Lucene search
K

9463 matches found

EUVD
EUVD
added 15 hours ago5 views

EUVD-2025-210459

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in SUSE Virtual Machine Driver Pack allows an attacker with the ability to modify the registry to affect the integrity of the driver. We're not aware of a feasible way to exploit this currently. This issue affect...

2CVSS6.1AI score
Exploits0References1
Nuclei
Nuclei
added 15 hours ago39 views

PaperCut NG - Authentication Bypass

This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 Build 63914. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper...

8.2CVSS7.1AI score0.77388EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday249 views

Oracle WebLogic Server - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions...

9.8CVSS7.4AI score0.50224EPSS
Exploits7References5
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/07/01 12:2 a.m.37 views

CVE-2026-41579 runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions prior to 1.3.6, 1.4.0-rc.1, 1.4.0-rc.12, 1.5.0-rc.1, and 1.5.0-rc.1, when setting up the container rootfs, setupPtmx and setupDevSymlinks call os.Remove and os.Symlink with a filepath.Join strin...

3.3CVSS0.00222EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 5:15 a.m.19 views

CVE-2026-13538

The CVE concerns Wavlink WL-NU516U1-A (M16U1_V240425) with a vulnerability in /cgi-bin/wireless.cgi, function sub_401D68, within the POST Parameter Handler. Manipulating arguments SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 leads to command injection. Remote exploitation is possible, and an exploit has ...

6.5CVSS6.4AI score0.01306EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.52 views

Security Bulletin: OpenSSH client bug (CVE-2016-0777 and CVE-2016-0778)

Question Security Bulletin: OpenSSH client bug CVE-2016-0777 and CVE-2016-0778 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...

8.1CVSS7.3AI score0.63468EPSS
Exploits3Affected Software1
EUVD
EUVD
added 2026/06/17 2:19 p.m.12 views

EUVD-2026-37724

Dell PowerFlex Manager, versions 4.6.0.1, contains an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...

4.8CVSS5.4AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.11 views

CVE-2026-46931

Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.6-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.8CVSS0.00402EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.19 views

PT-2026-49932

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

9.8CVSS5.3AI score0.00473EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50032

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Spares Management versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Spares Management product. A low privileged attacker with network access via HTTPS...

8.8CVSS5.9AI score0.00301EPSS
Exploits0References3
CVE
CVE
added 2026/06/14 10:30 p.m.24 views

CVE-2026-12189

The CVE-2026-12189 entry concerns Moovit Bus & Public Transit App 1.18 on Android, affecting the com.tranzmate component. The flaw is described as improper authorization in the handler for a custom URL scheme, enabling a local attacker to manipulate the app. Exploitability is local with low attac...

5.3CVSS5.4AI score0.00105EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 9:36 p.m.51 views

Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in Ruby on Rails (CVE-2012-2660, CVE-2012-2694, CVE-2013-0156, CVE-2012-6496, CVE-2012-3424, and CVE-2012-2695)

Question Is the Network IPS system affected by Ruby on Rails vulnerabilities? "Product":"code":"SS9SBT","label":"Proventia Network Intrusion Prevention System","Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Component":"General...

5.6AI score
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/08 2:30 p.m.12 views

CVE-2026-11522 Tenda W20E setPortMirror formSetPortMirror stack-based overflow

A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buffer overflow. The attack can be initiated remotely. The...

9CVSS8.5AI score0.00466EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 12:30 p.m.11 views

EUVD-2026-35056

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/06/08 6:19 a.m.72 views

janus-security-platform

Agentic Security Platform Payments-domain SAST + autonomous P...

6AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/08 12:45 a.m.8 views

CVE-2026-11473

A vulnerability was identified in jflyfox jfinalcms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The project was informed of the problem early through a...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.9 views

CVE-2026-9564

A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/viewpatient. Performing a manipulation of the argument Remarks results in cross site scripting. Remote exploitation ...

4.8CVSS3.9AI score0.00202EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.11 views

PT-2026-47166

CVE-2026-8762 - Atlassian Confluence Server-Side Request Forgery CVE ID :CVE-2026-8762 Published : June 4, 2026, 2:16 p.m. | 57 minutes ago Description :Rejected reason: After analysis, the originally reported behaviour was determined not to constitute a security vulnerability. The findings were...

5.5AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.17 views

PT-2026-45102

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked domain/permitted domain/blocked domain list/permitted domain list results in stack-based buffer...

9CVSS7.8AI score0.00472EPSS
Exploits0References5
Rows per page
Query Builder