Lucene search
K

643 matches found

NVD
NVD
added 2026/06/12 10:16 p.m.16 views

CVE-2025-7010

Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, an...

5.5CVSS0.00113EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 10:16 p.m.16 views

CVE-2025-7011

Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus ...

7.8CVSS0.00146EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 10:16 p.m.14 views

CVE-2025-7019

Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus...

5.5CVSS0.00113EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 10:16 p.m.13 views

CVE-2025-7004

Heap buffer out-of-bounds write vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus ...

7.8CVSS0.00146EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 10:16 p.m.14 views

CVE-2025-7008

Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast...

7.8CVSS0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 10:11 p.m.9 views

CVE-2025-7010 Avast antivirus stack overflow when scanning a malformed PDF file

Stack overflow vulnerability due to uncontrolled recursion in Avast Antivirus when scanning a malformed PDF file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, an...

5.5CVSS5.5AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 10:11 p.m.20 views

CVE-2025-7010

CVE-2025-7010 describes a stack overflow vulnerability (uncontrolled recursion) in Avast’s scanning engine when processing a malformed PDF, leading to Denial‑of‑Service of the antivirus process. Affected products include Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Busin...

5.5CVSS5.5AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 10:10 p.m.19 views

CVE-2025-7009

The CVE-2025-7009 issue is a heap buffer out-of-bounds read in the Avast/Gen Digital scanning engine when processing malformed Windows PE files. Affected products include Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux, for vi...

7.8CVSS5.7AI score0.00146EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 10:9 p.m.22 views

CVE-2025-7008

CVE-2025-7008 describes a heap buffer out-of-bounds read in Gen Digital antivirus engines ( Avast Antivirus, AVG, Norton, Avast One/Business) when scanning malformed Windows PE files containing .NET metadata. Root cause: heap OOB read in the scanning logic when processing such PE files; impact in...

7.8CVSS5.7AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 10:7 p.m.34 views

CVE-2025-7005 Avast antivirus infinite recursion when scanning a malformed PE file

Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for vir...

5.5CVSS0.00111EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 10:7 p.m.8 views

CVE-2025-7005 Avast antivirus infinite recursion when scanning a malformed PE file

Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for vir...

5.5CVSS5.3AI score0.00111EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 9:16 p.m.14 views

CVE-2026-54362

An incorrect visibility condition in the MISP event template builder allowed authenticated non-site-admin users to view galaxies that should not have been visible to their organisation. The custom access-control condition intended to restrict galaxies to those owned by the user’s organisation or...

5.3CVSS0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 8:8 p.m.8 views

CVE-2026-54362 MISP template builder exposes non-visible custom galaxies across organisations

An incorrect visibility condition in the MISP event template builder allowed authenticated non-site-admin users to view galaxies that should not have been visible to their organisation. The custom access-control condition intended to restrict galaxies to those owned by the user’s organisation or...

5.3CVSS5.3AI score0.00207EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 8:8 p.m.9 views

GHSA-PJPJ-V387-X4VQ TYPO3 CMS has Broken Access Control in its Form Framework

Problem Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing...

7.6CVSS6.2AI score0.00238EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/12 7:32 p.m.11 views

EUVD-2026-35402

TYPO3 CMS has Privilege Escalation & SQL Injection in its Form Framework...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/12 7:32 p.m.5 views

Missing Authorization

Overview typo3/cms-form is a Form Library, Plugin and Editor Affected versions of this package are vulnerable to Missing Authorization via the upload for form definition files with mixed-case extensions. An attacker can escalate privileges by uploading maliciously crafted files that execute...

8.8CVSS6.1AI score0.00253EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/12 7:32 p.m.5 views

Missing Authorization

Overview typo3/cms-core is a free open source enterprise content management system. Affected versions of this package are vulnerable to Missing Authorization via the upload for form definition files with mixed-case extensions. An attacker can escalate privileges by uploading maliciously crafted...

8.8CVSS6AI score0.00253EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 5:31 p.m.43 views

CVE-2026-44169

CVE-2026-44169 affects MariaDB server (community forks). Issue: authorization bypass in role-based routine-level privilege check can let a user with EXECUTE on a stored routine view the routine definition without SHOW CREATE ROUTINE privilege. Affected versions: 11.4.1–11.4.10, 11.8.1–11.8.6, and...

4.3CVSS5.2AI score0.00161EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/12 5:31 p.m.44 views

CVE-2026-44169 MariaDB: Authorization bypass in role-based routine-level privilege check exposes stored routine definitions

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been...

4.3CVSS0.00161EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 5:31 p.m.12 views

EUVD-2026-36515

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been...

4.3CVSS5.2AI score0.00161EPSS
Exploits0References2
Rows per page
Query Builder