Lucene search
K

456798 matches found

EUVD
EUVD
added 2026/06/24 11:12 a.m.5 views

EUVD-2026-38736

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

2CVSS5.8AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 11:12 a.m.31 views

CVE-2026-13140 Stored Cross-Site Scripting in Canarytokens.org

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

2CVSS0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 11:12 a.m.5 views

CVE-2026-13140

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

2CVSS5.8AI score0.00185EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/24 10:45 a.m.6 views

EUVD-2026-38735

Server-Side Request Forgery SSRF CWE-918 in the PDF generation endpoint GET /api/reports/id/pdf backend/main.py in ccyl13 Pentestify 1.0.0 and lower allows remote attackers to make the server issue requests to arbitrary internal or external URLs, including cloud metadata services, and return the...

6.9CVSS6.1AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 10:45 a.m.32 views

CVE-2026-13150 SSRF in Pentestify PDF generation endpoint via Host header

Server-Side Request Forgery SSRF CWE-918 in the PDF generation endpoint GET /api/reports/id/pdf backend/main.py in ccyl13 Pentestify 1.0.0 and lower allows remote attackers to make the server issue requests to arbitrary internal or external URLs, including cloud metadata services, and return the...

6.9CVSS0.00292EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 10:45 a.m.6 views

CVE-2026-13150

Server-Side Request Forgery SSRF CWE-918 in the PDF generation endpoint GET /api/reports/id/pdf backend/main.py in ccyl13 Pentestify 1.0.0 and lower allows remote attackers to make the server issue requests to arbitrary internal or external URLs, including cloud metadata services, and return the...

6.9CVSS6.1AI score0.00292EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 10:45 a.m.10 views

CVE-2026-13150

CVE-2026-13150 describes an SSRF in the PDF generation endpoint of ccyl13 Pentestify 1.0.0 and earlier. The vulnerability arises because GET /api/reports/{id}/pdf builds the target URL from request.base_url without validation, enabling remote attackers to cause the server to fetch arbitrary inter...

6.9CVSS6.1AI score0.00292EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

7.8CVSS6.2AI score0.00161EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS5.7AI score0.00154EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS5.7AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 10:35 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS5.7AI score0.0014EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 10:17 a.m.11 views

CVE-2026-11968

Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...

5.5CVSS0.00124EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 10:8 a.m.4 views

RHSA-2026:28911 Red Hat Security Advisory: coreutils security update

Bulletin has no description...

4.4CVSS5.8AI score0.00215EPSS
Exploits0References9
OSV
OSV
added 2026/06/24 10:8 a.m.4 views

RHSA-2026:28581 Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update

Bulletin has no description...

7.1CVSS5.7AI score0.0029EPSS
Exploits1References18
OSV
OSV
added 2026/06/24 10:8 a.m.4 views

RHSA-2026:28553 Red Hat Security Advisory: vim security update

Bulletin has no description...

7.3CVSS5.7AI score0.00501EPSS
Exploits0References10
Rows per page
Query Builder