Lucene search
K

10329 matches found

EUVD
EUVD
added 11 hours ago4 views

EUVD-2026-43541

Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.3CVSS7.2AI score
Exploits0References2
CVE
CVE
added last week56 views

CVE-2026-28378

The CVE-2026-28378 entry describes a vulnerability in Grafana where the public dashboard deletion endpoint does not enforce organization isolation. An Org Admin in one organization can delete public dashboards belonging to another organization by supplying the target dashboard identifiers. Impact...

3.1CVSS5.9AI score0.00136EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.7 views

PT-2026-56036

Name of the Vulnerable Software and Affected Versions FOSSBilling versions prior to 0.8.0 Description Low-privileged staff accounts can perform unauthorized actions through admin API endpoints. This issue stems from the can always access module flag, which grants all staff access to specific...

8.7CVSS6AI score0.00226EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.7 views

CVE-2026-22555

Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...

8.1CVSS5.9AI score0.00304EPSS
Exploits0References5
NVD
NVD
added 2026/07/03 8:16 p.m.11 views

CVE-2026-14605

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1ccan.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach...

8.5CVSS0.00141EPSS
Exploits0References6
NVD
NVD
added 2026/07/03 8:16 p.m.8 views

CVE-2026-14606

A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CANReceive in the library bsp/synwit/libraries/SWM341CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The...

8.5CVSS0.00141EPSS
Exploits0References6
CVE
CVE
added 2026/07/03 7:30 p.m.17 views

CVE-2026-14606

CVE-2026-14606 affects RT-Thread up to version 5.0.2, specifically the CAN_Receive function in SWM341 CAN Handler (SWM341.h in bsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport). The issue is a stack-based buffer overflow triggered by manipulating the function, with local access required. The v...

8.5CVSS7.2AI score0.00141EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/03 7:30 p.m.9 views

EUVD-2026-41563

A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CANReceive in the library bsp/synwit/libraries/SWM341CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The...

8.5CVSS7.2AI score0.00141EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/03 7:30 p.m.40 views

CVE-2026-14606 RT-Thread SWM341 CAN SWM341.h CAN_Receive stack-based overflow

A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CANReceive in the library bsp/synwit/libraries/SWM341CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The...

8.5CVSS0.00141EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/03 7:15 p.m.8 views

EUVD-2026-41562

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1ccan.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/03 7:15 p.m.40 views

CVE-2026-14605 RT-Thread ls1c CAN ls1c_can.h recvmsg stack-based overflow

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1ccan.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach...

8.5CVSS0.00141EPSS
Exploits0References6
CVE
CVE
added 2026/07/03 7:15 p.m.20 views

CVE-2026-14605

CVE-2026-14605 affects RT-Thread up to 5.0.2. The vulnerability is in the function recvmsg within bsp/loongson/ls1cdev/libraries/ls1c_can.h of the ls1c CAN Handler . It enables a stack-based buffer overflow when processing input, with local access required to exploit. Public exploit code exists. ...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55579

Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow exists in the recvmsg function within the bsp/loongson/ls1cdev/libraries/ls1c can.h library of the ls1c CAN Handler component. This issue requires local access to be...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.18 views

PT-2026-55580

Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow occurs in the SWM341 CAN Handler component within the CAN Receive function located in the bsp/synwit/libraries/SWM341 CSL/CMSIS/DeviceSupport/SWM341.h library. This...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References11
OSV
OSV
added 2026/07/01 2:16 p.m.4 views

UBUNTU-CVE-2026-53326

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...

5.7AI score0.00172EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/28 11:0 a.m.8 views

EUVD-2026-39990

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS5.4AI score0.00309EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/28 11:0 a.m.10 views

CVE-2026-13490

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS5.4AI score0.00309EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.10 views

EulerOS 2.0 SP15 : kernel (EulerOS-SA-2026-2444)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 bpf: Fix undefined behavior in interpreter sdiv/smod for INTMINCVE-2026-31525...

9.8CVSS7AI score0.96267EPSS
Exploits232References84
Cvelist
Cvelist
added 2026/06/26 4:23 p.m.37 views

CVE-2026-28385 SSRF via image import from URL allows internal network probing by authenticated users

In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...

5CVSS0.0017EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/26 4:23 p.m.7 views

EUVD-2026-39805

In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...

5CVSS5.8AI score0.0017EPSS
Exploits1References2
Rows per page
Query Builder