Lucene search
K

1000 matches found

EUVD
EUVD
added 2 days ago4 views

EUVD-2026-43541

Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.3CVSS7.2AI score0.00142EPSS
Exploits0References2
NVD
NVD
added 3 days ago3 views

CVE-2026-15684

Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.3CVSS0.00142EPSS
Exploits0References1
CVE
CVE
added 3 days ago7 views

CVE-2026-15684

CVE-2026-15684 affects Glarysoft Glary Utilities. The flaw resides in the Disk Clean functionality, where an attacker who can run low-privileged code can abuse a folder junction to delete arbitrary files, enabling a local privilege escalation to SYSTEM and potential arbitrary code execution. The ...

7.3CVSS7.2AI score0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-15684 Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability

Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.3CVSS0.00142EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43090

vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions:...

6.1AI score0.00392EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-43048

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1...

6.1AI score0.00181EPSS
Exploits0References2
NVD
NVD
added 6 days ago6 views

CVE-2026-15087

vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions:...

5.9CVSS0.00392EPSS
Exploits0References1
NVD
NVD
added 6 days ago3 views

CVE-2026-10770

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Reflected XSS. This issue affects Anti-Spam by CleanTalk versions: from 0.0.0 to 9.7.1...

6.1CVSS0.00181EPSS
Exploits0References1
CVE
CVE
added 6 days ago8 views

CVE-2026-15087

CVE-2026-15087 concerns Drupal Clean RESTful. Connected PT-2026-56667 confirms affected versions are Drupal Clean RESTful versions *, i.e., all versions, but details on the exact vulnerability, root cause, exploitability, or fixes are not provided in the connected documents. The related Drupal SA...

5.9CVSS6.1AI score0.00392EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-15087 Clean RESTful - Critical - Unsupported - SA-CONTRIB-2026-078

vulnerability in Drupal Clean RESTful allows . This issue affects Clean RESTful versions:...

0.00392EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-57873

Name of the Vulnerable Software and Affected Versions Glarysoft Glary Utilities affected versions not specified Description A local privilege escalation flaw exists in the Disk Clean functionality. An attacker with low-privileged code execution capabilities on the target system can create a...

7.3CVSS7.4AI score0.00142EPSS
Exploits0References3
NVD
NVD
added 2026/07/07 9:17 p.m.10 views

CVE-2026-58469

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS0.00351EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/07 7:43 p.m.6 views

CVE-2026-58469

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS6.2AI score0.00351EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 12:0 a.m.2 views

OPENSUSE-SU-2026:11191-1 python313-lxml_html_clean-0.4.5-1.1 on GA media

These are all security issues fixed in the python313-lxmlhtmlclean-0.4.5-1.1 package on the GA media of openSUSE Tumbleweed...

5.9AI score
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 8:35 p.m.36 views

CVE-2026-58263 Jodit Editor: Mutation XSS in jodit clean-html via a MathML/style rawtext carrier

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.28, the built-in clean-html sanitizer can be bypassed by a MathML/ carrier that hides a dangerous element from the sanitizer's element walk, so a no-interaction event...

7.2CVSS0.00179EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 8:35 p.m.20 views

CVE-2026-58263

CVE-2026-58263 affects Jodit Editor prior to 4.12.28. The built‑in clean-html sanitizer can be bypassed via a MathML/ carrier, allowing a no‑interaction event handler (e.g., onload) to survive in the editor value. When attacker‑supplied HTML is rendered (element.innerHTML = editor.value), the han...

7.2CVSS5.7AI score0.00179EPSS
Exploits0References1
Fedora
Fedora
added 2026/07/01 1:22 a.m.13 views

[SECURITY] Fedora 43 Update: vmod-querystring-2.0.3-11.fc43

The purpose of this module is to give you a fine-grained control over a URL's query-string in Varnish Cache. It's possible to remove the query-string, clean it, sort its parameters or filter it to only keep a subset of them. This can greatly improve your hit ratio and efficiency with Varnish,...

5.6AI score
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: btrfssetheadergeneration must not be moved to after cleantreeblock, because cleantreeblock calls btrfsheadergeneration from commit 55c69072d6bd5be1 “Btrfs: Fix extentbuffer usage when nodesize != leafsize”. In...

5.7AI score0.002EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.17 views

PT-2026-50725

Name of the Vulnerable Software and Affected Versions Kirby versions prior to 4.9.4 Kirby versions prior to 5.4.4 Description Kirby sites with the content.fileRedirects option enabled allow unauthenticated users to access clean file URLs for files stored in top-level draft pages. The system...

6.3CVSS5.9AI score0.00312EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/17 6:35 p.m.12 views

EUVD-2026-37629

Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...

8.2CVSS5.3AI score0.00261EPSS
Exploits0References2
Rows per page
Query Builder