Lucene search
K

17904 matches found

EUVD
EUVD
added 2026/07/01 2:19 p.m.6 views

EUVD-2026-41010

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from v.4.8.2.23 before v.4.8.3.1...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 2:17 p.m.8 views

EUVD-2026-41009

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Block/SpecialBlock.Vue...

5.8AI score0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 2:12 p.m.7 views

EUVD-2026-41008

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.23 before v.4.8.3.1...

6.4CVSS5.8AI score0.00148EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.4 views

PT-2026-54718

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists where an attacker could cause improper control of code generation. This could lead to code execution, escalation of privileges, data tampering, and...

7.8CVSS6AI score0.00175EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-58030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation SyntaxHighlightGeSHi. This...

6.1CVSS6AI score0.0039EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-58037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is...

6.1CVSS6AI score0.0039EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:5 p.m.22 views

CVE-2026-54696 Ruby JSON: JSON generator heap buffer overflow when streaming to an IO

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dumpobj, io and JSON::Stategenerateobj, io can write past the internal JSON generat...

3.7CVSS0.00301EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 11:46 a.m.12 views

CVE-2026-8403

CVE-2026-8403 describes a Stored XSS in Eksagate SYSGUARD 6001 (2.0.2 before 6.1.4.0). The vulnerability stems from improper neutralization of input during web page generation. Affected product is SYSGUARD 6001; vendor is not supported per notes. CVSSv3.1 base score 6.1 (MEDIUM) with Network atta...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-271 Apache Airflow Hive Provider vulnerable to code injection

Apache Software Foundation's Apache Airflow Hive Provider before 6.0.0 is vulnerable to improper control of generation of code...

9.8CVSS7.3AI score0.02765EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 10:57 a.m.5 views

SUSE-SU-2026:2678-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. - CVE-2026-10275: global buffer overflow duri...

6.8CVSS6AI score0.00296EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 6:0 a.m.4 views

BIT-GITLAB-2026-10712 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an unauthenticated user to execute arbitrary JavaScript in a user's browser session due to improper path...

8CVSS6AI score0.00222EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

SUSE SLES15 Security Update : opensc (SUSE-SU-2026:2657-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2657-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References19
NVD
NVD
added 2026/06/26 11:17 p.m.19 views

CVE-2026-55975

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS0.00653EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/26 10:58 p.m.27 views

CVE-2026-55975 H.VIEW HV-500S6 IP Camera OS Command Injection

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS0.00653EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 10:58 p.m.15 views

CVE-2026-55975

CVE-2026-55975 affects H.View IP cameras (e.g., HV-500S6) where an authenticated user can supply unsanitized XML to the device’s certificate generation interface. The input is incorporated into a backend certificate creation command without proper validation, enabling command execution with eleva...

8.6CVSS5.9AI score0.00653EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 12:25 p.m.2 views

SUSE-SU-2026:2657-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References13
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.14 views

PT-2026-52990

Name of the Vulnerable Software and Affected Versions H.View HV-500S6 IP cameras affected versions not specified Description An authenticated user can supply unsanitized XML fields to the certificate generation interface. These fields are incorporated into a backend certificate creation command...

8.6CVSS5.9AI score0.00653EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5247 HashiCorp Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations in github.com/hashicorp/vault

HashiCorp Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations in github.com/hashicorp/vault...

7.5CVSS5.8AI score0.00718EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 1:27 p.m.20 views

CVE-2026-2815

The CVE affects Silicon Labs’ EFR32xG27 devices. Issue: Incorrect use of the PUF key for user key generation leads to predictable keys. This is tied to a CVSS 4.0 base score of 8.4 (HIGH) with adjacent access, low attack complexity, no authentication, and user interaction not required. The vulner...

8.4CVSS5.8AI score0.00159EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:27 p.m.4 views

EUVD-2026-39394

Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys...

8.4CVSS5.8AI score0.00159EPSS
Exploits0References2
Rows per page
Query Builder