Lucene search
+L

363 matches found

OSV
OSV
added 2026/06/01 12:0 a.m.19 views

ASB-A-500171842

Bulletin has no description...

7.8CVSS5.7AI score0.00108EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 5:8 p.m.16 views

CGA-3893-P8H8-XVP4

Bulletin has no description...

6.2CVSS5.7AI score0.00112EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.12 views

PT-2026-45007

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.480 Description The software constructs all or part of a code segment using externally-influenced input from an upstream component without properly neutralizing special elements. This can modify the syntax or behavior...

7CVSS5.9AI score0.00552EPSS
Exploits0References38
NVD
NVD
added 2026/05/11 10:22 p.m.13 views

CVE-2026-43890

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS0.00205EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/11 9:9 p.m.12 views

EUVD-2026-29334

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS5.8AI score0.00205EPSS
Exploits0References1
OSV
OSV
added 2026/05/11 1:49 p.m.4 views

MINI-V7JV-537M-F8FW

Bulletin has no description...

7.5CVSS5.7AI score0.00231EPSS
Exploits0
OSV
OSV
added 2026/05/11 10:17 a.m.10 views

MINI-3PGP-2XF4-MQQP

Bulletin has no description...

7.5CVSS5.7AI score0.00784EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.11 views

VMware Spring AI 安全漏洞

VMware Spring AI is a development framework from VMware that integrates artificial intelligence and big language modeling capabilities in the Spring ecosystem. A security vulnerability exists in VMware Spring AI versions 1.0.0 through 1.0.7 prior and 1.1.0 through 1.1.6 prior, which stems from...

8.6CVSS5.8AI score0.00353EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 7:16 p.m.14 views

CVE-2026-40865

Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document viewer allows any authenticated user to access other employees’ uploaded documents by changing the document ID in the request. This exposes sensitive HR...

7.1CVSS0.0014EPSS
Exploits0References1
OSV
OSV
added 2026/04/21 6:14 p.m.3 views

CVE-2026-40865 Horilla: Insecure Direct Object Reference at `/employee/view-file/<int:id>

Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document viewer allows any authenticated user to access other employees’ uploaded documents by changing the document ID in the request. This exposes sensitive HR...

7.1CVSS6AI score0.0014EPSS
Exploits0References3
OSV
OSV
added 2026/04/11 4:2 p.m.5 views

MINI-M88M-PHM8-J7WF

Bulletin has no description...

7.5CVSS5.7AI score0.00615EPSS
Exploits0
OSV
OSV
added 2026/04/11 3:2 p.m.3 views

MINI-8CCR-MMM7-4VV7

Bulletin has no description...

5.5CVSS5.7AI score0.0029EPSS
Exploits0
NVD
NVD
added 2026/04/02 6:16 p.m.10 views

CVE-2026-5414

A security flaw has been discovered in Newgen OmniDocs up to 12.0.00. Affected by this issue is some unknown functionality of the file /omnidocs/WebApiRequestRedirection. The manipulation of the argument DocumentId results in improper control of resource identifiers. The attack may be performed...

6.9CVSS0.00315EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/02 6:0 p.m.4 views

CVE-2026-5414 Newgen OmniDocs WebApiRequestRedirection resource injection

A security flaw has been discovered in Newgen OmniDocs up to 12.0.00. Affected by this issue is some unknown functionality of the file /omnidocs/WebApiRequestRedirection. The manipulation of the argument DocumentId results in improper control of resource identifiers. The attack may be performed...

6.9CVSS5.5AI score0.00315EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.9 views

Newgen OmniDocs 安全漏洞

Newgen OmniDocs is an enterprise content management suite provided by Newgen Corporation. Versions of Newgen OmniDocs 12.0.00 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect handling of the DocumentId parameter in files/omnidocs/WebApiRequestRedirection,...

6.9CVSS6.1AI score0.00315EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.12 views

PT-2026-29866

Name of the Vulnerable Software and Affected Versions Newgen OmniDocs versions up to 12.0.00 Description A security flaw exists in Newgen OmniDocs up to version 12.0.00. The issue involves improper control of resource identifiers due to manipulation of the DocumentId argument within the...

6.9CVSS5.8AI score0.00315EPSS
Exploits0References8
OSV
OSV
added 2026/03/20 8:0 p.m.6 views

MINI-JXP5-QW6M-3456

Bulletin has no description...

9.1CVSS5.7AI score0.01557EPSS
Exploits1
OSV
OSV
added 2026/03/13 1:7 p.m.5 views

MINI-8QG8-WF36-9HGR

Bulletin has no description...

7.5CVSS5.7AI score0.00728EPSS
Exploits0
OSV
OSV
added 2026/03/04 5:28 a.m.3 views

MINI-FJ37-7897-H5V7

Bulletin has no description...

10CVSS5.9AI score0.00765EPSS
Exploits1
OSV
OSV
added 2026/02/25 6:43 p.m.5 views

CVE-2026-25927 OpenEMR Missing Authorization Checks in DICOM Viewer State API

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the DICOM viewer state API e.g. upload or state save/load accepts a document ID docid without verifying that the document belongs to the current user’s authorized patie...

7.1CVSS5.6AI score0.00204EPSS
Exploits1References3
Rows per page
Query Builder