Lucene search
K

13994 matches found

EUVD
EUVD
added 2026/07/03 8:36 p.m.7 views

EUVD-2026-41600

A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...

8.8CVSS7.7AI score0.00397EPSS
Exploits1References1
CVE
CVE
added 2026/07/03 6:17 a.m.24 views

CVE-2026-9080

CVE-2026-9080 is a use-after-free in libcurl triggered when curl_easy_pause() is called from the event-based CURLMOPT_SOCKETFUNCTION callback. The underlying issue is a freed mev_sh_entry pointer being used to update tracing fields, potentially allowing DoS or code execution paths. Affected softw...

7.3CVSS5.9AI score0.00494EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55524

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions 1.26.0 and later Description The backend /services/request-service RPC accepts a URL controlled by an attacker from any client connected to the standard /services messaging endpoint. The server performs the HTTP request...

8.5CVSS6.1AI score0.00297EPSS
Exploits0References7
CVE
CVE
added 2026/07/02 7:39 p.m.14 views

CVE-2026-58580

LobeChat up to version 2.2.9 is affected by broken object-level authorization in MessageModel. An authenticated user who knows another user’s non-enumerable message identifier can overwrite that victim’s plugin tool‑call metadata, plugin state/error, and TTS/translation records via tRPC message p...

6CVSS5.8AI score0.00154EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 7:37 p.m.4 views

GHSA-C8W6-X74F-VMG3 zebrad vulnerable to full node denial of service via crafted Sapling receiver in z_listunifiedreceivers

Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your zebrad.toml sets rpc.listenaddr to a TCP address RPC server is enabled. 3. An attacker can authenticate to the RPC endpoint. With the default enablecookieauth = true, this requires the attacker to read the...

6.5CVSS5.8AI score
Exploits0References4
EUVD
EUVD
added 2026/07/02 5:5 p.m.10 views

EUVD-2024-55647

Landray OA contains an unauthenticated HQL injection vulnerability that allows unauthenticated attackers to query arbitrary Hibernate entity classes by injecting malicious HQL syntax into the uid POST parameter of the wechatLoginHelper.do endpoint. Attackers can exploit the lack of input...

8.7CVSS6.2AI score0.00564EPSS
Exploits0References4
CVE
CVE
added 2026/07/02 5:35 a.m.19 views

CVE-2026-14249

The CVE refers to the WordPress plugin “Request a Quote” (versions up to and including 2.5.5). The vulnerability is a Code Injection via the emd_delete_file AJAX action. The handler derives a PHP function name from attacker-controlled $_POST['path'] and invokes it dynamically through a variable-f...

7.5CVSS6AI score0.00333EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/02 12:0 a.m.35 views

CVE-2026-38972

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibraryL"MSFTEDIT.DLL" with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or...

0.00149EPSS
Exploits1References3
OSV
OSV
added 2026/07/02 12:0 a.m.6 views

UBUNTU-CVE-2026-53355

In the Linux kernel, the following vulnerability has been resolved: net: rds: clear isends on setup unwind The RDS IB connection teardown path is written so it can run during partial startup and on repeated shutdown attempts. It uses NULL pointers to distinguish resources that are still owned fro...

5.7AI score0.00164EPSS
Exploits0References11
NVD
NVD
added 2026/07/01 5:16 p.m.7 views

CVE-2026-34111

Guardian language-system passes the id GET parameter directly into a PHP exec call in speechmactext.php line 18 without sanitization: exec"php jobs/speechaudiomactext.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS0.00549EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 4:24 p.m.7 views

EUVD-2026-41076

Guardian language-system passes the id GET parameter directly into a PHP exec call in texttosubtitles.php line 19 without sanitization: exec"php jobs/texttosubtitles.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 4:23 p.m.7 views

EUVD-2026-41075

Guardian language-system passes the id GET parameter directly into a PHP exec call in transcribe.php line 15 without sanitization: exec"php jobs/transcribe.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00549EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 4:22 p.m.7 views

EUVD-2026-41074

Guardian language-system passes the id GET parameter directly into a PHP exec call in transcribeamazon.php line 15 without sanitization: exec"php jobs/transcribeamazon.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:22 p.m.4 views

CVE-2026-34115

Guardian language-system passes the id GET parameter directly into a PHP exec call in transcribeamazon.php line 15 without sanitization: exec"php jobs/transcribeamazon.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:20 p.m.5 views

CVE-2026-34112

Guardian language-system passes the id GET parameter directly into a PHP exec call in speechmac.php line 18 without sanitization: exec"php jobs/speechaudiomac.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 4:16 p.m.7 views

EUVD-2026-41063

Guardian language-system passes the id GET parameter directly into a PHP exec call in subtitles.php line 19 without sanitization: exec"php jobs/subtitlerendering.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.0068EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.5 views

CVE-2026-53351

In the Linux kernel, the following vulnerability has been resolved: riscv/ptrace: Use USERREGSETNOTETYPE for REGSETCFI Fixes a warning while dumping core: 54983.546369 C7 WARNING: !notename fs/binfmtelf.c:1771 at elfcoredump+0x910/0xf68, CPU7: abort01/31982...

5.7AI score0.00145EPSS
Exploits0
NVD
NVD
added 2026/07/01 7:16 a.m.9 views

CVE-2026-11568

The Product Configurator for WooCommerce WordPress plugin before 1.7.3 does not perform any authorisation or post-status check before returning WooCommerce product data through a public AJAX action, allowing unauthenticated users to retrieve the data title, price, weight, stock status, and...

7.5CVSS0.00284EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 5:16 a.m.7 views

CVE-2026-12923

The Youtube Showcase plugin for WordPress is vulnerable to Arbitrary Function Call in versions up to and including 4.0.3. This is due to insufficient validation of the 'path' parameter in the emddeletefile AJAX handler in includes/common-functions.php. The user-supplied value is passed through...

7.5CVSS0.00319EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/01 3:43 a.m.34 views

CVE-2026-12923 Video Gallery <= 4.0.3 - Authenticated (Subscriber+) Arbitrary Function Call via 'path' Parameter

The Youtube Showcase plugin for WordPress is vulnerable to Arbitrary Function Call in versions up to and including 4.0.3. This is due to insufficient validation of the 'path' parameter in the emddeletefile AJAX handler in includes/common-functions.php. The user-supplied value is passed through...

7.5CVSS0.00319EPSS
Exploits0References5
Rows per page
Query Builder