Lucene search
K

72898 matches found

OSV
OSV
added 2026/03/17 11:16 p.m.5 views

DEBIAN-CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously...

5.4CVSS5.8AI score0.00354EPSS
Exploits2References1
OSV
OSV
added 2026/03/17 11:16 p.m.10 views

UBUNTU-CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously...

5.4CVSS5.8AI score0.00354EPSS
Exploits2References3
Cvelist
Cvelist
added 2026/03/17 10:29 p.m.28 views

CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously...

0.00354EPSS
Exploits2References6
ATTACKERKB
ATTACKERKB
added 2026/03/17 10:29 p.m.12 views

CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously...

5.4CVSS6AI score0.00354EPSS
Exploits2References7
Vulnrichment
Vulnrichment
added 2026/03/17 10:29 p.m.6 views

CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously...

6AI score0.00354EPSS
Exploits2References6
Debian CVE
Debian CVE
added 2026/03/17 10:29 p.m.4 views

CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously...

5.4CVSS5.8AI score0.00354EPSS
Exploits2
EUVD
EUVD
added 2026/03/17 9:31 p.m.6 views

EUVD-2026-12636

Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of...

5.5CVSS5.8AI score0.00341EPSS
Exploits0References2
NVD
NVD
added 2026/03/17 8:16 p.m.4 views

CVE-2026-3563

Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of...

5.5CVSS0.00341EPSS
Exploits0References1
CVE
CVE
added 2026/03/17 7:15 p.m.14 views

CVE-2026-3563

CVE-2026-3563 affects PowerShell Universal prior to version 2026.1.4. The root cause is improper input validation in the apps and endpoints configuration. An authenticated user with permissions to create or modify Apps or Endpoints can override existing application or system routes, producing uni...

5.5CVSS5.8AI score0.00341EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/17 7:15 p.m.3 views

CVE-2026-3563

Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of...

5.5CVSS5.8AI score0.00341EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/17 7:15 p.m.2 views

CVE-2026-3563

Improper input validation in the apps and endpoints configuration in PowerShell Universal before 2026.1.4 allows an authenticated user with permissions to create or modify Apps or Endpoints to override existing application or system routes, resulting in unintended request routing and denial of...

5.8AI score0.00341EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/17 3:36 p.m.5 views

EUVD-2025-208779

HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML code into the page. When the browser loads the page, it may automatically interact with external...

4.7CVSS5.8AI score0.00158EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/17 10:46 a.m.3 views

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

5.9CVSS5.7AI score0.00315EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/17 3:46 a.m.9 views

Security Bulletin: Multiple Vulnerabilities in IBM Edge Application Manager

Summary Multiple vulnerabilities were addressed in IBM Edge Application Manager 5.0.2 Vulnerability Details CVEID:CVE-2026-24842 DESCRIPTION: node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolutio...

8.2CVSS6.8AI score0.00628EPSS
Exploits3Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/17 12:26 a.m.5 views

SUSE CVE-2026-3644

The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output validation applie...

6.5CVSS5.8AI score0.00419EPSS
Exploits0References22
CNVD
CNVD
added 2026/03/17 12:0 a.m.5 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16584)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit...

5.4CVSS5.6AI score0.00255EPSS
Exploits0
CNVD
CNVD
added 2026/03/17 12:0 a.m.4 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16582)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could...

4.8CVSS5.6AI score0.00267EPSS
Exploits0
CNVD
CNVD
added 2026/03/17 12:0 a.m.4 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16585)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could...

8.1CVSS5.6AI score0.00445EPSS
Exploits0
CNVD
CNVD
added 2026/03/17 12:0 a.m.5 views

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16583)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit...

8.7CVSS5.6AI score0.00452EPSS
Exploits0
CNVD
CNVD
added 2026/03/17 12:0 a.m.5 views

Adobe Commerce Input Validation Error Vulnerability (CNVD-2026-16588)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An input validation error vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a denial of service in the application...

5.3CVSS5.7AI score0.00524EPSS
Exploits0
Rows per page
Query Builder