Lucene search
+L

108 matches found

Vulnrichment
Vulnrichment
added 2026/03/11 8:2 a.m.4 views

CVE-2024-14026 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in th...

5.4CVSS6AI score0.00624EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.4 views

PT-2026-24401

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.34.13 Envoy versions prior to 1.35.8 Envoy versions prior to 1.36.5 Envoy versions prior to 1.37.1 Description Envoy is a high-performance edge/middle/service proxy. A crash may occur in the rate limit filter when the...

7.5CVSS5.8AI score0.00315EPSS
Exploits0References9
EUVD
EUVD
added 2026/03/08 6:31 a.m.6 views

EUVD-2026-10211

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub401A10 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to out-of-bounds write. The attack may be performed from remote. The exploit has been published and may be used. Upgrading...

10CVSS5.5AI score0.00817EPSS
Exploits1References7
OSV
OSV
added 2026/03/08 4:15 a.m.2 views

CVE-2026-3704

A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub405B2C of the file /cgi-bin/firewall.cgi of the component Incomplete Fix CVE-2025-10959. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit ha...

7.2CVSS5.4AI score0.04461EPSS
Exploits2References6
EUVD
EUVD
added 2026/02/25 5:26 p.m.7 views

EUVD-2026-8617

@enclave-vm/core is vulnerable to Sandbox Escape...

10CVSS5.3AI score0.00878EPSS
Exploits2References3
NVD
NVD
added 2026/02/25 4:23 p.m.12 views

CVE-2026-3188

A security flaw has been discovered in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This affects an unknown part of the file /api/admin/common/download/templates of the component API. Performing a manipulation of the argument templateName results in path traversal. Remote exploitation of the...

5.3CVSS0.00325EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/02/20 7:40 p.m.6 views

CVE-2026-26057

Skill Scanner is a security scanner for AI Agent Skills that detects prompt injection, data exfiltration, and malicious code patterns. A vulnerability in the API Server of Skill Scanner could allow a unauthenticated, remote attacker to interact with the server API and either trigger a denial of...

9.1CVSS6.1AI score0.00328EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/28 12:15 a.m.7 views

EUVD-2026-4905

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8CVSS5.9AI score0.00334EPSS
Exploits1References2
OSV
OSV
added 2026/01/08 2:15 p.m.5 views

UBUNTU-CVE-2026-21892

Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...

7.3CVSS6AI score0.00235EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/12/22 12:54 p.m.6 views

gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

A heap-based buffer overflow in GIMP’s X Window Dump XWD file parser allows an attacker to craft a malicious XWD file or a web page that triggers opening one that can overflow a heap buffer during parsing and lead to remote code execution in the context of the GIMP process. The flaw is tracked as...

7.8CVSS6.7AI score0.00452EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/12/16 1:43 p.m.3 views

CVE-2025-68192

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: initialize MAC header offset in qmimuxrxfixup Raw IP packets have no MAC header, leaving skb-macheader uninitialized. This can trigger kernel panics on ARM64 when xfrm or other subsystems access the offset due ...

5.4AI score0.00184EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/12/01 9:21 p.m.4 views

gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

A heap-based buffer overflow in GIMP’s X Window Dump XWD file parser allows an attacker to craft a malicious XWD file or a web page that triggers opening one that can overflow a heap buffer during parsing and lead to remote code execution in the context of the GIMP process. The flaw is tracked as...

7.8CVSS6.7AI score0.00452EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-20713

Malware in sbrugna...

9.3CVSS7.7AI score0.04103EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-20581

Malware in sbrugna...

9.3CVSS7.7AI score0.04103EPSS
Exploits1References4
NVD
NVD
added 2025/10/05 5:15 a.m.8 views

CVE-2025-11283

A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument Description can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...

4.8CVSS0.00379EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25131

Malicious code in bioql PyPI...

6.9CVSS6.3AI score0.00244EPSS
Exploits0References3
NVD
NVD
added 2025/10/03 7:15 p.m.6 views

CVE-2025-52427

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS0.00439EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/26 4:32 p.m.7 views

CVE-2025-11029 givanz Vvveb cross-site request forgery

A weakness has been identified in givanz Vvveb up to 1.0.7.2. This vulnerability affects unknown code. Executing manipulation can lead to cross-site request forgery. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. Once again the proje...

5.3CVSS6.6AI score0.00262EPSS
Exploits1References8
OSV
OSV
added 2025/09/26 4:32 p.m.8 views

CVE-2025-11029 givanz Vvveb cross-site request forgery

A weakness has been identified in givanz Vvveb up to 1.0.7.2. This vulnerability affects unknown code. Executing manipulation can lead to cross-site request forgery. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. Once again the proje...

5.3CVSS5.5AI score0.00262EPSS
Exploits1References10
CVE
CVE
added 2025/09/26 3:2 p.m.13 views

CVE-2025-11026

Summary: CVE-2025-11026 affects givanz Vvveb up to 1.0.7.2, specifically a flaw in the Configuration File Handler that can lead to information disclosure. The vulnerability description indicates remote initiation and that the exploit has been publicly disclosed. The root cause is tied to mis-hand...

7.5CVSS5.1AI score0.00343EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder