Lucene search
K

928 matches found

Vulnrichment
Vulnrichment
added 2026/02/12 4:22 p.m.8 views

CVE-2025-55210 FreePBX API has a Privilege Escalation Error in GraphQL Allowing Authenticated Users to Access Additional Scopes

FreePBX is an open-source web-based graphical user interface GUI that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api PBX API is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT wit...

2CVSS5.6AI score0.00296EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.7 views

AutoGPT 授权问题漏洞

AutoGPT is an open-source tool developed by AutoGPT. It aims to make AI accessible and usable for everyone. Versions of AutoGPT prior to 0.6.48 contained an authorization vulnerability. This vulnerability stemmed from the lack of enforceable disable flags during graphical verification, allowing...

9.4CVSS6.2AI score0.0048EPSS
Exploits0References3
Fedora
Fedora
added 2026/02/11 1:0 a.m.8 views

[SECURITY] Fedora 42 Update: tuigreet-0.9.1-7.fc42

Graphical console greeter for greetd...

7.5CVSS5.4AI score0.00443EPSS
Exploits1
Fedora
Fedora
added 2026/02/10 1:34 a.m.6 views

[SECURITY] Fedora 43 Update: tuigreet-0.9.1-7.fc43

Graphical console greeter for greetd...

7.5CVSS5.4AI score0.00443EPSS
Exploits1
Fedora
Fedora
added 2026/02/06 1:10 a.m.9 views

[SECURITY] Fedora 42 Update: openqa-5^20250711git28a0214-4.fc42

openQA is a testing framework that allows you to test GUI applications on one hand and bootloader and kernel on the other. In both cases, it is difficult to script tests and verify the output. Output can be a popup window or it can be an error in early boot even before init is executed. openQA is...

8.2CVSS6AI score0.01535EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.6 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in Huawei HarmonyOS, which stems from a concurrency issue in the graphical module’s reutilization...

8.4CVSS7.1AI score0.00066EPSS
Exploits0References2
OSV
OSV
added 2026/02/02 11:40 p.m.6 views

USN-8003-1 openjdk-21-crac vulnerabilities

It was discovered that the RMI component of CRaC JDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00864EPSS
Exploits1References5
Redos
Redos
added 2026/01/29 12:0 a.m.5 views

ROS-20260129-73-0024

A vulnerability in the GIMP graphical editor is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information and cause a denial of service via a malicious file...

7.8CVSS6AI score0.00644EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/01/26 9:58 a.m.190 views

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerability Detection and Exploitation Tool...

9.8CVSS7.5AI score0.98871EPSS
Exploits61
GithubExploit
GithubExploit
added 2026/01/26 9:58 a.m.212 views

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerability Detection and Exploitation Tool...

9.8CVSS7.5AI score0.98871EPSS
Exploits61
GithubExploit
GithubExploit
added 2026/01/23 10:36 a.m.363 views

Exploit for Deserialization of Untrusted Data in Facebook React

🔍 Next.js Security Testing Tool Professiona...

10CVSS5.7AI score0.99562EPSS
Exploits373
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : qt5-qtbase-5.15.3-5.el8 (AXSA:2023-7239:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7239:02 advisory. qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw ...

7.5CVSS6AI score0.01324EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.7 views

CVE-2021-22804

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphica...

7.5CVSS6.7AI score0.01294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.25 views

CVE-2021-22709

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF Configuration Group File fil...

9.3CVSS7.7AI score0.02EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.47 views

CVE-2021-22710

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF Configuration Group File file is imported to IGS...

9.3CVSS7.7AI score0.02EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.7 views

CVE-2021-22823

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector dc.exe V15.0.0.21320...

9.1CVSS7AI score0.21388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.7 views

CVE-2021-22805

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. Affected Product: Interactive Graphical SCADA System Data Collector dc.exe V15.0.0.21243...

9.1CVSS6.9AI score0.0085EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.10 views

CVE-2021-22711

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

9.3CVSS6.9AI score0.00796EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/01/05 7:6 a.m.154 views

Exploit for Deserialization of Untrusted Data in Facebook React

🔍 Next.js Security Testing Tool Professiona...

10CVSS7.4AI score0.99562EPSS
Exploits373
GithubExploit
GithubExploit
added 2026/01/02 7:23 p.m.203 views

Exploit for Deserialization of Untrusted Data in Facebook React

🔍 Next.js Security Testing Tool Professiona...

10CVSS6.7AI score0.99562EPSS
Exploits373
Rows per page
Query Builder