Lucene search
K

72727 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.5 views

CVE-2026-33062

free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The EncodeGroupId function attempts to access array indices 0, 1, 2...

8.7CVSS5.9AI score0.00674EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.4 views

CVE-2026-20967

Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.0106EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:57 p.m.5 views

CVE-2026-22559

An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server Version 10.1.85 and earlier Mitigation: Update UniFi Network Server to...

8.8CVSS5.8AI score0.00358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:57 p.m.2 views

CVE-2026-26115

Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.01095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:57 p.m.1 views

CVE-2026-26106

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

8.8CVSS6AI score0.0137EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 1:16 p.m.5 views

CVE-2025-55270

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc...

9.8CVSS0.00997EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/26 12:59 p.m.21 views

CVE-2025-55270 HCL Aftermarket DPC is affected by Improper Input Validation

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc...

3.5CVSS0.00997EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/26 12:59 p.m.1 views

CVE-2025-55270 HCL Aftermarket DPC is affected by Improper Input Validation

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc...

3.5CVSS6AI score0.00997EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 12:59 p.m.2 views

CVE-2025-55270

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc...

3.5CVSS6AI score0.00997EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/26 12:59 p.m.8 views

CVE-2025-55270

CVE-2025-55270 affects HCL Aftermarket DPC. Connected sources confirm an input validation error that can be exploited to inject executable code, enabling XSS, SQL injection, and command injection, among other attacks. Root cause: improper input validation in the affected component/file. Documente...

9.8CVSS6AI score0.00997EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/03/26 11:18 a.m.125 views

Exploit for Improper Input Validation in Tecrail Responsive_Filemanager

POC-CVE-2020-10567 RCE poc - RESPONSIVE filemanager v.9.14.0...

9.8CVSS8.2AI score0.1929EPSS
Exploits5
SUSE Linux
SUSE Linux
added 2026/03/26 9:46 a.m.3 views

Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.115: CVE-2025-48989: HTTP/2 protocol including DNS over HTTPS is vulnerable to "MadeYouReset" DoS attack bsc1243895. CVE-2025-52434: race condition on connection close when using the APR/Native connector could lead to a JVM...

10CVSS7AI score0.99999EPSS
Exploits107References100
Cvelist
Cvelist
added 2026/03/26 12:25 a.m.30 views

CVE-2026-33183 Saloon has a Fixture Name Path Traversal Vulnerability

Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, fixture names were used to build file paths under the configured fixture directory without validation. A name containing path segments e.g. ../traversal or ../../etc/passwd resulted in a pat...

9.3CVSS0.00566EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.11 views

Wecodex SAT CFDI SQL注入漏洞

Wecodex SAT CFDI is an electronic invoice generation and management system developed by Wecodex Corporation. Version 3.3 of Wecodex SAT CFDI contains a SQL injection vulnerability, which stems from insufficient input validation for the id parameter. This vulnerability may lead to SQL injection...

8.8CVSS5.9AI score0.00245EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.5 views

PT-2026-28295

Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description The software suffers from Improper Input Validation, enabling an attacker to inject executable code. This could lead to attacks such as Cross-Site Scripting XSS, SQL Injection, an...

9.8CVSS6AI score0.00997EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.5 views

NetScaler ADC and NetScaler Gateway Memory Overread (CTX696300 / CVE-2026-3055)

The remote NetScaler ADC formerly Citrix ADC or NetScaler Gateway formerly Citrix Gateway device is version 14.1 prior to 14.1-60.58, 13.1 prior to 13.1-62.23, or 13.1-FIPS/NDcPP prior to 13.1-37.262. It is, therefore, affected by a vulnerability: - Insufficient input validation in NetScaler ADC...

9.8CVSS7.5AI score0.83996EPSS
Exploits7References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.9 views

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.3 contained security...

8.8CVSS5.8AI score0.00445EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.3 views

PT-2026-28523

Name of the Vulnerable Software and Affected Versions BentoML versions prior to 1.4.37 Description BentoML is a Python library used for building online serving systems for AI applications and model inference. A flaw exists where the docker.system packages field within the bentofile.yaml file does...

7.8CVSS6.2AI score0.00257EPSS
Exploits1References13
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.11 views

WebOfisi E-Ticaret 跨站脚本漏洞

WebOfisi E-Ticaret is an e-commerce website building and management system provided by the Turkish company WebOfisi. Version 4.0 of WebOfisi E-Ticaret has a cross-site scripting vulnerability, which stems from insufficient input validation for the “product” parameter. This vulnerability may lead ...

8.8CVSS5.7AI score0.00271EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.4 views

Ory polis 输入验证错误漏洞

Ory Polis is an open-source enterprise single-sign-on and directory synchronization solution developed by Ory. Versions of Ory Polis prior to 26.2.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from improper trust in URL parameters with the callbackUrl...

8.8CVSS5.6AI score0.00428EPSS
Exploits1References2
Rows per page
Query Builder