Lucene search
K

1567 matches found

NVD
NVD
added 3 hours ago3 views

CVE-2026-20187

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

7.5CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.6 views

CVE-2026-25271

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use...

7.8CVSS6AI score0.00052EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-55995

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description Memory corruption occurs when processing asynchronous input parameters. This is caused by a Time-of-Check to Time-of-Use TOCTOU race condition, where values are...

7.8CVSS6.1AI score0.00052EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 8:57 p.m.11 views

EUVD-2026-40130

Rancher has Privilege Escalation from Project Owner to Host...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/15 8:19 p.m.8 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the AsyncHTTPClient. An attacker can cause excessive memory...

7.5CVSS5.9AI score0.00052EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 4:29 p.m.11 views

USN-8409-1 uriparser vulnerability

It was discovered that uriparser incorrectly handled certain URI strings. An attacker could possibly use this issue to cause uriparser to crash, resulting in a denial of service...

2.9CVSS5.5AI score0.00122EPSS
Exploits0References2
Redos
Redos
added 2026/06/09 12:0 a.m.10 views

ROS-20260609-73-0022

The vulnerability of the Telemetry component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

9.6CVSS5.4AI score0.00539EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/05 11:8 a.m.44 views

CVE-2026-25659 Ericsson Packet Core Gateway (PCG) - Improper handling of missing values Vulnerability

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Missing Values CWE-230 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers...

7.1CVSS0.00165EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 11:8 a.m.9 views

CVE-2026-25659

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Missing Values CWE-230 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers...

7.1CVSS5.4AI score0.00165EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/05 11:3 a.m.9 views

CVE-2026-25657

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure CWE-228 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the...

7.1CVSS5.4AI score0.00165EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.18 views

PT-2026-46935

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Missing Values CWE-230 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers...

7.1CVSS5.4AI score0.00165EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

SourceCodester Customer Review App 安全漏洞

SourceCodester Customer Review App is an open-source customer review application developed by SourceCodester. Version 1.0 of the SourceCodester Customer Review App contains a security vulnerability. This vulnerability stems from incorrect handling of parameters name and comment in the functions...

4.8CVSS4.7AI score0.0012EPSS
Exploits0References7
Veracode
Veracode
added 2026/05/23 6:1 a.m.11 views

Path Traversal

.NET Core is vulnerable to Path Traversal. The vulnerability is due to improper handling of specially crafted files, which allows an attacker to write arbitrary files and directories to unintended locations on a vulnerable system...

4.3CVSS5.9AI score0.00711EPSS
Exploits0References3Affected Software4
GithubExploit
GithubExploit
added 2026/05/20 8:12 a.m.91 views

Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel

CVE-2026-31635...

7.5CVSS6AI score0.00817EPSS
Exploits4
OSV
OSV
added 2026/05/20 12:31 a.m.7 views

GHSA-XMJC-63PR-2MPG Drupal core allows Object Injection

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...

6.6CVSS5.4AI score0.00399EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

Drupal core SQL注入漏洞

Drupal Core is a free, open-source content management system developed in PHP by the Drupal community. Versions of Drupal Core from 8.9.0 to 10.4.10, from 10.5.0 to 10.5.10, from 10.6.0 to 10.6.9, from 11.0.0 to 11.1.10, from 11.2.0 to 11.2.12, and from 11.3.0 to 11.3.10 have SQL injection...

9.8CVSS6.1AI score0.84631EPSS
Exploits14References2
EUVD
EUVD
added 2026/05/19 6:32 a.m.12 views

EUVD-2026-30846

Improper Check or Handling of Exceptional Conditions vulnerability in Samsung Open Source Escargot allows Input Data Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

5.5CVSS5.8AI score0.00266EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Apache OFBiz 安全漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.06 contained security vulnerabilities, which were caused by improper handling of...

6.5CVSS5.8AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.21 views

PT-2026-41838

Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description Improper check or handling of exceptional conditions in Samsung Open Source Escargot allows for input data manipulation. Recommendations At the moment, there is no informati...

7.5CVSS5.4AI score0.00266EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/05/18 3:9 a.m.79 views

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

apache-struts-cve-2017-56...

10CVSS5.8AI score0.99999EPSS
Exploits44
Rows per page
Query Builder