Lucene search
K

9619 matches found

EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40752

Insufficient validation of untrusted input in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00319EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.11 views

PT-2026-54735

Name of the Vulnerable Software and Affected Versions Guardian language-system affected versions not specified Description An unauthenticated attacker can perform error-based SQL injection by sending crafted values to the id parameter via a GET request to the 'job info.php' endpoint. The issue...

9.8CVSS5.8AI score0.00459EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/01 12:0 a.m.4 views

CVE-2026-51946

SQL Injection vulnerability in GoAdminGroup GoAdmin last release v1.2.26 allows a remote attacker to execute arbitrary code and obtain sensitive information via the the sorttype URL parameter on all /admin/info/table endpoints...

6.5CVSS6.2AI score0.00336EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.11 views

PT-2026-54830

Name of the Vulnerable Software and Affected Versions MCO version 25.3.3.1 Description Account Denial of Service occurs due to the improper implementation of the password reset functionality. Each request to reset a password invalidates the current password and any previously issued temporary...

7.1CVSS5.8AI score0.00204EPSS
Exploits0References7
CVE
CVE
added 2026/07/01 12:0 a.m.8 views

CVE-2026-51946

CVE-2026-51946 describes a SQL injection vulnerability in the GoAdminGroup GoAdmin project (GoAdmin) affecting the last release, v1.2.26. The issue, exploitable via the __sort_type URL parameter on all /admin/info/{table} endpoints, could allow a remote attacker to execute arbitrary code and disc...

6.5CVSS6.2AI score0.00336EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54834

Name of the Vulnerable Software and Affected Versions MCO version 25.3.3.1 Description The application is susceptible to user enumeration via authentication-related features. During password reset and username reminder operations, the system provides different responses depending on whether the...

6.9CVSS5.8AI score0.00211EPSS
Exploits0References7
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-14065

Insufficient validation of untrusted input in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14064

Use after free in PageInfo in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...

7.5CVSS0.00265EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.6 views

DEBIAN-CVE-2026-13978

Insufficient policy enforcement in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13978

Insufficient policy enforcement in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0023EPSS
Exploits0
CVE
CVE
added 2026/06/30 1:2 p.m.21 views

CVE-2026-58016

The CVE-2026-58016 entry concerns GLib, specifically a flaw in g_dbus_node_info_new_for_xml() in gio/gdbusintrospection.c. The issue arises when parsing malformed D-Bus introspection XML (notably a element nested inside ///), causing an unsigned integer overflow and an out-of-bounds read, which ...

9.1CVSS5.8AI score0.00373EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2026/06/30 11:16 a.m.3 views

DEBIAN-CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.7AI score0.00796EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 a.m.3 views

DEBIAN-CVE-2026-50750

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS5.8AI score0.00707EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:16 a.m.8 views

CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS0.00796EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:16 a.m.7 views

CVE-2026-50750

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS0.00707EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 a.m.5 views

UBUNTU-CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.8AI score0.00796EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/30 9:53 a.m.7 views

EUVD-2026-40282

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.7AI score0.00796EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/30 9:53 a.m.8 views

CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.7AI score0.00796EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2026/06/30 9:51 a.m.16 views

CVE-2026-50750

CVE-2026-50750 describes a pre-authentication Denial of Service in Apache ActiveMQ components where an unauthenticated attacker can flood BrokerInfo messages without a ConnectionInfo, causing an Out of Memory condition and broker crash. Affected ranges include Apache ActiveMQ Broker: 5.19.7 befor...

7.5CVSS5.8AI score0.00707EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/06/29 6:50 p.m.9 views

CVE-2026-53427 Cross-site scripting in MDEx via unescaped highlight_lines_class code-fence attribute

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown. When syntax highlighting and full info-string forwarding render: fullinfostring: true are enabled, t...

2.3CVSS5.8AI score0.00405EPSS
Exploits0References4
Rows per page
Query Builder