Lucene search
K

590816 matches found

Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49191

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where the application fails to intercept certain dangerous interfaces when executing JavaScript scripts embedded in PDF files within the sandbox...

8.6CVSS6.1AI score0.00129EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.27 views

CVE-2026-30120

remotion-dev remotion v4.0.409 was discovered to contain a remote code execution RCE vulnerability...

0.0081EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.28 views

CVE-2026-36933

An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature...

0.00174EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 a.m.5 views

CVE-2025-56814

A code injection vulnerability in the wxExecute function of OpenCPN v5.12.0 allows attackers to execute arbitrary code via embedding shell metacharacters...

5.9AI score0.00165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49607

Name of the Vulnerable Software and Affected Versions LangBot affected versions not specified Description A critical flaw in the MCP STDIO implementation allows for remote code execution within AI pipelines. Recommendations At the moment, there is no information about a newer version that contain...

6.2AI score
Exploits0References2
Redos
Redos
added 2026/06/15 12:0 a.m.6 views

ROS-20260615-73-0006

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS7.8AI score0.00534EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.6 views

ROS-20260615-73-0005

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS7.8AI score0.00534EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.5 views

ROS-20260615-73-0001

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS7.8AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.6 views

ROS-20260615-73-0002

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS7.8AI score0.00467EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49324

Name of the Vulnerable Software and Affected Versions matze wastebin version 3.4.1 Description An HTML injection issue in the /src/highlight.rs component allows attackers to execute arbitrary scripts using a crafted payload. HTML injection is a process where an attacker inserts malicious HTML cod...

9.6CVSS6.2AI score0.00374EPSS
Exploits0References3
Talos
Talos
added 2026/06/15 12:0 a.m.6 views

GeoVision GV-VMS V20 WebCam Server stack overflow vulnerabilities

Summary Multiple exploitable stack overflow vulnerabilities exist in the WebCam Server functionality of GV-VMS V20 versions: 20.0.2. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities...

10CVSS6.4AI score0.00514EPSS
Exploits0
Talos
Talos
added 2026/06/15 12:0 a.m.6 views

GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

Summary A stack overflow vulnerability exists in the WebCam Server Login functionality of GV-VMS V20 versions: 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Confirmed Vulnerable...

9.8CVSS6.2AI score0.00534EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.6 views

ROS-20260615-73-0003

The vulnerability in freerdp is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS8.1AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.7 views

ROS-20260615-73-0004

The vulnerability in freerdp3 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS8.1AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.6 views

ROS-20260615-73-0041

The vulnerability of the yuvensurebuffer function in the RDP client FreeRDP is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted NAL packets...

7.5CVSS5.7AI score0.00265EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49299

Name of the Vulnerable Software and Affected Versions SNMP4J-Agent version 3.8.3 Description A remote attacker can execute arbitrary code through the snmp4jCfgStoragePath component. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

9.8CVSS5.7AI score0.00515EPSS
Exploits1References3
CVE
CVE
added 2026/06/15 12:0 a.m.15 views

CVE-2026-50883

CVE-2026-50883 refers to an HTML injection in the matze wastebin project (v3.4.1) affecting the internal component /src/highlight.rs . The root cause is not explicitly detailed beyond mention of HTML injection via a crafted payload, leading to arbitrary script execution. The vulnerability is rate...

9.6CVSS5.8AI score0.00374EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.13 views

CVE-2026-50869

CVE-2026-50869 relates to Bludit v3.19.0, where the api/plugin.php component is vulnerable to a directory traversal via a crafted request. The CVE entry documents a high-severity issue (CVSS 3.1: 9.8, CRITICAL) with network attack vector, no privileges required, and no user interaction. The affec...

9.8CVSS5.5AI score0.00718EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.19 views

CVE-2026-38329

Bludit CMS is affected pre-3.18.4. The API Plugin's POST /api/files/{key} endpoint in bl-plugins/api/plugin.php fails authorization checks and lacks file extension validation, enabling an attacker with a valid API token to upload a PHP script and execute arbitrary code on the server (Remote Code ...

9.8CVSS6.3AI score0.00627EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.54 views

CVE-2026-38329

Bludit CMS before version 3.18.4 allows Remote Code Execution RCE via the API Plugin. The POST /api/files/key endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and...

0.00627EPSS
Exploits0References1
Rows per page
Query Builder