Lucene search
+L

657 matches found

Nuclei
Nuclei
added yesterday215 views

Jakarta Tomcat 3.1 and 3.0 - Information Disclosure

Jakarta Tomcat 3.1 and 3.0 under Apache contain a vulnerability in the Snoop servlet that reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension, exploit requires remote access. id: CVE-2000-0760 info: name: Jakarta Tomcat 3.1 and 3.0 -...

6.4CVSS5.4AI score0.62496EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday148 views

FleetCart 4.1.1 - Information Disclosure

Issues with information disclosure in redirect responses. Accessing the majority of the website's pages exposes sensitive data, including the "Razorpay" "razorpayKeyId". id: CVE-2024-5230 info: name: FleetCart 4.1.1 - Information Disclosure author: s4e-io severity: medium description: | Issues wi...

6.9CVSS5.6AI score0.18768EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday75 views

Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure

Electrolink transmitters store credentials in clear-text. Use of these credentials could allow an attacker to access the system. id: CVE-2024-3742 info: name: Electrolink FM/DAB/TV Transmitter controlloLogin.js - Credentials Disclosure author: Farish severity: high description: | Electrolink...

8.7CVSS5.2AI score0.0143EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday57 views

User Meta WP Plugin < 3.1 - Sensitive Information Exposure

The User Meta is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0 via the /views/debug.php file. This makes it possible for unauthenticated attackers, with to extract sensitive configuration data. id: CVE-2024-33575 info: name: User Meta WP Plugin 3.1 -...

5.3CVSS5.2AI score0.01121EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday249 views

Argo CD Unauthenticated Access to sensitive setting

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. id: CVE-2024-37152 info: name: Ar...

7.5CVSS6.2AI score0.02348EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday157 views

NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure

The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getitem function in versions up to, and including, 3.59. This makes it possible for unauthenticated attackers to extract sensitive data includi...

5.3CVSS8.4AI score0.38023EPSS
Exploits0References4
Nuclei
Nuclei
added 2 days ago83 views

Cisco Smart Licensing Utility UnAuthenticated Logs Exposure Leaking Plaintext Credentials

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information.This vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected...

7.5CVSS8.7AI score0.51897EPSS
Exploits0References1
Nuclei
Nuclei
added 3 days ago120 views

WyreStorm Apollo VX20 - Information Disclosure

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext credentials for the SoftAP access point Router /device/config using an HTTP GET request. id: CVE-2024-25735 info: name: WyreStorm Apollo VX20 - Information Disclosure author: johnk3r...

9.1CVSS6.8AI score0.50622EPSS
Exploits4References5
Nuclei
Nuclei
added 5 days ago57 views

D-Link DIR-605 - Information Disclosure

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version - 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page id: CVE-2021-40655 info: name: D-Link DIR-605 - Information Disclosure author: DhiyaneshDK severity: high...

7.5CVSS7.1AI score0.87039EPSS
Exploits1References2
SUSE Linux
SUSE Linux
added 6 days ago5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-53995: net: ipv4: fix one memleak in inetdelifa bsc1255616. CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype bsc1259891. CVE-2026-23451: bonding:...

9.3CVSS6.9AI score0.00574EPSS
Exploits12References260
OSV
OSV
added 2026/07/06 1:11 p.m.2 views

SUSE-SU-2026:22522-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-40341: futex: Don't leak robustlist pointer on exec race bsc1255029. - CVE-2025-71294: drm/amdgpu: fix NULL pointer issue buffer funcs...

9.8CVSS7AI score0.00574EPSS
Exploits18References183
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.7 views

CVE-2026-14388

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-565 vLLM has RCE In Video Processing

Summary A chain of vulnerabilities in vLLM allow Remote Code Execution RCE: 1. Info Leak - PIL error messages expose memory addresses, bypassing ASLR 2. Heap Overflow - JPEG2000 decoder in OpenCV/FFmpeg has a heap overflow that lets us hijack code execution Result: Send a malicious video URL to...

9.8CVSS7.4AI score0.03816EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/06/26 2:14 a.m.6 views

SUSE CVE-2026-52995

In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.8 views

SUSE CVE-2026-53243

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...

5.8AI score0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39194

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...

5.7AI score0.00112EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.16 views

PT-2026-52338

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where an uninitialized stack variable is used within the rseq exit user update function. This occurs because the evaluation order of expressions in an initializer list is...

5.5CVSS6AI score0.00112EPSS
Exploits0References13
NVD
NVD
added 2026/06/24 8:16 a.m.8 views

CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.5CVSS0.00112EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.268 views

Citrix Bleed - Leaking Session Tokens

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA ?virtual?server. id: CVE-2023-4966 info: name: Citrix Bleed - Leaking Session Tokens author: DhiyaneshDK severity: high description: | Sensiti...

9.4CVSS7.5AI score0.99999EPSS
Exploits15References5
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-46303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to...

8.2CVSS6.1AI score0.00278EPSS
Exploits0References3
Rows per page
Query Builder