Lucene search
K

72809 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.4 views

CVE-2026-28894

A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A remote attacker may be able to cause a denial-of-service...

7.5CVSS5.8AI score0.00665EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.5 views

CVE-2026-28844

A file access issue was addressed with improved input validation. This issue is fixed in macOS Tahoe 26.4. An attacker may gain access to protected parts of the file system...

6.5CVSS5.8AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.3 views

CVE-2026-28886

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may ...

5.9CVSS5.8AI score0.00653EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.3 views

CVE-2026-31996

OpenClaw versions prior to 2026.2.19 tools.exec.safeBins contains an input validation bypass vulnerability that allows attackers to execute unintended filesystem operations through sort output flags or recursive grep flags. Attackers with command execution access can leverage sort -o flag for...

7.1CVSS6.2AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.3 views

CVE-2025-20096

Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when...

5.9CVSS5.8AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.4 views

CVE-2026-21282

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input,...

5.3CVSS5.8AI score0.00524EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.3 views

CVE-2026-21310

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass, with limited impact to integrity. Exploitation of this issue does not require user...

5.3CVSS5.8AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.12 views

CVE-2026-3848

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintended internal requests through proxy environments under certain conditions due to improper input...

5CVSS5.8AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.8 views

CVE-2026-30915

SFTPGo is an open source, event-driven file transfer solution. SFTPGo versions before v2.7.1 contain an input validation issue in the handling of dynamic group paths, for example, home directories or key prefixes. When a group is configured with a dynamic home directory or key prefix using...

5.3CVSS5.8AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.5 views

CVE-2026-32322

soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-1717

An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges...

6.8CVSS5.9AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-1715

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...

7.1CVSS5.9AI score0.00148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.4 views

CVE-2026-33311

DiceBear is an avatar library for designers and developers. Starting in version 5.0.0 and prior to versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, SVG attribute values derived from user-supplied options backgroundColor, fontFamily, textColor were not XML-escaped before interpolation into SVG...

4.7CVSS5.8AI score0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.3 views

CVE-2026-20117

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability exists because the web-based management interfa...

6.1CVSS6AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.3 views

CVE-2026-4004

The Task Manager plugin for WordPress is vulnerable to arbitrary shortcode execution via the 'search' AJAX action in all versions up to, and including, 3.0.2. This is due to missing capability checks in the callbacksearch function and insufficient input validation that allows shortcode syntax...

6.5CVSS6.1AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.4 views

CVE-2025-20064

Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...

8.7CVSS5.8AI score0.00115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.5 views

CVE-2025-20068

Improper input validation in the UEFI ImcErrorHandler module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...

7.1CVSS5.7AI score0.00101EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.4 views

CVE-2025-20027

Improper input validation in the UEFI WheaERST module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

7.1CVSS5.7AI score0.00102EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.6 views

CVE-2026-3912

Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows information disclosure, including exposure of accessible local files and host system details, and may allow manipulation of application behaviour...

8.7CVSS5.7AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.7 views

CVE-2026-30960

rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...

9.4CVSS5.9AI score0.0021EPSS
Exploits0References1
Rows per page
Query Builder