Lucene search
+L

305 matches found

Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.10 views

PT-2026-6010

Name of the Vulnerable Software and Affected Versions Autodesk 3ds Max affected versions not specified Description A specially designed GIF file, when processed by Autodesk 3ds Max, can lead to an Out-of-Bounds Write condition. Successful exploitation of this issue could allow a malicious actor t...

8.4CVSS6AI score0.00175EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/01/31 3:40 a.m.170 views

Exploit for CVE-2026-24841

No d...

9.9CVSS5.9AI score0.02518EPSS
Exploits2
EUVD
EUVD
added 2026/01/28 8:25 p.m.8 views

EUVD-2026-4873

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...

6.3CVSS5.8AI score0.00201EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/01/28 12:25 a.m.8 views

SUSE CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

7.5CVSS6AI score0.00483EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/27 10:4 p.m.33 views

CVE-2026-24783 soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math with Negatives

soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the mulDivx, y, z function incorrectly handled cases where both the intermediate product $x y$ and the divisor $z$ were negative. The logic assumed that if the intermediate product was...

7.5CVSS0.00372EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb/server: Avoid deadlock when linking with “ReplaceIfExists”. If the smb2createlink function is called with “ReplaceIfExists” set, and the file name actually exists, a deadlock will occur. The function ksmbdvfskernpathlocked wi...

5.5CVSS6.4AI score0.00111EPSS
Exploits0References3
CVE
CVE
added 2026/01/17 2:22 a.m.37 views

CVE-2025-15403

CVE-2025-15403 affects the RegistrationMagic WordPress plugin (versions

9.8CVSS6AI score0.00461EPSS
In wildExploits2References4
Positive Technologies
Positive Technologies
added 2026/01/17 12:0 a.m.11 views

PT-2026-3341

Name of the Vulnerable Software and Affected Versions RegistrationMagic versions prior to 6.0.7.1 Description The RegistrationMagic plugin for WordPress is susceptible to a privilege escalation issue. The add menu function is accessible through the rm user exists AJAX action, allowing manipulatio...

9.8CVSS5.3AI score0.00461EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001276 advisory. drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service NULL pointer dereference and system crash or possibly hav...

7.8CVSS6.7AI score0.00418EPSS
Exploits0References9
EUVD
EUVD
added 2026/01/14 12:0 a.m.5 views

EUVD-2026-2439

A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field...

6.1CVSS5.2AI score0.00257EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:36 a.m.7 views

CVE-2024-34515

image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...

8.8CVSS6.8AI score0.0188EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-54249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if...

5.3AI score0.00166EPSS
Exploits0References2
NVD
NVD
added 2025/12/29 1:15 a.m.8 views

CVE-2025-15067

Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed ex: innorix/exam...

8.5CVSS0.00124EPSS
Exploits0References2
CVE
CVE
added 2025/12/29 12:48 a.m.14 views

CVE-2025-15066

CVE-2025-15066 affects Innorix WP with a path traversal flaw due to improper pathname restriction in the installation directory (exam directory). All versions are implicated if innorix/exam exists; can lead to arbitrary file download. Exploitation details are not provided beyond the description; ...

6.9CVSS6.5AI score0.00139EPSS
Exploits0References2
OSV
OSV
added 2025/12/12 3:30 p.m.1 views

OPENSUSE-SU-2025:20161-1 Security update for chromium

This update for chromium fixes the following issues: - Chromium 143.0.7499.109 boo1254776: CVE-2025-14372: Use after free in Password Manager CVE-2025-14373: Inappropriate implementation in Toolbar third issue with an exploit is known to exist in the wild...

6.1CVSS5.8AI score0.00277EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/11 8:35 p.m.31 views

CVE-2025-13663 Quartus Prime Pro Edition Installer Advisory

Under certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissions of the Quartus target installation directory if the target installation directory already exists...

6.7CVSS0.00084EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/25 1:33 a.m.14 views

CVE-2025-13575

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

8.8CVSS7AI score0.00261EPSS
Exploits0References1
OSV
OSV
added 2025/11/24 1:15 a.m.4 views

CVE-2025-13575

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

8.8CVSS5.7AI score0.00261EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/11/24 12:32 a.m.15 views

CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

6.5CVSS0.00261EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/11/24 12:32 a.m.3 views

CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection

A security vulnerability has been detected in code-projects Blog Site 1.0. Impacted is the function categoryexists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. The attack may be performed from...

6.5CVSS6.6AI score0.00261EPSS
Exploits0References7
Rows per page
Query Builder