Lucene search
K

17905 matches found

NVD
NVD
added 2026/06/21 11:16 p.m.10 views

CVE-2026-12812

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

5.1CVSS0.00195EPSS
Exploits0References4
CVE
CVE
added 2026/06/21 10:15 p.m.23 views

CVE-2026-12812

Radware Cyber Controller (up to 10.11.0) is affected in the HTML Report Generation component, with HTML injection due to the underlying issue. The vulnerability allows remote exploitation, and the exploit has been publicly disclosed. No remediation details are provided in the documents. Affected ...

5.1CVSS5.3AI score0.00195EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/21 10:15 p.m.23 views

CVE-2026-12812 Radware Cyber Controller HTML Report Generation HTML injection

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

5.1CVSS0.00195EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.37 views

PT-2026-51259

Name of the Vulnerable Software and Affected Versions Radware Cyber Controller versions prior to 10.11.0 Description An issue exists within the HTML Report Generation component that allows for HTML injection. This flaw can be exploited remotely to inject malicious HTML code into reports...

5.1CVSS5.9AI score0.00195EPSS
Exploits0References8
NVD
NVD
added 2026/06/19 8:16 p.m.13 views

CVE-2026-48787

gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code through POST /autoCode/addFunc, and then...

8.7CVSS0.0047EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 7:46 p.m.5 views

CVE-2026-48787

gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code through POST /autoCode/addFunc, and then...

8.7CVSS6.6AI score0.0047EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 7:46 p.m.26 views

CVE-2026-48787 gin-vue-admin vulnerable to RCE

gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code through POST /autoCode/addFunc, and then...

8.7CVSS0.0047EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 7:46 p.m.24 views

CVE-2026-48787

CVE-2026-48787 affects gin-vue-admin (AI-assisted basic development platform) in version 2.9.1. An authenticated attacker with access to the code-generation feature and MCP management interface can inject attacker-controlled Go source code via POST /autoCode/addFunc, then trigger a rebuild of the...

8.7CVSS6.6AI score0.0047EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 5:6 p.m.18 views

CVE-2026-49359

PhpWeasyPrint (pontedilana/php-weasyprint) prior to version 2.6.0 is vulnerable: the attachment option for Pdf can accept any value that passes filter_var(url), including http, https, ftp, file, and PHP streams like php://. The library fetches these values server-side via file_get_contents, allow...

6.5CVSS6AI score0.00242EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/19 3:53 p.m.31 views

CVE-2026-12621 Cross-Site Scripting (XSS) Vulnerability in Password Reset Redirect in GridTime™ 3000 GNSS Time Server

Improper neutralization of input during web page generation XSS vulnerability in the GridTime 3000 password reset form allows XSS. This issue affects GridTime 3000: from 1.0r0.03 before 1.2r0.0...

5.3CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/19 3:40 p.m.5 views

CVE-2026-12619 GridTime™ 3000 GNSS Time Server CSRF to XSS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting XSS. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

5.1CVSS5.8AI score0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 3:40 p.m.7 views

EUVD-2026-38038

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting XSS. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

5.1CVSS5.8AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/06/19 2:16 p.m.14 views

CVE-2026-9143

There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions...

6.3CVSS0.0018EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 1:48 p.m.7 views

CVE-2026-9143

There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions...

6.3CVSS5.8AI score0.0018EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/19 1:48 p.m.30 views

CVE-2026-9143 Incorrect Conversion between Numeric Types in NI grpc-device due to missing range checks in CodeGen

There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions...

6.3CVSS0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 1:48 p.m.25 views

CVE-2026-9143

CVE-2026-9143 describes an incorrect conversion between numeric types in NI grpc-device due to missing range checks in CodeGen, potentially discarding high bits when a size value exceeds the target type’s range. Affected: NI grpc-device ≤ 2.17.0. Metrics: CVSSv3.1 base 3.7 (LOW); CVSSv4.0 base 6....

6.3CVSS5.8AI score0.0018EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

Improper access control in some 3rd Generation IntelR XeonR Scalable processors may allow a privileged user to potentially enable information disclosure through local access...

6CVSS6.4AI score0.00308EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: multi-gen LRU: fix crash during cgroup migration The lrugenmigratemm function assumes that lrugenaddmm runs before it. This assumption is not true in the following scenario: CPU 1 CPU 2 clone cgroupcanfork cgroupprocswrite...

5.5CVSS6.1AI score0.00192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in PHP 7.3

In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, and 8.2. before 8.2.7, when using SOAP HTTP Digest Authentication, the random value generator was not checked for failures. It used a narrower range of values than necessary. In the event of a random value generator failure, it could lead to...

4.3CVSS6.1AI score0.00709EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: btrfssetheadergeneration must not be moved to after cleantreeblock, because cleantreeblock calls btrfsheadergeneration from commit 55c69072d6bd5be1 “Btrfs: Fix extentbuffer usage when nodesize != leafsize”. In...

5.7AI score0.002EPSS
Exploits0References1
Rows per page
Query Builder