Lucene search
K

590850 matches found

Redos
Redos
added 2026/06/15 12:0 a.m.6 views

ROS-20260615-73-0003

The vulnerability in freerdp is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS8.1AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.7 views

ROS-20260615-73-0004

The vulnerability in freerdp3 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS8.1AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.6 views

ROS-20260615-73-0041

The vulnerability of the yuvensurebuffer function in the RDP client FreeRDP is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted NAL packets...

7.5CVSS5.7AI score0.00265EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.6 views

RHEL 9 : samba (RHSA-2026:25979)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25979 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

9.8CVSS5.8AI score0.12797EPSS
Exploits7References12
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.13 views

Qnap QTS and QuTS hero OS Command Injection (CVE-2026-24719)

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.00977EPSS
Exploits0References1
AlmaLinux
AlmaLinux
added 2026/06/15 12:0 a.m.5 views

Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.5AI score0.02995EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.5 views

RHEL 8 : redis:6 (RHSA-2026:26008)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26008 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.9 views

RHEL 9 : valkey (RHSA-2026:25925)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25925 advisory. Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, se...

8.8CVSS6.8AI score0.02995EPSS
Exploits4References8
OSV
OSV
added 2026/06/15 12:0 a.m.4 views

ALSA-2026:26008 Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.5AI score0.02995EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49299

Name of the Vulnerable Software and Affected Versions SNMP4J-Agent version 3.8.3 Description A remote attacker can execute arbitrary code through the snmp4jCfgStoragePath component. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

9.8CVSS5.7AI score0.00515EPSS
Exploits1References3
CVE
CVE
added 2026/06/15 12:0 a.m.15 views

CVE-2026-50883

CVE-2026-50883 refers to an HTML injection in the matze wastebin project (v3.4.1) affecting the internal component /src/highlight.rs . The root cause is not explicitly detailed beyond mention of HTML injection via a crafted payload, leading to arbitrary script execution. The vulnerability is rate...

9.6CVSS5.8AI score0.00374EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.13 views

CVE-2026-50869

CVE-2026-50869 relates to Bludit v3.19.0, where the api/plugin.php component is vulnerable to a directory traversal via a crafted request. The CVE entry documents a high-severity issue (CVSS 3.1: 9.8, CRITICAL) with network attack vector, no privileges required, and no user interaction. The affec...

9.8CVSS5.5AI score0.00718EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.19 views

CVE-2026-38329

Bludit CMS is affected pre-3.18.4. The API Plugin's POST /api/files/{key} endpoint in bl-plugins/api/plugin.php fails authorization checks and lacks file extension validation, enabling an attacker with a valid API token to upload a PHP script and execute arbitrary code on the server (Remote Code ...

9.8CVSS6.3AI score0.00627EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.54 views

CVE-2026-38329

Bludit CMS before version 3.18.4 allows Remote Code Execution RCE via the API Plugin. The POST /api/files/key endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and...

0.00627EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.8 views

RHEL 9 : gimp (RHSA-2026:25907)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25907 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

7.8CVSS8AI score0.00755EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.7 views

RHEL 9 : gimp (RHSA-2026:25899)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25899 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

7.8CVSS8AI score0.00755EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.6 views

RHEL 7 : libtiff (RHSA-2026:25910)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25910 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...

7.8CVSS6AI score0.00553EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 12:0 a.m.9 views

CVE-2026-39006

CVE-2026-39006 concerns SNMP4J-Agent 3.8.3 where a remote attacker can execute arbitrary code via the snmp4jCfgStoragePath component. Documented impact is critical (CVSS v3.1: 9.8) with network discovery and no user interaction required; exploitation status is not provided in the supplied sources...

9.8CVSS6AI score0.00515EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/06/14 9:6 p.m.89 views

Exploit for CVE-2022-30190

Explotación de Follina CVE-2022-30190 Follina CVE-2022-3...

9.3CVSS8AI score0.99374EPSS
Exploits62
Vulnrichment
Vulnrichment
added 2026/06/14 11:39 a.m.7 views

CVE-2026-11526 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle

GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open of filename arguments in makefilehandle. GD::Image::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd |" or begins with a...

5.4AI score0.01353EPSS
Exploits0References2
Rows per page
Query Builder