Lucene search
K

3010228 matches found

Wolfi
Wolfi
added 17 minutes ago2 views

CVE-2026-12151 vulnerabilities

Vulnerabilities for packages: npm, code-server...

7.5CVSS5.8AI score0.00284EPSS
Exploits0
Wolfi
Wolfi
added 17 minutes ago1 views

CVE-2026-6734 vulnerabilities

Vulnerabilities for packages: code-server...

7.5CVSS5.8AI score0.00147EPSS
Exploits0
NVD
NVD
added 21 minutes ago2 views

CVE-2026-44274

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

7.8CVSS
Exploits0References1
NVD
NVD
added 21 minutes ago1 views

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS
Exploits0References1
NVD
NVD
added 21 minutes ago1 views

CVE-2026-44271

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...

8.1CVSS
Exploits0References1
NVD
NVD
added 21 minutes ago1 views

CVE-2026-44272

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...

8.8CVSS
Exploits0References1
Github Security Blog
Github Security Blog
added 38 minutes ago0 views

OpenAM has LDAP Injection via `_queryId` Parameter

OpenAM Open Identity Platform is an open-source IAM platform providing SSO, OAuth2, SAML, and OpenID Connect capabilities. The CREST REST API layer exposes user query endpoints under /json/realm/users. In IdentityResourceV1.queryCollection, the HTTP query parameter queryId is passed to a CrestQue...

7.5CVSS0.76385EPSS
Exploits5References4Affected Software1
OSV
OSV
added 40 minutes ago0 views

GHSA-95PQ-HR8P-F5G7 ComfyUI-Manager has an Unprotected Alternate Channel (CWE-420)

Impact An Unprotected Alternate Channel CWE-420 vulnerability was discovered in ComfyUI-Manager versions prior to 3.38. Vulnerability Details In affected versions, ComfyUI-Manager stored its configuration in the user/default/ComfyUI-Manager/ directory, which was accessible via ComfyUI's web APIs...

7.5CVSS5.9AI score0.01361EPSS
Exploits3References5
Github Security Blog
Github Security Blog
added 40 minutes ago0 views

ComfyUI-Manager has an Unprotected Alternate Channel (CWE-420)

Impact An Unprotected Alternate Channel CWE-420 vulnerability was discovered in ComfyUI-Manager versions prior to 3.38. Vulnerability Details In affected versions, ComfyUI-Manager stored its configuration in the user/default/ComfyUI-Manager/ directory, which was accessible via ComfyUI's web APIs...

7.5CVSS0.01361EPSS
Exploits3References5Affected Software1
RedHat Linux
RedHat Linux
added 42 minutes ago1 views

Moderate: Red Hat Security Advisory: crun security update

An update for crun is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

7.8CVSS0.00159EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 42 minutes ago1 views

crun: crun: Privilege escalation due to incorrect parsing of the `--user` option

A flaw was found in crun, an open-source OCI Container Runtime. A local user can exploit this vulnerability due to incorrect parsing of the --user option when using crun exec. The value 1 is misinterpreted as root privileges User ID 0 and Group ID 0 instead of the intended User ID 1 and Group ID ...

7.8CVSS0.00159EPSS
Exploits1References7
OSV
OSV
added 44 minutes ago1 views

GHSA-WF69-R4MX-43RR AVideo Vulnerable to Unauthenticated .env File Exposure via Official Docker Compose Configuration

Vulnerability Details CWE: CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory The official docker-compose.yml line 61 mounts the entire project root directory as the Apache document root: yaml volumes: - "./:/var/www/html/AVideo" This causes the .env file —...

7.5CVSS
Exploits0References3
RedhatCVE
RedhatCVE
added 1 hour ago0 views

CVE-2026-56411

A flaw was found in libexpat, a software library used for parsing XML Extensible Markup Language documents. An attacker could exploit an integer overflow vulnerability in the xmlwf utility by crafting malicious NOTATION declarations. This could lead to the disclosure of sensitive information or...

6.9CVSS
Exploits0References4
Circl
Circl
added 1 hour ago2 views

CVE-2026-12249

creationtimestamp| type| source ---|---|--- 2026-06-22 19:32:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3movmu4ylmw2q...

9.5CVSS5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 1 hour ago0 views

CVE-2026-56405

A flaw was found in libexpat. An integer overflow vulnerability exists within the getAttributeId function. This flaw could allow an attacker to potentially disclose sensitive information or execute arbitrary code, leading to a compromise of the system's integrity and confidentiality. Mitigation T...

6.9CVSS
Exploits0References4
RedhatCVE
RedhatCVE
added 1 hour ago0 views

CVE-2026-56403

A flaw was found in libexpat. An integer overflow vulnerability exists in the storeAtts function. This flaw could allow an attacker to corrupt memory, leading to a denial of service, information disclosure, or potentially arbitrary code execution, compromising the integrity and confidentiality of...

6.9CVSS
Exploits0References4
RedhatCVE
RedhatCVE
added 1 hour ago0 views

CVE-2026-8358

A heap-based buffer overflow vulnerability was discovered in LibreOffice Calc's spreadsheet importer. When processing tracked changes from a spreadsheet document, the application fails to properly handle duplicate change identifiers. By reusing the same change identifier for two distinct types of...

6.9CVSS0.00131EPSS
Exploits0References4
Circl
Circl
added 1 hour ago2 views

CVE-2026-41049

creationtimestamp| type| source ---|---|--- 2026-06-22 19:28:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3movmnfwkqp2h...

8.4CVSS5.8AI score
Exploits0References1
Circl
Circl
added 1 hour ago2 views

CVE-2026-12628

creationtimestamp| type| source ---|---|--- 2026-06-22 19:25:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3movmhgpqdw2r...

8.1CVSS5.8AI score
Exploits0References1
Circl
Circl
added 1 hour ago3 views

CVE-2026-48867

creationtimestamp| type| source ---|---|--- 2026-06-22 19:18:08+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3movm2czvz423...

7.1CVSS5.8AI score0.00175EPSS
Exploits1References1
Rows per page
Query Builder