Lucene search
+L

557 matches found

nvd
nvd
added 6 days ago7 views

CVE-2026-57167

PeerTube is an ActivityPub-federated video streaming platform. Prior to 8.2.2, server-side-rendered video watch pages embed a schema.org JSON-LD block by JSON.stringify-ing video metadata without escaping less-than, greater-than, or slash characters, allowing a value containing the byte sequence...

5.1CVSS0.00269EPSS
Exploits0References3
osv
osv
added 6 days ago3 views

CVE-2026-57167 PeerTube: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

PeerTube is an ActivityPub-federated video streaming platform. Prior to 8.2.2, server-side-rendered video watch pages embed a schema.org JSON-LD block by JSON.stringify-ing video metadata without escaping less-than, greater-than, or slash characters, allowing a value containing the byte sequence...

5.1CVSS6.2AI score0.00269EPSS
Exploits0References5
nessus
nessus
added 2026/07/06 12:0 a.m.10 views

Debian dla-4669 : libapache2-mod-php8.2 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dla-4669 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4669-1 [email protected] https://www.debian.org/lts/security/...

5.6CVSS6.2AI score0.00306EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/07/03 8:57 p.m.7 views

CVE-2026-14355

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/07/02 12:0 a.m.16 views

PT-2026-55875

Name of the Vulnerable Software and Affected Versions PHP version 8.2 Description A failure to establish a TLS handshake the process where a client and server authenticate each other and establish encryption keys with a remote server can lead to a Denial of Service DoS condition. Recommendations ...

6.1AI score
Exploits0References24
ptsecurity
ptsecurity
added 2026/07/01 12:0 a.m.8 views

PT-2026-55209

Name of the Vulnerable Software and Affected Versions Concourse versions prior to 8.2.3 Description An open redirect issue exists in the login flow. An attacker can craft a URL that redirects users from the Concourse web server to an external site, which could be utilized in phishing attacks to...

5.9AI score
Exploits0References6
nvd
nvd
added 2026/06/30 8:17 p.m.8 views

CVE-2026-12084

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

7.5CVSS0.00162EPSS
Exploits0References1
osv
osv
added 2026/06/28 8:44 a.m.3 views

SUSE-SU-2026:22380-1 Security update for loupe

This update for loupe fixes the following issue - CVE-2025-58160: tracing-subscriber: untrusted input containing ANSI escape sequences can lead to terminal manipulation bsc1249009. Changes for loupe: - Update to version 48.2: - Check if the is-hidden property is available before reading it. -...

2.3CVSS5.8AI score0.00303EPSS
Exploits0References3
cve
cve
added 2026/06/26 2:53 p.m.19 views

CVE-2026-57663

CVE-2026-57663 describes a SQL Injection vulnerability in the WordPress plugin Zip Recipes (Recipe Maker For Your Food Blog) versions

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
nessus
nessus
added 2026/06/24 12:0 a.m.9 views

Oracle Linux 9 : php:8.2 (ELSA-2026-22143)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-22143 advisory. php 8.2.31-1 - rebase to 8.2.31 php-pecl-apcu 5.1.23-1 - update to 5.1.23 for PHP 8.2 RHEL-14699 php-pecl-rrd 2.0.3-4 - build for PHP 8.1 2070040...

8.8CVSS5.9AI score0.0078EPSS
Exploits1References5
nessus
nessus
added 2026/06/24 12:0 a.m.8 views

TencentOS Server 3: php:8.2 (TSSA-2026:0547)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0547 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS6.2AI score0.0078EPSS
Exploits1References5
osv
osv
added 2026/06/21 4:16 p.m.4 views

ALPINE-CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...

6.9CVSS5.8AI score0.0011EPSS
Exploits0References1
osv
osv
added 2026/06/21 3:43 p.m.2 views

CVE-2026-56403

libexpat before 2.8.2 has an integer overflow in storeAtts...

6.9CVSS6AI score0.00102EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/21 12:0 a.m.18 views

PT-2026-51241

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An integer overflow exists in the getAttributeId function. An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be...

6.9CVSS5.8AI score0.00102EPSS
Exploits0References6
osv
osv
added 2026/06/19 2:56 a.m.2 views

CVE-2026-56131

libexpat before 2.8.2 lacks handler call depth tracking for calls to XMLResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur similar to the CVE-2026-50219 situation...

4.9CVSS5.9AI score0.00135EPSS
Exploits0References3
cve
cve
added 2026/06/16 7:26 p.m.16 views

CVE-2026-35282

Technical details for CVE-2026-35282 are not publicly provided in the supplied documents. Monitor for updates from Oracle security alerts and CVE records.

9.9CVSS5.3AI score0.00402EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2026/06/11 2:59 p.m.14 views

CVE-2026-53694

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

7.3CVSS5.4AI score0.00131EPSS
Exploits1References1
nvd
nvd
added 2026/06/11 10:16 a.m.14 views

CVE-2022-42479

Missing Authorization vulnerability in TemplateHouse Soledad allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Soledad: from n/a through 8.2.5...

5.4CVSS0.00177EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/11 9:47 a.m.12 views

CVE-2022-42479 WordPress Soledad premium theme <= 8.2.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in TemplateHouse Soledad allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Soledad: from n/a through 8.2.5...

5.4CVSS5.4AI score0.00177EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/11 12:0 a.m.22 views

PT-2026-48633

Missing Authorization vulnerability in TemplateHouse Soledad allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Soledad: from n/a through 8.2.5...

5.4CVSS5.4AI score0.00177EPSS
Exploits0References2
Rows per page
Query Builder