Lucene search
K

58 matches found

ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14793

A vulnerability was detected in Craft CMS up to 4.18.0.1. Affected is the function actionReorderSets of the file src/controllers/GlobalsController.php of the component reorder-sets Endpoint. The manipulation results in authorization bypass. The attack can be executed remotely. Upgrading to versio...

5.3CVSS5.7AI score0.00224EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/04/24 6:21 p.m.16 views

EUVD-2026-25593

Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes / readString, the setBitPosition bounds check receives the overflowed value and is completely bypassed. The code then reads len bytes 512 MB fr...

7.5CVSS5.7AI score0.00328EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/24 6:44 p.m.3 views

CVE-2026-33769 Astro: Remote allowlist bypass via unanchored matchPathname wildcard

Astro is a web framework. From version 2.10.10 to before version 5.18.1, this issue concerns Astro's remotePatterns path enforcement for remote URLs used by server-side fetchers such as the image optimization endpoint. The path matching logic for / wildcards is unanchored, so a pathname that...

6.3CVSS5.8AI score0.00325EPSS
Exploits1References1
OSV
OSV
added 2026/02/16 4:3 p.m.6 views

BIT-POSTGRESQL-2026-2007 PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.8AI score0.00481EPSS
Exploits0References7
OSV
OSV
added 2026/02/12 2:16 p.m.6 views

UBUNTU-CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS6AI score0.00481EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/12 1:0 p.m.5 views

CVE-2026-2007 PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.8AI score0.00481EPSS
Exploits0References1
CVE
CVE
added 2026/02/12 1:0 p.m.42 views

CVE-2026-2007

CVE-2026-2007 affects PostgreSQL 18.0 and 18.1 due to a heap buffer overflow in the pg_trgm component, where crafted input strings can write patterns into server memory. The attacker’s control over the byte patterns is limited, and the document notes unknown impacts, with a potential for privileg...

8.2CVSS5.8AI score0.00481EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/17 5:19 p.m.10 views

CVE-2024-54556

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen...

2.4CVSS6.2AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 6:16 p.m.7 views

CVE-2024-44238

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An app may be able to corrupt coprocessor memory...

7.8CVSS0.00143EPSS
Exploits0References2
NVD
NVD
added 2026/01/16 6:16 p.m.6 views

CVE-2024-54556

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen...

2.4CVSS0.00162EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/16 5:6 p.m.4 views

CVE-2024-54556

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen...

2.4CVSS5.4AI score0.00162EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/16 5:6 p.m.23 views

CVE-2024-54556

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen...

0.00162EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 5:6 p.m.9 views

CVE-2024-44238

CVE-2024-44238 is tied to Apple iOS/iPadOS and is described as an issue where an app may be able to corrupt coprocessor memory. The connected sources identify the root cause as bounds-check related and state that the vulnerability is fixed in iOS 18.1 and iPadOS 18.1, with remediation described a...

7.8CVSS5.8AI score0.00143EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/01/16 5:6 p.m.19 views

CVE-2024-44238

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An app may be able to corrupt coprocessor memory...

0.00143EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/16 5:6 p.m.4 views

CVE-2024-44238

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to corrupt coprocessor memory...

5.7AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.6 views

PT-2026-3263

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen...

6.2AI score0.00162EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.5 views

PT-2026-3262

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to corrupt coprocessor memory...

6.1AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

Apple iOS and Apple iPadOS security vulnerabilities

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 18.1 and iPadOS prior to 18.1 contained security vulnerabilities. These...

7.8CVSS5.8AI score0.00143EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24593

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00423EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/26 8:31 a.m.12 views

CVE-2025-60094 WordPress Stackable Plugin <= 3.18.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stackable: from n/a through = 3.18.1...

4.3CVSS0.0022EPSS
Exploits0References1
Rows per page
Query Builder