Lucene search
K

10725 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-51820

Name of the Vulnerable Software and Affected Versions OpenText Access Manager versions 5.1 through 5.1.2 Description Improper neutralization of input during web page generation allows Cross-Site Scripting XSS, a condition where malicious scripts are injected into trusted websites. Recommendations...

8.2CVSS5.8AI score0.0013EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-52150

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBULibrarySlot JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from...

8.8CVSS7.7AI score0.00689EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/23 12:15 p.m.8 views

EUVD-2026-38445

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. E-Commerce allows Reflected XSS. This issue affects e-Commerce: before 1.25.01.06...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 12:15 p.m.13 views

CVE-2026-10857

CVE-2026-10857 – Reflected XSS in AKINSoft e-Commerce Affected product: AKIN Software Computer Import Export Industry and Trade Ltd. E-Commerce.Vulnerability: Reflected Cross-Site Scripting due to improper neutralization of input during web page generation.Root cause: insufficient sanitization of...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/23 12:0 a.m.8 views

Ubiquiti UniFi OS Improper Input Validation Vulnerability

Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injection...

10CVSS5.9AI score0.78555EPSS
In wildExploits2
OSV
OSV
added 2026/06/22 5:39 a.m.5 views

BIT-DOTNET-SDK-2026-35433 .NET Elevation of Privilege Vulnerability

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...

7.3CVSS5.8AI score0.00662EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 5:39 a.m.3 views

BIT-DOTNET-2026-35433 .NET Elevation of Privilege Vulnerability

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...

7.3CVSS5.8AI score0.00662EPSS
Exploits0References5
CVE
CVE
added 2026/06/19 3:53 p.m.15 views

CVE-2026-12621

GridTime 3000 GNSS Time Server Password Reset form is vulnerable to XSS due to improper neutralization of input during web page generation. Affected from 1.0r0.03 up to, but not including, 1.2r0.0. Base CVSS v4 score is 5.3 (Medium). No exploitation details are provided in the documents; no remed...

5.3CVSS5.8AI score0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 3:40 p.m.7 views

EUVD-2026-38038

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting XSS. This issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0...

5.1CVSS5.8AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/06/19 2:16 p.m.14 views

CVE-2026-39998

Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the...

8.8CVSS0.00403EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 1:4 p.m.6 views

CVE-2026-39998

Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the...

5.8CVSS5.8AI score0.00403EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux-Firmware

Improper input validation in some IntelR PROSet/Wireless WiFi and KillerTM WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access...

6.5CVSS6.6AI score0.0061EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux - Vulnerability in node-sha.js

There is a vulnerability in input validation in sha.js that allows for manipulation of input data. This issue affects sha.js version 2.4.11...

9.1CVSS7.1AI score0.00651EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

Improper input validation in some IntelR TDX module software prior to version 1.5.05.46.698 may allow a privileged user to potentially enable privilege escalation through local access...

6.7CVSS6.4AI score0.00368EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50945

Name of the Vulnerable Software and Affected Versions GridTime 3000 versions 1.0r0.03 through 1.1r0.0 Description Improper neutralization of input during web page generation allows for Cross-Site Scripting XSS, a condition where malicious scripts are injected into trusted websites. Recommendation...

5.1CVSS5.8AI score0.0023EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:54 p.m.7 views

CVE-2026-40624

Improper input validation in AVer PTC500S, PTC115, PTC500+, and PTC115+ cameras may allow a remote, unauthenticated attacker to achieve arbitrary code execution via a specially crafted web request...

9.8CVSS5.8AI score0.00616EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/18 10:43 a.m.8 views

EUVD-2026-37873

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bricksable for Bricks Builder allows Stored XSS. This issue affects Bricksable for Bricks Builder: from n/a through 1.6.83...

5.9CVSS5.3AI score0.0014EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.5 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23228)

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of activenumconn in ksmbdtcpnewconnection On kthreadrun failure in ksmbdtcpnewconnection, the transport is freed via freetransport, which does not decrement activenumconn, leaking this counter. Replace...

5.5CVSS5.9AI score0.00118EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23037)

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: allow partial RX URB allocation to succeed When es58xallocrxurbs fails to allocate the requested number of URBs but succeeds in allocating some, it returns an error code. This causes es58xopen to return early,...

5.7AI score0.00217EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.17 views

PT-2026-50820

Name of the Vulnerable Software and Affected Versions AVer PTC500S affected versions not specified AVer PTC115 affected versions not specified AVer PTC500+ affected versions not specified AVer PTC115+ affected versions not specified Description Improper input validation in these networked...

9.8CVSS6.5AI score0.00616EPSS
Exploits0References8
Rows per page
Query Builder