Lucene search
K

242 matches found

EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42271

A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function asyncruncommand of the file src/openllm/common.py of the component Model Repository Directory Name Handler. Performing a manipulation of the argument cmd results in command injection. Attacking locally is a requirement...

5.3CVSS5.8AI score0.01338EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/06/29 11:48 a.m.6 views

CVE-2026-47162

A flaw was found in Vim, an open-source text editor. This vulnerability, located in the netrw plugin, involves a code injection issue when the editor processes directory paths. A malicious directory name, if crafted by an attacker, could bypass security measures and allow for the execution of...

8.8CVSS6.4AI score0.00219EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.23 views

PT-2026-50410

Name of the Vulnerable Software and Affected Versions Apache Shiro versions prior to 2.2.1 Apache Shiro versions prior to 3.0.0-alpha-2 Description A remote attacker can inject LDAP special characters into the Distinguished Name DN construction within the DefaultLdapRealm class. User-supplied...

9.1CVSS5.3AI score0.00494EPSS
Exploits0References9
Microsoft CVE
Microsoft CVE
added 2026/06/13 8:1 a.m.19 views

Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name

...

8.8CVSS5.3AI score0.00219EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/11 6:32 p.m.9 views

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References6
CVE
CVE
added 2026/06/11 6:32 p.m.60 views

CVE-2026-47162

Vim (with the netrw plugin) is affected by CVE-2026-47162 due to a Vimscript code injection in s:NetrwBookHistSave() when serializing directory paths to the history file ~/.vim/.netrwhist. A directory name from the filesystem can be interpolated into a single-quoted Vimscript string literal witho...

8.8CVSS5.9AI score0.00219EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/11 6:32 p.m.40 views

CVE-2026-47162 Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

7.3CVSS0.00219EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/11 6:32 p.m.10 views

EUVD-2026-36281

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

7.3CVSS5.9AI score0.00219EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 8:46 a.m.41 views

CVE-2026-46746

Vulnerability summary (CVE-2026-46746): In Siemens SINEC INS, all versions prior to V1.0 SP2 Update 6 expose a flaw in the /api/sftp/uploadFiles endpoint. The app does not properly sanitize user input, enabling injection of shell command payloads via crafted directory names. These payloads are st...

8.8CVSS6AI score0.00451EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.13 views

CVE-2026-1951

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS5.7AI score0.00611EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.28 views

PT-2026-45548

A NULL pointer dereference in the ext4 dir en get name len function in include/ext4 dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validat...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libgit2

libgit2 is a portable C implementation of the Git core methods, provided as a linkable library with a robust API. It allows for integrating Git functionality into your application. However, improper use of the gitindexadd function can lead to heap corruption, which may be exploited for arbitrary...

9.8CVSS7.3AI score0.01546EPSS
Exploits0References2
NVD
NVD
added 2026/04/24 7:16 a.m.6 views

CVE-2026-1951

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS0.00611EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/24 6:13 a.m.7 views

CVE-2026-1951

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS5.5AI score0.00611EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/24 6:13 a.m.5 views

CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS5.3AI score0.00611EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 6:13 a.m.7 views

EUVD-2026-25403

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS5.3AI score0.00611EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 6:13 a.m.30 views

CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS0.00611EPSS
Exploits0References1
CVE
CVE
added 2026/04/24 6:13 a.m.20 views

CVE-2026-1951

Technical details for CVE-2026-1951 are not publicly available in the provided documents. Monitor for updates.

9.8CVSS5.9AI score0.00611EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/24 1:34 a.m.7 views

SUSE CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

5.5CVSS5.7AI score0.00108EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.17 views

PT-2026-34859

CVE-2026-1951 Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability. https://t.co/KudN90cAFS...

9.8CVSS5.4AI score0.00611EPSS
Exploits0References4
Rows per page
Query Builder