Lucene search
K

1086800 matches found

EUVD
EUVD
added 2026/06/09 8:33 p.m.10 views

EUVD-2026-35833

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim...

8.4CVSS6.2AI score0.07535EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 8:33 p.m.34 views

CVE-2026-47928 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS0.08871EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 8:33 p.m.6 views

CVE-2026-47928 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.2AI score0.08871EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 8:33 p.m.42 views

CVE-2026-47928

CVE-2026-47928 affects ColdFusion versions 2023.19, 2025.8 and earlier. The issue is an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user . Exploitation is possible without user interaction, and the document set notes a scope chan...

10CVSS6.2AI score0.08871EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/09 8:33 p.m.11 views

EUVD-2026-35830

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.2AI score0.08871EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 8:33 p.m.37 views

CVE-2026-47931 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. An attacker with high privileges could exploit this vulnerability to execute arbitrary code. Exploitation of...

8.4CVSS0.00555EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 8:33 p.m.18 views

CVE-2026-47931

This CVE affects Adobe ColdFusion versions 2023.19, 2025.8 and earlier. It is caused by improper input validation that could allow arbitrary code execution in the context of the current user, with exploitation not requiring user interaction. The connected advisories indicate updates have been rel...

9.1CVSS6.5AI score0.00555EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/09 8:33 p.m.22 views

EUVD-2026-35829

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

8.4CVSS6.2AI score0.00555EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 8:33 p.m.8 views

CVE-2026-47931 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. An attacker with high privileges could exploit this vulnerability to execute arbitrary code. Exploitation of...

8.4CVSS6.5AI score0.00555EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 8:29 p.m.4 views

MAL-2026-5469 Malicious code in getd-transactional-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe5e89f2411faf9265508a84772d5667bb3095cf28937bb9e9ab80a215ff4208 On npm install, postinstall.js issues an HTTPS GET to https://webhook.site/18dc4281-d366-438a-9186-76fbcd56ade5 carrying os.hostname,...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/09 8:29 p.m.10 views

MAL-2026-5471 Malicious code in getd-ui-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcdbf66757b102ed524f01c498adae819b02968aa455f57316f4e08af1fb9ea0 On npm install, postinstall.js runs unconditionally scripts.postinstall = 'node postinstall.js' and sends an HTTPS GET to a hardcoded webhook.site UR...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:25 p.m.11 views

Malicious code in getd-web-corporativa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6751d3ca04c2ae596f7e809e339770edaed576060d361c061311960b0a3a7033 On npm install, postinstall.js performs an HTTPS GET to a hardcoded webhook.site receiver, leaking the installer's hostname, OS username, platform,...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/09 8:25 p.m.10 views

MAL-2026-5472 Malicious code in getd-web-corporativa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6751d3ca04c2ae596f7e809e339770edaed576060d361c061311960b0a3a7033 On npm install, postinstall.js performs an HTTPS GET to a hardcoded webhook.site receiver, leaking the installer's hostname, OS username, platform,...

5.5AI score
Exploits0References1
Snyk
Snyk
added 2026/06/09 8:24 p.m.6 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the FTS5 extension when processing a crafted database containing malformed FTS5 page data. An attacker can cause process crashes, memory exhaustion, or execute arbitrary code by supplying a specially...

8.5CVSS6.2AI score0.00175EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:21 p.m.12 views

Malicious code in ipy-rev-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 591a0d253aee02115544f9bcac7609e62d8c18a9ac60cc4967d7d6e8c7f7d555 On npm install, index.js runs as a preinstall hook and POSTs hostname, username, platform, architecture, cwd, CI flags, and npm user-agent to...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/06/09 8:18 p.m.10 views

MAL-2026-5464 Malicious code in db-xorma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1428486c71a3cd7d89ea90a17631bb5dc0fee7e11a6cbb4d8029a8b25268c7d2 db-xorma advertises itself as a reactive in-memory database library. When a consumer creates any Model instance the documented entry point, the...

6.2AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:18 p.m.17 views

Malicious code in db-xorma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1428486c71a3cd7d89ea90a17631bb5dc0fee7e11a6cbb4d8029a8b25268c7d2 db-xorma advertises itself as a reactive in-memory database library. When a consumer creates any Model instance the documented entry point, the...

6.2AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:18 p.m.8 views

Malicious code in db-dx-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f9125a23bf19f9f20f101c2db4888d121e6bd931fcb9933ef0e4f899c3759 The package name db-dx-connector inverts the word order of the legitimate dx-db-connector package whose own GitHub URL...

6.1AI score
Exploits0References4
OSV
OSV
added 2026/06/09 8:18 p.m.10 views

MAL-2026-5463 Malicious code in db-dx-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f9125a23bf19f9f20f101c2db4888d121e6bd931fcb9933ef0e4f899c3759 The package name db-dx-connector inverts the word order of the legitimate dx-db-connector package whose own GitHub URL...

6.1AI score
Exploits0References4
GithubExploit
GithubExploit
added 2026/06/09 8:17 p.m.103 views

Exploit for Integer Overflow or Wraparound in Google Android

CVE-2025-48595 - Android Framework Integer Overflow Vulnerabil...

8.4CVSS6.1AI score0.01714EPSS
Exploits1
Rows per page
Query Builder