Lucene search
K

999 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.7 views

MiracleLinux 8 : mariadb:10.11 (AXSA:2026-1201:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-1201:01 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: RHEL8tracker Rebase Galera to 26.4.27...

10CVSS6.4AI score0.00998EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/06 7:38 p.m.5 views

CVE-2026-14787

A flaw was found in radareorg radare2. A local user can exploit an integer overflow vulnerability by manipulating the cmdprint function in the libr/core/cmdprint.inc library. This manipulation causes an integer overflow, leading to a denial of service DoS...

7.8CVSS5.9AI score0.00136EPSS
Exploits1References2
NVD
NVD
added 2026/07/06 2:16 a.m.9 views

CVE-2026-14787

A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmdprint in the library libr/core/cmdprint.inc of the component pb Print Command Handler. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been made availab...

7.8CVSS0.00136EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/07/06 1:30 a.m.11 views

CVE-2026-14787

A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmdprint in the library libr/core/cmdprint.inc of the component pb Print Command Handler. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been made availab...

4.8CVSS5.5AI score0.00136EPSS
Exploits1References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.9 views

RockyLinux 9 : mariadb:10.11 (RLSA-2026:33482)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33482 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux9tracker Rebase Galera to...

10CVSS6.5AI score0.00998EPSS
Exploits0References15
CVE
CVE
added 2026/07/05 3:0 p.m.23 views

CVE-2026-14758

radareorg radare2

5.5CVSS5.6AI score0.00131EPSS
Exploits1References7Affected Software1
Rockylinux
Rockylinux
added 2026/07/05 12:5 p.m.8 views

mariadb10.11 security, bug fix, and enhancement update

An update is available for mariadb10.11. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a community developed fork from MySQL - a multi-user,...

10CVSS6.5AI score0.00998EPSS
Exploits0
OSV
OSV
added 2026/07/05 12:3 p.m.4 views

RLSA-2026:33482 Important: mariadb:10.11 security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux9tracker Rebase Galera to 26.4.27 MariaDB:10.11 JIRA:Rocky...

9.9CVSS6.4AI score0.00998EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/06/30 1:11 p.m.16 views

Important: Red Hat Security Advisory: mariadb:11.8 security, bug fix, and enhancement update

An update for the mariadb:11.8 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 12:2 p.m.8 views

RLSA-2026:33464 Important: mariadb:10.11 security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux8tracker Rebase Galera to 26.4.27 MariaDB:10.11 JIRA:Rocky...

9CVSS6.3AI score0.00998EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 1:13 p.m.3 views

OESA-2026-2729 mercurial security update

Mercurial is a free, distributed source control management tool. It efficiently handles projects of any size and offers an easy and intuitive interface. Security Fixes: A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as problematic. This vulnerability affects...

5.3CVSS3.7AI score0.00486EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 5:20 p.m.35 views

CVE-2026-49402 Deno: Command Injection via spawnSync & spawn on Windows

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:childprocess implementation provided an escapeShellArg helper used when callers passed shell: true to spawn / spawnSync / exec and friends. On Windows, the helper failed to quote arguments that contained cmd.e...

8.1CVSS0.00283EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Golang-1.19, Golang-1.23

Creating a malicious file using cmd/go can result in writing to a file controlled by an attacker, with partial control over the file’s content. The cgo pkg-config: directive in a Go source file provides command-line arguments that are passed to the Go pkg-config command. An attacker can provide a...

8.6CVSS7.1AI score0.00532EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 5:13 p.m.1 views

CVE-2026-49261 MariaDB server has unsafe parameter handling in `wsrep_notify_cmd`

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with wsrepnotifycmd enabled would execute shell commands embedded in the name of the joiner node. This is fixed in...

10CVSS6AI score0.00998EPSS
Exploits0References14
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.21 views

NSA Ghidra 参数注入漏洞

NSA Ghidra is an open-source reverse-engineering tool developed by the National Security Agency National Security Agency of the United States. Prior to version 12.1 of NSA Ghidra, there was a parameter injection vulnerability. This vulnerability stemmed from improper escaping of the ‘cmd.exe’...

8.4CVSS5.4AI score0.00503EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/09 5:13 a.m.77 views

Teldat-Router-CVE-2022-POC

Teldat Router CVE-2022-39996 & CVE-2022-39997 POC Proof of...

8CVSS5.6AI score0.00328EPSS
Exploits2
CVE
CVE
added 2026/06/05 9:49 a.m.36 views

CVE-2026-50265

CVE-2026-50265 describes a local privilege escalation in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties via the libinput-device-group helper, which can lead to root code execution (e.g., through REMOVE_CMD properties executed when a device is removed). ...

5.7AI score0.00019EPSS
Exploits0
EUVD
EUVD
added 2026/05/31 11:15 a.m.17 views

EUVD-2026-33500

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...

6.5CVSS6.3AI score0.0105EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.14 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from a parameter in the function formSysCmd, specifically the submit-url field in the file/goform/formSysCmd, which...

9CVSS7.7AI score0.00472EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.13 views

PT-2026-45193

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made...

9CVSS7.8AI score0.00472EPSS
Exploits0References6
Rows per page
Query Builder