Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

240 matches found

Positive Technologies
Positive Technologiesadded 2026/06/17 12:0 a.m.12 views

PT-2026-50410

Name of the Vulnerable Software and Affected Versions Apache Shiro versions prior to 2.2.1 Apache Shiro versions prior to 3.0.0-alpha-2 Description A remote attacker can inject LDAP special characters into the Distinguished Name DN construction within the DefaultLdapRealm class. User-supplied...

9.1CVSS5.3AI score0.00494EPSS
Exploits0References9
Microsoft CVE
Microsoft CVEadded 2026/06/13 8:1 a.m.10 views

Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name

...

8.8CVSS5.3AI score0.00269EPSS
Exploits0
EUVD
EUVDadded 2026/06/11 6:32 p.m.7 views

EUVD-2026-36281

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

7.3CVSS5.9AI score0.00269EPSS
Exploits0References3
CVE
CVEadded 2026/06/11 6:32 p.m.29 views

CVE-2026-47162

Vim (with the netrw plugin) is affected by CVE-2026-47162 due to a Vimscript code injection in s:NetrwBookHistSave() when serializing directory paths to the history file ~/.vim/.netrwhist. A directory name from the filesystem can be interpolated into a single-quoted Vimscript string literal witho...

8.8CVSS5.9AI score0.00269EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/06/11 6:32 p.m.31 views

CVE-2026-47162 Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

7.3CVSS0.00269EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2026/06/11 6:32 p.m.6 views

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

8.8CVSS5.8AI score0.00269EPSS
Exploits0References3
CVE
CVEadded 2026/06/09 8:46 a.m.25 views

CVE-2026-46746

Vulnerability summary (CVE-2026-46746): In Siemens SINEC INS, all versions prior to V1.0 SP2 Update 6 expose a flaw in the /api/sftp/uploadFiles endpoint. The app does not properly sanitize user input, enabling injection of shell command payloads via crafted directory names. These payloads are st...

8.8CVSS6AI score0.00451EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2026/06/05 7:19 p.m.9 views

CVE-2026-1951

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS5.7AI score0.00611EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/01 12:0 a.m.18 views

PT-2026-45548

A NULL pointer dereference in the ext4 dir en get name len function in include/ext4 dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validat...

5.9AI score0.00339EPSS
Exploits0References4
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.3 views

Astra Linux – Vulnerability in libgit2

libgit2 is a portable C implementation of the Git core methods, provided as a linkable library with a robust API. It allows for integrating Git functionality into your application. However, using properly crafted inputs to gitindexadd can lead to heap corruption, which may be exploited for...

9.8CVSS8.5AI score0.01546EPSS
Exploits0References2
NVD
NVDadded 2026/04/24 7:16 a.m.4 views

CVE-2026-1951

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS0.00611EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/24 6:13 a.m.4 views

CVE-2026-1951

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS5.5AI score0.00611EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/24 6:13 a.m.4 views

EUVD-2026-25403

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS5.3AI score0.00611EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/24 6:13 a.m.3 views

CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS5.3AI score0.00611EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/24 6:13 a.m.26 views

CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

9.8CVSS0.00611EPSS
Exploits0References1
CVE
CVEadded 2026/04/24 6:13 a.m.15 views

CVE-2026-1951

Technical details for CVE-2026-1951 are not publicly available in the provided documents. Monitor for updates.

9.8CVSS5.9AI score0.00611EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVEadded 2026/04/24 1:34 a.m.4 views

SUSE CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

5.5CVSS5.7AI score0.00108EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/04/24 12:0 a.m.10 views

PT-2026-34859

CVE-2026-1951 Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability. https://t.co/KudN90cAFS...

9.8CVSS5.4AI score0.00611EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/22 8:30 a.m.53 views

CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

5.5CVSS0.00108EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/22 8:30 a.m.2 views

CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

5.5CVSS5.7AI score0.00108EPSS
Exploits0References3
Rows per page
Query Builder