Lucene search
K

8775 matches found

NVD
NVD
added yesterday5 views

CVE-2026-15067

Snowflake Terraform Provider versions prior to 2.18.0 contain several security vulnerabilities, including SQL injection via an unsanitized data source input could result in arbitrary SQL execution under the provider's privileged Snowflake session, potentially enabling sensitive data exfiltration...

8.8CVSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-42003

MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords OTP to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3...

8.8CVSS6AI score0.00342EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Cursor < 3.0 Multiple Sandbox Escapes

The version of Cursor installed on the remote host is prior to 3.0. It is, therefore, affected by multiple vulnerabilities: - A flaw in the agent sandbox allows a malicious agent to manipulate the workingdirectory parameter, causing the sandbox to include writable paths outside the intended...

9.8CVSS6.9AI score0.00638EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.9 views

PT-2026-55240

Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description An authenticated actor with low privileges and network access can exploit multiple SQL Injection vulnerabilities to escalate privileges within UniFi OS devices or instances. SQL Injection is...

8.8CVSS5.9AI score0.00244EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/07/01 3:25 p.m.11 views

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and...

10CVSS6.4AI score0.01396EPSS
Exploits3
Wolfi
Wolfi
added 2026/07/01 2:16 p.m.7 views

GHSA-3GXH-FQMQ-7JGM vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/07/01 11:58 a.m.8 views

EUVD-2026-40952

MCO is vulnerable to Path Disclosure and Path Traversal in file handling functionality related to data export and upload. Improper validation of the filename parameter allows writing files to arbitrary locations as well as indirect disclosure of absolute server paths through error messages. Becau...

7.1CVSS5.9AI score0.00339EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References1
Circl
Circl
added 2026/06/30 10:0 a.m.8 views

CVE-2026-43707

creationtimestamp| type| source ---|---|--- 2026-06-30 10:00:53+00:00| seen| https://thehackernews.com/2026/06/apple-patches-30-ios-macos-safari-flaws.html 2026-07-01 01:00:45+00:00| seen| https://thehackernews.com/2026/06/apple-patches-30-ios-macos-safari-flaws.html 2026-07-01 02:51:35+00:00|...

6.5CVSS6.1AI score0.00307EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 3:19 p.m.2 views

SUSE-SU-2026:2685-1 Security update for openCryptoki

This update for openCryptoki fixes the following issue: - CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service bsc1262283...

6.8CVSS5.8AI score0.0016EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/29 12:26 p.m.6 views

Important: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.10 views

EulerOS 2.0 SP15 : libarchive (EulerOS-SA-2026-2486)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of...

7.5CVSS7.1AI score0.00882EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 4:58 p.m.3 views

Security Bulletin:IBM Spectrum Control is vulnerable to weaknesses related to axios (CVE-2025-62718, CVE-2026-40175)

Summary Axios is vulnerable to infrastructure tampering and Critical SSRF and exposure of private internal/loopback endpoints attacks. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser an...

9.9CVSS6.6AI score0.01815EPSS
Exploits6Affected Software1
Redos
Redos
added 2026/06/26 12:0 a.m.5 views

ROS-20260626-73-0004

The vulnerability in Gitea is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...

8.1CVSS5.8AI score0.00343EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/25 6:8 p.m.5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 6:8 p.m.7 views

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.32 views

PT-2026-52217

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.3 Description Incomplete Server-Side Request Forgery SSRF protection exists within the webhook and migration allow-list filtering. SSRF is a flaw that allows an attacker to induce the server-side application to mak...

9.6CVSS7.2AI score0.00464EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52195

Name of the Vulnerable Software and Affected Versions GitLab EE versions 16.4 through 18.11.5 GitLab EE versions 19.0 through 19.0.2 GitLab EE versions 19.1 through 19.1.0 Description Improper sanitization of user-supplied input allows an authenticated user with developer-role permissions to...

8.7CVSS6.1AI score0.00231EPSS
Exploits0References10
OSV
OSV
added 2026/06/24 1:13 p.m.4 views

OESA-2026-2734 mariadb security update

Security Fixes: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

10CVSS5.9AI score0.00998EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/23 6:43 a.m.4 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.2CVSS7AI score0.00552EPSS
Exploits0References5
Rows per page
Query Builder