Lucene search
K

12237 matches found

EUVD
EUVD
added 2026/06/29 2:45 a.m.8 views

EUVD-2026-40025

A vulnerability was found in YunaiV/zhijiantianya ruoyi-vue-pro up to 2026.04-jdk8-SNAPSHOT. The impacted element is the function generateUploadPath of the file yudao-module-infra/src/main/java/cn/iocoder/yudao/module/infra/service/file/FileServiceImpl.java of the component AppFileController File...

7.5CVSS6.5AI score0.00447EPSS
Exploits0References8
CVE
CVE
added 2026/06/29 2:45 a.m.16 views

CVE-2026-13528

CVE-2026-13528 affects YunaiV/zhijiantianya ruoyi-vue-pro up to 2026.04-jdk8-SNAPSHOT. The vulnerable element is the function generateUploadPath in FileServiceImpl.java under the AppFileController File Upload Endpoint. A manipulation can cause path traversal, enabling remote exploitation. The exp...

7.5CVSS6.5AI score0.00447EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/29 12:31 a.m.8 views

EUVD-2026-40007

A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible...

6.3CVSS5AI score0.00216EPSS
Exploits0References8
NVD
NVD
added 2026/06/28 11:16 p.m.11 views

CVE-2026-13510

A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible...

6.3CVSS0.00216EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/28 10:15 p.m.28 views

CVE-2026-13510 SimStudioAI sim Password Protection deployment.ts weak hash

A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible...

6.3CVSS0.00216EPSS
Exploits0References7
CVE
CVE
added 2026/06/28 10:15 p.m.15 views

CVE-2026-13510

CVE-2026-13510 affects SimStudioAI sim up to 0.6.92. The vulnerability lies in the Password Protection Handler, specifically the file: apps/sim/lib/core/security/deployment.ts, where a manipulation leads to use of a weak hash. This can be exploited remotely with high attack complexity, and the ex...

6.3CVSS5AI score0.00216EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 5:16 a.m.14 views

CVE-2026-13482

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS0.00189EPSS
Exploits0References6
CVE
CVE
added 2026/06/28 4:30 a.m.18 views

CVE-2026-13482

CVE-2026-13482 affects skypilot-org/skypilot

6.3CVSS5.2AI score0.00189EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/28 4:30 a.m.9 views

EUVD-2026-39982

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS5.2AI score0.00189EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/28 4:30 a.m.33 views

CVE-2026-13482 skypilot-org skypilot User ID server.py username.encode weak hash

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS0.00189EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.8 views

PT-2026-53166

Name of the Vulnerable Software and Affected Versions SimStudioAI sim versions prior to 0.6.93 Description An issue exists in the Password Protection Handler component within the apps/sim/lib/core/security/deployment.ts library. A remote attacker can perform a manipulation that results in the use...

6.3CVSS5.7AI score0.00216EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-52973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex: Drop CLONETHREAD requirement for private default hash alloc Currently needfutexhashallocatedefault depends on strict pthread semantics, abusing...

7.8CVSS6AI score0.00128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - imafs: Correctly create securityfs files for unsupported hash algos imatpmchip-allocatedbanksi.cryptoid is initialized to HASHALGOLAST if the TPM algorithm is n...

6AI score0.00168EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de dm cache policy smq: fix missing locks in invalidating cache blocks added mq-loc...

7.8CVSS6AI score0.00129EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ip6vti: fix incorrect tunnel matching in vti6tnllookup In vti6tnllookup, when an exact match for a tunnel fails, the code falls back to searching for wildcard...

9.8CVSS6.2AI score0.00559EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:5 a.m.7 views

netfilter: ipset: stop hash:* range iteration at end

...

5.5CVSS5.8AI score0.00164EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/27 6:50 a.m.7 views

CVE-2026-9242

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data Authenticity in all versions up to and including 6.0.8.6. This is due to the PayPal IPN callback handler...

5.3CVSS5.8AI score0.00232EPSS
Exploits0References15
EUVD
EUVD
added 2026/06/26 10:53 p.m.7 views

EUVD-2026-39490

pnpm: Git Fetch Argument Injection via Lockfile resolution.commit...

6.4CVSS5.8AI score0.0018EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/26 9:49 p.m.7 views

pnpm: Tarball hash of GitHub git dependencies is not stored in lockfile

Summary A malicious codeload.github.com server can serve whatever tarball it wants and pnpm will install it regardless of the lockfile. Details The lockfile does not store the hash of the dependencies from https://codeload.github.com This means that if this server was compromised or a person's...

7.5CVSS5.8AI score0.00116EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/06/26 9:16 p.m.9 views

CVE-2026-39031

Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a...

5.5CVSS0.00089EPSS
Exploits1References2
Rows per page
Query Builder