Lucene search
K

33930 matches found

Cvelist
Cvelist
added 2026/05/12 10:24 p.m.36 views

CVE-2026-43685

A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5...

0.00457EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 10:24 p.m.6 views

CVE-2026-43685

A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5...

6AI score0.00457EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 10:24 p.m.14 views

CVE-2026-43685

CVE-2026-43685 is a Remote Code Execution vulnerability in Claris FileMaker Cloud. An Admin Console user can inject arbitrary operating system commands via unsanitized input in the External ODBC Data Source connection test feature. The issue is fixed in FileMaker Cloud 2.22.0.5. Documents provide...

7.2CVSS6AI score0.00457EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.8 views

CVE-2026-42858

Open edX Platform enables the authoring and delivery of online learning at any scale. The syncproviderdata endpoint in SAMLProviderDataViewSet allows authenticated Enterprise Admin users to supply an arbitrary URL via the metadataurl POST parameter. This URL is passed directly to requests.get in...

9.9CVSS6AI score0.00374EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.10 views

CVE-2026-35157

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote...

9.8CVSS5.8AI score0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 8:2 p.m.31 views

CVE-2026-44225 Pulpy: Incomplete filesystem sandbox in pulpy.fs bridge allows packaged web apps to read arbitrary user files

Pulpy is a lightweight, cross-platform desktop application packager for web apps. Prior to 0.1.1, Pulpy injects a pulpy.fs JavaScript API into every packaged web application, giving it access to the host filesystem. A validateFsPath function is supposed to sandbox this access, but its blocklist i...

9.3CVSS0.00357EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.11 views

EUVD-2026-29625

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00202EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.37 views

EUVD-2026-29582

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.02117EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.9 views

EUVD-2026-29596

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.16 views

EUVD-2026-29550

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all...

9.8CVSS6AI score0.00733EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 6:17 p.m.27 views

CVE-2026-42141

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery SSRF vulnerability in the Xibo CMS allows users with Library upload permissions to make arbitrary HTTP requests fr...

7.7CVSS0.00369EPSS
Exploits1References1
NVD
NVD
added 2026/05/12 6:17 p.m.7 views

CVE-2026-35418

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00202EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 6:17 p.m.9 views

CVE-2026-34337

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00163EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 6:17 p.m.8 views

CVE-2026-33835

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.02117EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 5:49 p.m.30 views

CVE-2026-43929 ssrfcheck: Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed Inputs

ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser bui...

8.2CVSS0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:59 p.m.30 views

CVE-2026-34337 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

...

7.8CVSS0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:59 p.m.8 views

CVE-2026-34337 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:59 p.m.54 views

CVE-2026-34337

CVE-2026-34337 describes a local privilege escalation via a use-after-free in the Windows Cloud Files Mini Filter Driver. An authorized attacker could elevate privileges locally (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H; base 7.8). The connected documents confirm the vulnerability descripti...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References1Affected Software11
Cvelist
Cvelist
added 2026/05/12 4:59 p.m.31 views

CVE-2026-33835 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

...

7.8CVSS0.02117EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:59 p.m.53 views

CVE-2026-33835

Technical details about CVE-2026-33835 are not publicly provided in the connected documents. The initial description notes a use-after-free in Windows Cloud Files Mini Filter Driver with local privilege elevation, but no vendor/product/version specifics or fix details are included here. Monitor f...

7.8CVSS5.8AI score0.02117EPSS
Exploits0References1Affected Software11
Rows per page
Query Builder