMe photome allows Server Side Request Forgery.This issue affects PhotoMe: from n/a through 5.7.2...

5.4CVSS5.4AI score0.00141EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.8 views

CVE-2025-67952

CVE-2025-67952 is a reflected XSS in the WordPress ThemeGoods Grand Tour theme prior to version 5.6.2. The initial record confirms the vulnerability and affected version, with remediation via upgrading to 5.6.2 or later (patched). The connected sources also catalog the same CVE across multiple fe...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004297 advisory. In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka...

6.8CVSS6.6AI score0.00504EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004133)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004133 advisory. getgatepage in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting caused by gate page...

7.8CVSS7AI score0.00668EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003811)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003811 advisory. A memory leak in the mlx5fpgaconncreatecq function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause...

4.9CVSS6.4AI score0.00556EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001410)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001410 advisory. A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when...

7.8CVSS6.4AI score0.00361EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003855)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003855 advisory. There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveausgdma.c in nouveausgdmacreatettm in Nouveau DRM subsystem. The...

7.2CVSS6.8AI score0.00872EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003590 advisory. An issue was discovered in drivers/scsi/qedi/qedidbg.c in the Linux kernel before 5.1.12. In the qedidbg family of functions, there is an out-of-bounds read. Tenable...

6.7CVSS6.7AI score0.00464EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001571 advisory. In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value...

7.8CVSS6.8AI score0.00395EPSS
Exploits0References4
Rows per page
Query Builder