Lucene search
K

334 matches found

EUVD
EUVD
added 2026/05/27 2:13 p.m.17 views

EUVD-2026-32510

Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation...

6.6CVSS5.8AI score0.0027EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/11 5:0 a.m.9 views

CVE-2026-8275

A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogodippprimitives.go of the component zerogod IPP Service. Performing a manipulation results in integer coercion error. The attack can be...

6.3CVSS5.1AI score0.00523EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.7 views

CVE-2025-1147 affecting package binutils for versions less than 2.41-11

CVE-2025-1147 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

5.3CVSS6.3AI score0.00619EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.5 views

CVE-2025-69648 affecting package binutils for versions less than 2.41-11

CVE-2025-69648 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

6.2CVSS4.7AI score0.00176EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.8 views

CVE-2025-69647 affecting package binutils for versions less than 2.41-11

CVE-2025-69647 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

6.2CVSS5.7AI score0.00152EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/04/16 2:25 a.m.7 views

CVE-2025-69649 affecting package binutils for versions less than 2.41-11

CVE-2025-69649 affecting package binutils for versions less than 2.41-11. A patched version of the package is available...

7.5CVSS5.7AI score0.00256EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-007089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007089 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit...

4.8CVSS5.8AI score0.00258EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.3 views

CVE-2026-24983

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UpSolution UpSolution Core us-core allows Reflected XSS.This issue affects UpSolution Core: from n/a through = 8.41...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.4 views

CVE-2026-32299

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an improper authorization issue in the page content retrieval feature may allow retrieval of non-public information. Versions 1.41.1 and...

7.5CVSS5.8AI score0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.1 views

CVE-2026-24983 WordPress UpSolution Core plugin <= 8.41 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UpSolution UpSolution Core us-core allows Reflected XSS.This issue affects UpSolution Core: from n/a through = 8.41...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.10 views

PT-2026-27875

Name of the Vulnerable Software and Affected Versions UpSolution Core versions through 8.41 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows for the execution of...

7.1CVSS6.1AI score0.0018EPSS
Exploits0References3
OSV
OSV
added 2026/03/23 10:38 p.m.4 views

JLSEC-2026-1 In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of se...

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...

7.5CVSS6.6AI score0.05316EPSS
Exploits0References28
EUVD
EUVD
added 2026/03/21 6:30 a.m.5 views

EUVD-2026-14148

Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.41...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References18
EUVD
EUVD
added 2026/03/10 9:2 p.m.5 views

EUVD-2026-10388

ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder...

4.8CVSS6AI score0.00258EPSS
Exploits0References3
CVE
CVE
added 2026/03/09 9:37 p.m.52 views

CVE-2026-28687

ImageMagick (MSL decoder) is affected by a heap use-after-free in the MSL decoding path prior to 7.1.2-16 and 6.9.13-41. A freed memory access is triggered by crafting an MSL file, leading to potential memory corruption. The issue is fixed in 7.1.2-16 and 6.9.13-41. Remediation: upgrade to those ...

5.3CVSS5.8AI score0.00243EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/09 9:31 p.m.0 views

CVE-2026-28494 ImageMagick affected by stack corruption through long morphology kernel names or arrays

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-siz...

7.1CVSS6.1AI score0.00108EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2026/02/12 12:0 a.m.11 views

gcc-toolset-14-binutils security update

2.41-3.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130636 Thu Feb 20 2025 Nick Clifton - Backport fixes for PR 32082 and PR 32153 in order to fix the PR 20267 linker tests. 2.41-3 - NVR Bump to allow rebuilding with GTS-14 gcc. RHEL-53519 2.41-2 - Fix s390x...

7.8CVSS5.5AI score0.00235EPSS
Exploits1
NVD
NVD
added 2026/02/05 2:15 a.m.10 views

CVE-2025-11730

A post‑authentication command injection vulnerability in the Dynamic DNS DDNS configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50W series firmware versions from V5.35 through V5.41, and...

7.2CVSS0.01354EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 2:8 p.m.2 views

CVE-2026-25011 WordPress WP Custom Admin Interface plugin <= 7.41 - Broken Access Control vulnerability

Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.41...

4.3CVSS5.3AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 2:8 p.m.5 views

EUVD-2026-5296

Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.41...

4.3CVSS5.3AI score0.00165EPSS
Exploits0References1
Rows per page
Query Builder