Lucene search
K

2913 matches found

NVD
NVD
added 2026/03/26 10:16 p.m.4 views

CVE-2026-33674

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 improperly use the validation framework. Versions 8.2.5 and 9.1.0 contain a fix. No known workarounds are available...

5.3CVSS0.00237EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 9:42 p.m.3 views

CVE-2026-33674

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 improperly use the validation framework. Versions 8.2.5 and 9.1.0 contain a fix. No known workarounds are available...

2CVSS5.8AI score0.00237EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.2 views

CVE-2025-52646

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

5.3CVSS6AI score0.00147EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 5:16 p.m.4 views

CVE-2026-25345

Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SimpLy Gallery: from n/a through = 3.3.2...

9.9CVSS0.00447EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.4 views

IBM InfoSphere Information Server 代码问题漏洞

IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for integrating, cleansing, and managing data from disparate sources. A security vulnerability exists in IBM InfoSphere Information Server that stems from the system failing to adequately validate the target of ...

5.4CVSS5.8AI score0.0022EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/25 12:0 a.m.5 views

CVE-2025-59706

In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution...

6.1AI score0.00527EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

N2W 安全漏洞

N2W is a data backup and recovery software developed by N2W Corporation. Versions of N2W prior to 4.3.2 and 4.4.1 contained security vulnerabilities. These vulnerabilities were caused by improper validation of API request parameters, which could lead to remote code execution...

9.8CVSS6.2AI score0.00527EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

IBM InfoSphere Information Server 代码问题漏洞

IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for data quality management and information integration. IBM InfoSphere Information Server suffers from a server-side request forgery SSRF vulnerability that stems from the system failing to adequately validate...

5.4CVSS5.8AI score0.00207EPSS
Exploits0References2
CVE
CVE
added 2026/03/25 12:0 a.m.10 views

CVE-2025-59706

The CVE affects N2W prior to 4.3.2 and 4.4.0 prior to 4.4.1, where improper validation of API request parameters enables remote code execution. Root cause: parameter validation weakness in API handling. Impact: potential RCE with high severity. Mitigation: upgrade to a fixed release (N2W 4.3.2+ a...

9.8CVSS6.1AI score0.00527EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/03/23 6:16 p.m.2 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the NGAP message handling process. An attacker can cause the application to panic and potentially crash by sending specially crafted messages with invalid PDU Session IDs. Remediation Upgrade...

7.5CVSS6.4AI score0.00393EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/23 6:16 p.m.4 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the NGAP message handling process. An attacker can cause the application to panic and potentially crash by sending specially crafted messages with invalid PDU Session IDs. Remediation Upgrade...

7.5CVSS6.4AI score0.00393EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/23 6:16 p.m.2 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the NGAP message handling process. An attacker can cause the application to panic and potentially crash by sending specially crafted messages with invalid PDU Session IDs. Remediation Upgrade...

7.5CVSS6.4AI score0.00393EPSS
Exploits0References3
OSV
OSV
added 2026/03/23 3:30 p.m.6 views

GHSA-R3HF-Q3MF-7H6W HybridAuth Has Improper SSL Certificate Validation in Curl HTTP Client

A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This...

6.3CVSS5.5AI score0.00181EPSS
Exploits0References6
OSV
OSV
added 2026/03/23 9:41 a.m.6 views

CLSA-2026-1774258892 postgresql: Fix of CVE-2026-2003

CVE-2026-2003: fix improper validation of oidvector and prevent disclosure of a few bytes of server memory...

4.3CVSS5.8AI score0.00281EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/20 4:38 a.m.3 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the RechargePut function in the nchf-convergedcharging service. An attacker can cause a server-side panic and disrupt recharge functionality by sending a crafted authenticated PUT request with an...

7.1CVSS5.8AI score0.00404EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:48 p.m.3 views

Improper Validation of Specified Quantity in Input

Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the chunksize parameter in app.addmediafile and app.addmediafiles media routes. An attacker can cause excessi...

7.5CVSS5.8AI score0.00599EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:31 p.m.2 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in protocol parser components. An attacker can cause the application to crash or exhaust resources by sending specially crafted, malformed network packets to a monitored network interface. Note: This i...

5.9CVSS5.8AI score0.00239EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:31 p.m.5 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in protocol parser components. An attacker can cause the application to crash or exhaust resources by sending specially crafted, malformed network packets to a monitored network interface. Note: This i...

5.9CVSS5.8AI score0.00239EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.8 views

PT-2026-26325

Improper Validation of Specified Quantity in Input CWE-1284 in the Timelion visualization plugin in Kibana can lead Denial of Service via Excessive Allocation CAPEC-130. The vulnerability allows an authenticated user to send a specially crafted Timelion expression that overwrites internal series...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/18 8:19 p.m.7 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the DecryptBytes function. An attacker can cause the process or goroutine to crash by sending a crafted AES-CBC encrypted assertion with a plaintext of all zero bytes, which triggers a panic due to...

8.7CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder