Lucene search
K

5068 matches found

OSV
OSV
added 2026/06/04 9:35 a.m.7 views

MINI-495G-8688-HXJP

Bulletin has no description...

8.8CVSS6.8AI score0.00647EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/04 12:9 a.m.13 views

CVE-2026-45282

A flaw was found in Nextcloud Server. An authenticated attacker, by knowing a share token and a document ID, could access attachments of link shares. This circumvents password protection or download restrictions, leading to the disclosure of sensitive information from attachments. Mitigation...

6.5CVSS5.6AI score0.00294EPSS
Exploits0References2
OSV
OSV
added 2026/06/02 8:27 p.m.6 views

ECHO-E6B5-3B2A-9C32

Bulletin has no description...

6.5CVSS6.7AI score0.09199EPSS
Exploits0References2
OSV
OSV
added 2026/06/02 8:27 p.m.7 views

ECHO-C8C0-89CD-58D0

Bulletin has no description...

6.5CVSS7.1AI score0.03251EPSS
Exploits0References2
OSV
OSV
added 2026/06/01 4:53 p.m.1 views

CVE-2026-45282 Nextcloud: Logged-in user bypasses share password and download restrictions on Text attachments via documentId leads to unauthorized file access

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumventing password protection or download...

6.5CVSS5.9AI score0.00294EPSS
Exploits0References5
OSV
OSV
added 2026/05/31 12:9 p.m.7 views

ECHO-EE72-5202-2C87

Bulletin has no description...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/05/31 11:2 a.m.9 views

MINI-MRWC-7XJR-QRV3

Bulletin has no description...

7.5CVSS6.5AI score0.0064EPSS
Exploits1
OSV
OSV
added 2026/05/29 11:29 p.m.7 views

ECHO-121E-D4D0-4C0E

Bulletin has no description...

8.8CVSS5.7AI score0.00252EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.13 views

PT-2026-47201

Unknown description...

5.4AI score
Exploits0References4
OSV
OSV
added 2026/05/28 3:40 p.m.16 views

ECHO-AD54-7743-1269 suexec in Apache HTTP Server 2.2.3 does not verify user/group ID combinations, which "might allow local users to leverage other vulnerabilities". The vendor disputes the issue because the attack "rely on an insecure server configuration" in which the unprivileged server user already has write access to the document root and can run arbitrary code; the suexec security model is not intended to protect against privilege escalation in such a configuration. NVD lists only 2.2.3 as affected (shipped version is 2.4.68). Debian: unimportant. https://security-tracker.debian.org/tracker/CVE-2007-1743

Bulletin has no description...

4.4CVSS6.1AI score0.00703EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 4:12 p.m.7 views

MINI-RJJ2-MGG9-55QH

Bulletin has no description...

7.4CVSS5.7AI score0.00259EPSS
Exploits0
OSV
OSV
added 2026/05/27 4:12 p.m.7 views

MINI-JPV6-2FMM-24QV

Bulletin has no description...

5.7AI score
Exploits0
OSV
OSV
added 2026/05/27 2:22 p.m.6 views

MINI-C4V3-9488-QVGV

Bulletin has no description...

5.4CVSS6.3AI score0.00476EPSS
Exploits0
OSV
OSV
added 2026/05/21 2:20 a.m.10 views

ECHO-FFC7-D859-2D12

Bulletin has no description...

6.9CVSS5.7AI score0.00339EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.22 views

PT-2026-42699

Name of the Vulnerable Software and Affected Versions libp2p versions prior to 15.0.23 Description Three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.js heap of any gossipsub node using default options, leading to an Out-Of-Memory OOM crash...

7.5CVSS5.4AI score0.00278EPSS
Exploits0References7
OSV
OSV
added 2026/05/18 6:20 p.m.25 views

CGA-GRCV-9JQV-F3V4

Bulletin has no description...

5.3CVSS5.7AI score0.00401EPSS
Exploits0
OSV
OSV
added 2026/05/18 3:17 p.m.7 views

MINI-CPX2-MXJC-3WV3

Bulletin has no description...

7.5CVSS5.7AI score0.00159EPSS
Exploits0
EUVD
EUVD
added 2026/05/18 1:52 p.m.52 views

EUVD-2026-30774

Dify version 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...

8.2CVSS5.7AI score0.00435EPSS
Exploits1References3
OSV
OSV
added 2026/05/17 12:33 p.m.7 views

MINI-XCF6-9JHQ-RQXQ

Bulletin has no description...

7.1CVSS5.7AI score0.00261EPSS
Exploits0
OSV
OSV
added 2026/05/16 6:45 p.m.9 views

MINI-3CQJ-RHHG-5JXJ

Bulletin has no description...

4.8CVSS5.7AI score0.00112EPSS
Exploits0
Rows per page
Query Builder