Lucene search
K

1086399 matches found

Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.13 views

PT-2026-50718

Name of the Vulnerable Software and Affected Versions jupyter-server versions prior to 2.20.0 Description The nbconvert HTTP handlers render user-authored notebook HTML under the Jupyter origin without a sandbox directive in their Content-Security-Policy CSP, which is a security layer that helps...

9.3CVSS6AI score0.00227EPSS
Exploits0References10
FreeBSD
FreeBSD
added 2026/06/18 12:0 a.m.4 views

ffmpeg -- Out-of-bounds write

https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/23159 reports: An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References2
CERT
CERT
added 2026/06/18 12:0 a.m.5 views

Vendor-signed UEFI applications found vulnerable to Secure Boot bypass

Overview Multiple vendor-signed UEFI applications are vulnerable to Secure Boot bypass via a "Bring Your Own Vulnerable Driver" BYOVD-style attack. If a target system trusts the affected vendor’s certificate, an attacker can exploit these applications to execute arbitrary code during the early...

8.2CVSS7.5AI score0.01036EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Siemens Ruggedcom Rox Improper Neutralization of Special Elements Used in an OS Command (CVE-2025-40947)

Affected devices do not properly sanitize user-supplied input during the feature key installation process. This could allow an authenticated remote attacker to inject arbitrary commands, resulting in remote code execution with root privileges on the underlying operating system. This plugin only...

7.7CVSS8AI score0.00442EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.4 views

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-13106)

Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

8.3CVSS7AI score0.0175EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.12 views

Oracle Linux 8 : httpd:2.4 (ELSA-2026-25090)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-25090 advisory. - Resolves: RHEL-173558 - httpd:2.4/httpd: Apache HTTP Server modproxyajp: Arbitrary code execution via heap-based buffer overflow CVE-2026-28780 - Resolves:...

9.8CVSS7.7AI score0.99999EPSS
Exploits38References2
OSV
OSV
added 2026/06/17 11:36 p.m.3 views

MINI-X6JH-2FFP-Q5P2

Bulletin has no description...

9.6CVSS4.9AI score0.00478EPSS
Exploits0
OSV
OSV
added 2026/06/17 11:24 p.m.3 views

MINI-CRPF-VV9M-JQJC

Bulletin has no description...

7.5CVSS4.8AI score0.00371EPSS
Exploits0
NVD
NVD
added 2026/06/17 11:17 p.m.9 views

CVE-2026-53676

ThingsBoard contains a prototype pollution vulnerability which may lead to arbitrary code execution within a sandboxed context by a user who can log in to the affected product with the tenant administrator privilege TENANTADMIN...

8.6CVSS0.00603EPSS
Exploits0References3
OSV
OSV
added 2026/06/17 10:55 p.m.3 views

MINI-GPW4-38V6-Q4MC

Bulletin has no description...

9.8CVSS4.9AI score0.34734EPSS
Exploits1
Cvelist
Cvelist
added 2026/06/17 10:53 p.m.24 views

CVE-2026-53676

ThingsBoard contains a prototype pollution vulnerability which may lead to arbitrary code execution within a sandboxed context by a user who can log in to the affected product with the tenant administrator privilege TENANTADMIN...

8.6CVSS0.00603EPSS
Exploits0References3
CVE
CVE
added 2026/06/17 10:53 p.m.17 views

CVE-2026-53676

Technical details for CVE-2026-53676 are not publicly provided in the supplied documents. Monitor for updates from official advisories.

8.6CVSS7.8AI score0.00603EPSS
Exploits0References3
OSV
OSV
added 2026/06/17 10:45 p.m.4 views

MINI-H3CX-G8V7-X6FX

Bulletin has no description...

7.5CVSS5AI score0.00733EPSS
Exploits0
OSV
OSV
added 2026/06/17 10:33 p.m.4 views

MINI-CCVC-V28J-3C88

Bulletin has no description...

8.8CVSS5AI score0.00221EPSS
Exploits0
OSV
OSV
added 2026/06/17 10:33 p.m.3 views

MINI-4PJG-9V86-HWQH

Bulletin has no description...

8.1CVSS4.9AI score0.00552EPSS
Exploits0
OSV
OSV
added 2026/06/17 10:30 p.m.3 views

MINI-7Q7M-P5CC-WGXX

Bulletin has no description...

7.5CVSS5AI score0.00461EPSS
Exploits0
OSV
OSV
added 2026/06/17 10:23 p.m.5 views

MAL-2026-6087 Malicious code in uol-simple-api-futebol (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 962c38ed6ec061ce6a530aeea5a960dfc2b75caec56f7a1bc648f6b6cb655271 The package's only documented function, getJogos default export, unconditionally invokes an internal helper named prepareCacheMatchs which POSTs the...

5.8AI score
Exploits0References3
NVD
NVD
added 2026/06/17 10:16 p.m.13 views

CVE-2026-12530

Improper neutralization of argument delimiters in the installpackages method in AWS Bedrock AgentCore Python SDK versions = 1.1.3 and 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments. To mitigate thi...

8.4CVSS0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 10:4 p.m.3 views

MINI-7WCJ-HQM4-GHGW

Bulletin has no description...

7.5CVSS5AI score0.00578EPSS
Exploits0
OSV
OSV
added 2026/06/17 10:3 p.m.3 views

MINI-XV6H-97VF-83F4

Bulletin has no description...

7.5CVSS4.9AI score0.00461EPSS
Exploits0
Rows per page
Query Builder