Lucene search
K

43 matches found

Vulnrichment
Vulnrichment
added 2026/05/27 3:44 p.m.10 views

CVE-2026-44324 free5GC: UDR nudr-dr DELETE amf-subscriptions panics on missing UE state via nil interface type assertion (single authenticated request)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler panics on a single authenticated request against a fresh UDR instance when the supplied ueId does n...

6.5CVSS5.9AI score0.0042EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.8 views

Joplin 信息泄露漏洞

Joplin is an open-source note-taking and to-do application developed by Laurent Cozic. Joplin versions 3.5.2 and earlier contained a vulnerability that led to information leakage. This vulnerability originated from a logical error in the delta API, allowing recipients of shared notes to download...

5.7CVSS5.8AI score0.00267EPSS
Exploits0References1
CNVD
CNVD
added 2026/01/30 12:0 a.m.5 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-11754)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that originates from a security user interface error in split-screen view, which can be exploited by an attacker to bypass security restrictions...

9.8CVSS5.9AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-17761

Malware in sbrugna...

9.8CVSS9.2AI score0.03995EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/09/18 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of the acpidscallcontrolmethod function error, which could lead to reuse after release...

7.8CVSS5.8AI score0.00152EPSS
Exploits0References10
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-39307 Malicious code in wind-interface-error-sed-char (npm)

The package wind-interface-error-sed-char was found to contain malicious code...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-43818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device acpigetfirstphysicalnode can...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References2
Hacker One
Hacker One
added 2025/04/20 6:56 p.m.1260 views

Dust: Unauthorized Table Creation by Member

A member user was able to create tables inside restricted company data spaces, despite the UI indicating that only workspace builders admins should be allowed. The "Add Data" button appeared disabled in the UI, but it was still interactable and functional, allowing the member to successfully crea...

6.9AI score
Exploits0
OSV
OSV
added 2025/03/07 7:15 p.m.3 views

CVE-2025-26643

The UI performs the wrong action in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS5.8AI score0.00657EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.5 views

Intel Server S2600BPBR 输入验证错误漏洞

Intel Server S2600BPBR is a server motherboard from Intel Corporation USA. The Intel Server S2600BPBR UEFI suffers from an input validation error vulnerability that stems from improper input validation. An attacker can exploit the vulnerability to elevate privileges...

8.7CVSS6.6AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2024/10/28 2:15 p.m.15 views

CVE-2024-34537

TYPO3 before 13.3.1 allows denial of service interface error in the Bookmark Toolbar ext:backend, exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. The fixed versions are 10.4.46 ELTS, 11.5.40 LTS, 12.4.21...

4.9CVSS6.7AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.10 views

TYPO3 10.0.0 < 10.4.46 ELTS / 11.0.0 < 11.5.40 / 12.0.0 < 12.4.21 / 13.0.0 < 13.3.1 (TYPO3-CORE-SA-2024-011)

The version of TYPO3 installed on the remote host is prior to 10.0.0 10.4.46 ELTS / 11.0.0 11.5.40 / 12.0.0 12.4.21 / 13.0.0 13.3.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2024-011 advisory. - Due to insufficient input validation, manipulated data saved i...

4.9CVSS5.6AI score0.00684EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.6 views

The vulnerability of the Google Chrome browser’s Navigation function, which allows attackers to perform spoofing attacks

The vulnerability of the Google Chrome browser’s Navigation function is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created HTML page...

5CVSS5.5AI score0.00224EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/16 12:0 a.m.6 views

The vulnerability of the MSHTML platform in Microsoft Windows operating systems allows a hacker to execute a spoofing attack.

The vulnerability of the MSHTML platform in Microsoft Windows systems is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spoofing attack...

10CVSS7.6AI score0.51883EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/27 12:0 a.m.6 views

The vulnerability of Microsoft Edge browser on Android, related to information representation errors in the user interface, allows a hacker to perform a spear-phishing attack.

The vulnerability of Microsoft Edge browser on Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spear-phishing attack...

5CVSS5.5AI score0.00826EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/15 12:0 a.m.5 views

The vulnerability of the Microsoft Dynamics 365 resource planning software, related to errors in the user interface’s information presentation, allows a perpetrator to carry out spear-phishing attacks.

The vulnerability of the Microsoft Dynamics 365 resource planning software is related to errors in information presentation at the user interface level. Exploiting this vulnerability allows an attacker to carry out spear-phishing attacks remotely...

7.6CVSS7.3AI score0.01316EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/31 12:0 a.m.5 views

The vulnerability of Microsoft Edge browser on Android, related to information representation errors in the user interface, allows a hacker to perform a spear-phishing attack.

The vulnerability of Microsoft Edge browser on Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spear-phishing attack...

5.3CVSS6AI score0.00722EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.6 views

The vulnerability of Themes component in the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of Themes component in the Windows operating system is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the system...

7.8CVSS6.9AI score0.22773EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/12/18 12:0 a.m.8 views

The vulnerability of Windows operating system DNS servers, which allows attackers to perform spoofing attacks

The vulnerability of DNS servers in Windows operating systems is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor to perform spoofing attacks remotely...

7.8CVSS7.2AI score0.01563EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/01 12:0 a.m.5 views

The vulnerability of the Jupyter extension in Microsoft Visual Studio’s software development environment allows attackers to perform spear-phishing attacks.

The vulnerability of the Jupyter extension in Microsoft Visual Studio relates to errors in information presentation on the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks...

7.8CVSS7.7AI score0.01509EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder