Lucene search
K

17824 matches found

NVD
NVD
added 1 hour ago2 views

CVE-2026-44682

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS
Exploits0References1
NVD
NVD
added 1 hour ago2 views

CVE-2026-44609

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS
Exploits0References1
NVD
NVD
added 1 hour ago3 views

CVE-2026-50033

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 hours ago1 views

CVE-2026-44682

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS7.1AI score
Exploits0References2
Cvelist
Cvelist
added 2 hours ago2 views

CVE-2026-50033

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS
Exploits0References1
CVE
CVE
added 2 hours ago3 views

CVE-2026-50033

CVE-2026-50033 affects Acronis DeviceLock DLP for Windows prior to build 9.0.15051.93227, enabling local privilege escalation via DLL hijacking. CVSS v3.0 base score 7.3 (High); attack vector LOCAL, privileges required LOW, user interaction REQUIRED. No exploitation details are provided in the co...

7.3CVSS7.1AI score
Exploits0References1
Cvelist
Cvelist
added 2 hours ago2 views

CVE-2026-44609

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 hours ago1 views

CVE-2026-44609

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS7.1AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 12 hours ago4 views

libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential...

8.2CVSS5.8AI score0.00014EPSS
Exploits1References5
Securelist
Securelist
added 13 hours ago2 views

Argamal: Malware hidden in hentai games

In April 2026, we discovered a new malware campaign targeting players of "hentai" games. Once launched, the infected games install a previously unknown malicious implant on the user's machine. After a few days, the implant downloads and executes a Trojan, resulting in full system compromise and...

5.9AI score
Exploits0
Nuclei
Nuclei
added 16 hours ago33 views

SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting

A vulnerability was found in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, affecting the device description parameter in the web interface. This flaw allows stored cross-site scripting XSS, enabling attackers to inject JavaScript code. The attack can be executed remote...

8.3CVSS5.5AI score0.4658EPSS
Exploits3References5
Nuclei
Nuclei
added 16 hours ago23 views

ZZcms - Cross-Site Scripting

ZZcms 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript code in the referer header via user/login.php, which can allow theft of cookie-based credentials and launch of subsequent attacks. id: CVE-2020-20285 info: name: ZZcms -...

5.4CVSS6.1AI score0.06066EPSS
Exploits1References3
Nuclei
Nuclei
added 16 hours ago171 views

Reflected XSS - Telerik Reporting Module

Cross-site scripting vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 11.0.17.406 allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd. id:...

6.1CVSS7AI score0.04838EPSS
Exploits0References5
Nuclei
Nuclei
added 16 hours ago29 views

Podcast Channels < 0.28 - Cross-Site Scripting

The Podcast Channels WordPress plugin was affected by an unauthenticated reflected cross-site scripting security vulnerability. id: CVE-2014-4544 info: name: Podcast Channels 0.28 - Cross-Site Scripting author: daffainfo severity: medium description: The Podcast Channels WordPress plugin was...

6.1CVSS6.2AI score0.02584EPSS
Exploits1References4
Nuclei
Nuclei
added 16 hours ago50 views

AppServ Open Project <=2.5.10 - Cross-Site Scripting

AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter. id: CVE-2008-2398 info: name: AppServ Open Project =2.5.11 or apply the necessary security patches...

4.3CVSS5.8AI score0.00841EPSS
Exploits1References3
Nuclei
Nuclei
added 16 hours ago29 views

WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting

WordPress MW Font Changer plugin 4.2.5 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

6.1CVSS6.5AI score0.07251EPSS
Exploits2References5
Nuclei
Nuclei
added 16 hours ago26 views

WordPress Admin Font Editor <=1.8 - Cross-Site Scripting

WordPress Admin Font Editor 1.8 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

6.1CVSS6.5AI score0.02196EPSS
Exploits2References5
Nuclei
Nuclei
added 16 hours ago29 views

FineCMS <=5.0.10 - Cross-Site Scripting

FineCMS through 5.0.10 contains a cross-site scripting vulnerability in controllers/api.php via the function parameter in a c=api&m=data2 request. id: CVE-2017-11629 info: name: FineCMS =5.0.11 which includes a fix for this vulnerability. reference: -...

6.1CVSS6.2AI score0.00433EPSS
Exploits1References4
Nuclei
Nuclei
added 16 hours ago31 views

WBCE CMS v1.5.4 - Cross Site Scripting (Stored)

A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field. id: CVE-2022-45038 info: name: WBCE CMS v1.5.4 - Cross Site Scripting Stored author:...

5.4CVSS6.2AI score0.04241EPSS
Exploits1References3
Nuclei
Nuclei
added 16 hours ago25 views

Academy LMS 6.0 - Cross-Site Scripting

Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting XSS vulnerability through query parameter. id: CVE-2023-38964 info: name: Academy LMS 6.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Creative Item Academy LMS 6.0 was discovered to...

6.1CVSS6.2AI score0.05338EPSS
Exploits1References2
Rows per page
Query Builder