Lucene search
+L

10353 matches found

Cvelist
Cvelist
added 2026/07/05 7:30 a.m.35 views

CVE-2026-14722 tiddly-gittly TidGi-Desktop Git Repository Import loadWikiTiddlersWithSubWikis.ts code injection

A vulnerability was found in tiddly-gittly TidGi-Desktop up to 0.13.0. This impacts an unknown function of the file src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts of the component Git Repository Import. The manipulation results in code injection. The attack may be performed from...

7.5CVSS0.00315EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 7:30 a.m.18 views

CVE-2026-14722

TidGi-Desktop (tiddly-gittly) up to 0.13.0 is affected by a vulnerability in the Git Repository Import path, specifically src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts, enabling code injection. The issue is triggered by manipulation of the referenced function and is exploitable rem...

7.5CVSS6.7AI score0.00315EPSS
Exploits0References6
OSV
OSV
added 2026/07/05 7:30 a.m.5 views

CVE-2026-14722 tiddly-gittly TidGi-Desktop Git Repository Import loadWikiTiddlersWithSubWikis.ts code injection

A vulnerability was found in tiddly-gittly TidGi-Desktop up to 0.13.0. This impacts an unknown function of the file src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts of the component Git Repository Import. The manipulation results in code injection. The attack may be performed from...

6.9CVSS6.7AI score0.00315EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.12 views

PT-2026-55775

Name of the Vulnerable Software and Affected Versions tiddly-gittly TidGi-Desktop versions prior to 0.13.1 Description A remote code injection issue exists within the Git Repository Import component. The flaw is located in the src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts file, whe...

9.6CVSS7.3AI score0.00315EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/07/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-14610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file...

5.3CVSS6AI score0.00128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-14604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file...

6.5CVSS6.2AI score0.00233EPSS
Exploits0References4
NVD
NVD
added 2026/07/03 9:16 p.m.7 views

CVE-2026-14610

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/07/03 9:16 p.m.6 views

DEBIAN-CVE-2026-14610

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

4.8CVSS6.2AI score0.00128EPSS
Exploits0References1
OSV
OSV
added 2026/07/03 9:16 p.m.5 views

UBUNTU-CVE-2026-14610

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS5.9AI score0.00128EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2026/07/03 8:45 p.m.7 views

CVE-2026-14610

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS6.2AI score0.00128EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/03 8:45 p.m.44 views

CVE-2026-14610 Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile heap-based overflow

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/07/03 7:16 p.m.10 views

CVE-2026-14604

A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...

6.5CVSS0.00233EPSS
Exploits0References6
OSV
OSV
added 2026/07/03 7:16 p.m.4 views

UBUNTU-CVE-2026-14604

A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...

6.3CVSS6.3AI score0.00233EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/03 6:30 p.m.7 views

EUVD-2026-41561

A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...

6.5CVSS5.6AI score0.00233EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/07/03 6:30 p.m.8 views

CVE-2026-14604

A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...

6.5CVSS6.3AI score0.00233EPSS
Exploits0
OSV
OSV
added 2026/07/03 8:55 a.m.5 views

OPENSUSE-SU-2026:21222-1 Security update for systemd

This update for systemd fixes the following issues: Changes in systemd: - Better handle TLS allocation failure bsc1254924. - Disable mounting debugfs by default jscPED-8812. - Import commit 9e8b5afe0fb2061f4a17a3022469dd62f2683960 bsc1267647 bsc1267644 bsc1262305 bsc1263117. - Move systemd-pcrloc...

6AI score
Exploits0References12
OSV
OSV
added 2026/07/03 8:39 a.m.3 views

SUSE-SU-2026:22537-1 Security update for systemd

This update for systemd fixes the following issues: Changes in systemd: - Better handle TLS allocation failure bsc1254924. - Disable mounting debugfs by default jscPED-8812. - Import commit 9e8b5afe0fb2061f4a17a3022469dd62f2683960 bsc1267647 bsc1267644 bsc1262305 bsc1263117. - Move systemd-pcrloc...

6.1AI score
Exploits0References13
NVD
NVD
added 2026/07/03 6:16 a.m.10 views

CVE-2026-11397

The WP Import Export Lite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 3.9.30 via the wpieimportuploadfilefromurl AJAX action. The plugin's URL downloader first calls wpsaferemoteget which correctly blocks private/reserved IP ranges, but wh...

5.5CVSS0.00235EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/03 4:30 a.m.11 views

EUVD-2026-41489

The WP Import Export Lite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 3.9.30 via the wpieimportuploadfilefromurl AJAX action. The plugin's URL downloader first calls wpsaferemoteget which correctly blocks private/reserved IP ranges, but wh...

5.5CVSS5.9AI score0.00235EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/03 4:30 a.m.38 views

CVE-2026-11397 WP Import Export Lite <= 3.9.30 - Authenticated (Administrator+) Server-Side Request Forgery via 'file_url' Parameter

The WP Import Export Lite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 3.9.30 via the wpieimportuploadfilefromurl AJAX action. The plugin's URL downloader first calls wpsaferemoteget which correctly blocks private/reserved IP ranges, but wh...

5.5CVSS0.00235EPSS
Exploits0References6
Rows per page
Query Builder