Lucene search
K

8180 matches found

CVE
CVE
added yesterday8 views

CVE-2026-58101

CVE-2026-58101 affectsCrypt::OpenSSL::X509 on Perl up to version 2.1.3. The issue arises when parsing X509 extensions: X509V3_EXT_d2i(ext) may return NULL; subsequent dereferences of the result in basicC, ia5string, auth_att, and keyid_data occur without a NULL check. If an affected helper is inv...

6.1AI score
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-57743

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

8.1CVSS0.00557EPSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-57745

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Reflected XSS.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

7.1CVSS0.00251EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57744

Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

9.8CVSS0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-57743 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

8.1CVSS0.00557EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-57745 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Reflected XSS.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

7.1CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-57743

CVE-2026-57743 describes animproper control of the filename for include/require in the PHP program, enabling a PHP Local File Inclusion vulnerability in the WordPress plugin set RT-Theme 18 | Extensions (rt18-extensions). Affected: RT-Theme 18 Extensions versions up to and including 2.5. The issu...

8.1CVSS6.1AI score0.00557EPSS
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-57745

CVE-2026-57745 concerns a Reflected Cross-Site Scripting vulnerability in the WordPress RT-Theme 18 Extensions (rt18-extensions) plugin, affecting version &lt;= 2.5. The issue is described as improper neutralization of input during web page generation, enabling reflected XSS. Affected product/com...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-57744

The CVE-2026-57744 entry describes a PHP Object Injection vulnerability in the WordPress plugin RT-Theme 18 Extensions, affected versions up to and including 2.5. The root cause is Deserialization of Untrusted Data, enabling object injection. Impact is rated high (CVSS 3.1: 9.8, Confidentiality/I...

9.8CVSS6.1AI score0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday9 views

CVE-2026-57744 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

9.8CVSS0.00564EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday1416 views

Microsoft FrontPage Extensions - Information Disclosure

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...

5CVSS6.1AI score0.47595EPSS
Exploits1References3
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-39125

SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist...

9.2CVSS6.1AI score0.00607EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 5 days ago6 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
NVD
NVD
added 5 days ago15 views

CVE-2026-15158

The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.1.46 via the saveattachments function. This is due to the Custom Fonts extension registering a wpcheckfiletypeandext filter that approves any filename containing .woff2 or .tt...

9.8CVSS0.00995EPSS
Exploits0References3
CVE
CVE
added 5 days ago20 views

CVE-2026-15158

Blocksy Companion

9.8CVSS6.6AI score0.00995EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 5 days ago5 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 5 days ago6 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42482

Use after free in Extensions in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

6AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-42480

Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Chromium security severity: High...

6AI score0.00125EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

dnsmasq < 2.93 Heap-Based Buffer Overflow (CVE-2026-12725)

The version of dnsmasq installed on the remote host is prior to 2.93. It is, therefore, affected by a heap-based buffer overflow vulnerability. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause...

5.9CVSS6.2AI score0.00403EPSS
Exploits0References3
Rows per page
Query Builder