Lucene search
K

15 matches found

Cvelist
Cvelist
added 2026/06/09 7:15 p.m.36 views

CVE-2026-48306 Substance3D - Sampler | Out-of-bounds Write (CWE-787)

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00141EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/17 6:5 p.m.4 views

EUVD-2026-23462

Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an opslice network packet, the server passes an unprepared structure containing a null pointer to the SDLinfo function, resulting in a null pointer dereference an...

7.5CVSS5.7AI score0.00503EPSS
Exploits1References4
RustSec
RustSec
added 2026/03/17 12:0 p.m.9 views

Insufficient validation of PAX extensions during extraction

In versions 0.5.6 and earlier of astral-tokio-tar, malformed PAX extensions were silently skipped when parsing tar archives. This silent skipping rather than rejection of invalid PAX extensions could be used as a building block for a parser differential, for example by silently skipping a malform...

6.3CVSS5.7AI score0.00249EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/09 10:54 p.m.2 views

CVE-2026-30919 facileManager Affected by Stored Cross-Site Scripting (XSS)

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , stored XSS also known as persistent or second-order XSS occurs when an application receives data from an untrusted source and includes that data in its subsequent HTTP responses in an unsafe manner. Thi...

7.6CVSS5.8AI score0.00187EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2026/02/26 12:0 a.m.25 views

VulnCheck KEV: CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

5.4CVSS5.9AI score0.09436EPSS
In wildExploits1References3
RedhatCVE
RedhatCVE
added 2025/12/18 9:39 a.m.9 views

CVE-2025-14101

Authorization Bypass Through User-Controlled Key vulnerability in GG Soft Software Services Inc. PaperWork allows Exploitation of Trusted Identifiers.This issue affects PaperWork: from 5.2.0.9427 before 6.0...

7.1CVSS7AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/13 2:3 p.m.6 views

CVE-2025-62876

A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from the service user to root.This issue affects lightdm-kde-greeter. before 6.0.4...

5.3CVSS7.1AI score0.00129EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/02 7:47 a.m.10 views

CVE-2024-11142 CSRF in Gosoft Software's Proticaret E-Commerce

Cross-Site Request Forgery CSRF vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery. This issue affects Proticaret E-Commerce: before v6.0 NOTE: According to the vendor, fixing process is still ongoing for v4.05...

8.8CVSS5.8AI score0.00176EPSS
Exploits0References2
NCSC
NCSC
added 2025/03/25 8:41 a.m.6 views

Vulnerability fixed in NetApp SnapCenter

NetApp has fixed a vulnerability in SnapCenter Specifically for versions earlier than 6.0.1P1 and 6.1P1. The vulnerability is in the way SnapCenter handles authenticated users. This allows authenticated users to gain administrative access on remote systems equipped with the SnapCenter plug-in. Th...

9.9CVSS7AI score0.00645EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 6:50 p.m.48 views

CVE-2024-13244

CVE-2024-13244 concerns Drupal Migrate Tools, a Drupal module for migrations. Multiple sources confirm a Cross-Site Request Forgery (CSRF) vulnerability in Migrate Tools, affecting versions 0.0.0 through 6.0.2 (vulnerability before 6.0.3). The underlying issue allows an authenticated administrato...

8.8CVSS6.7AI score0.00189EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/04/01 12:0 a.m.4 views

firefly-iii 输入验证错误漏洞

firefly-iii is a free and open source personal finance manager. An input validation error vulnerability exists in firefly-iii versions prior to 6.0.0 that stems from improper input validation...

9.8CVSS6.3AI score0.00335EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/02/22 12:0 a.m.2 views

PT-2022-9421 · Npm +4 · @Braintree/Sanitize-Url +4

Name of the Vulnerable Software and Affected Versions: @braintree/sanitize-url versions prior to 6.0.0 Description: The issue is related to Cross-site Scripting XSS due to improper sanitization in the sanitizeUrl function. This allows for potential XSS attacks. Recommendations: For versions prior...

8.8CVSS8AI score0.05994EPSS
Exploits5References113
OSV
OSV
added 2019/01/16 7:30 p.m.1 views

UBUNTU-CVE-2019-2556

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

6.5CVSS6.9AI score0.00503EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2014/04/03 9:19 p.m.5 views

Drools: Remote Java Code Execution in MVEL

JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a 1 MVFLEX Expression Language MVEL or 2 Drools expression...

6.5CVSS6.2AI score0.01968EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/01/31 10:55 p.m.9 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

5CVSS6.2AI score0.0854EPSS
Exploits0References4
Rows per page
Query Builder