Lucene search
K

790 matches found

EUVD
EUVD
added 2026/03/26 1:2 a.m.5 views

EUVD-2026-16078

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

4.8CVSS5.4AI score0.0012EPSS
Exploits0References7
CVE
CVE
added 2026/03/26 1:2 a.m.14 views

CVE-2026-4833

CVE-2026-4833 affects Orc discount up to 3.0.1.2, specifically the Markdown Handler's markdown.c compile function. The issue causes uncontrolled recursion when fed input such as an infinitely deep blockquote, leading to a local-execution crash. Public exploit availability exists, and the project ...

4.8CVSS5.4AI score0.0012EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/26 1:2 a.m.32 views

CVE-2026-4833 Orc discount Markdown markdown.c compile recursion

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

4.8CVSS0.0012EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/26 1:2 a.m.5 views

CVE-2026-4833

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

4.8CVSS5.4AI score0.0012EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/03/26 1:2 a.m.4 views

CVE-2026-4833

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

4.8CVSS4.2AI score0.0012EPSS
Exploits0
EUVD
EUVD
added 2026/03/26 12:30 a.m.4 views

EUVD-2026-16005

A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this vulnerability is an unknown functionality of the component NTLM2 Handler. Executing a manipulation can lead to information disclosure. The attack is restricted to local execution. Attacks of this nature are highl...

2.5CVSS5.1AI score0.00131EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.10 views

PT-2026-28186

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

4.8CVSS5.4AI score0.0012EPSS
Exploits0References8
NVD
NVD
added 2026/03/25 10:16 p.m.9 views

CVE-2026-4823

A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this vulnerability is an unknown functionality of the component NTLM2 Handler. Executing a manipulation can lead to information disclosure. The attack is restricted to local execution. Attacks of this nature are highl...

2.5CVSS0.00131EPSS
Exploits0References5
CVE
CVE
added 2026/03/25 9:44 p.m.12 views

CVE-2026-4823

CVE-2026-4823 concerns Enter Software Iperius Backup (≤ 8.7.3). The issue affects an unspecified function in the NTLM2 Handler component, enabling an information disclosure under local execution. The attack surface is limited to local access, with high attack complexity and a low overall risk sco...

2.5CVSS5.1AI score0.00131EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-28133

Name of the Vulnerable Software and Affected Versions Enter Software Iperius Backup versions up to 8.7.3 Description A flaw exists in Enter Software Iperius Backup related to the NTLM2 Handler component, potentially leading to information disclosure. Exploitation is limited to local execution and...

2.5CVSS5.7AI score0.00131EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/22 3:31 p.m.5 views

EUVD-2026-14303

A weakness has been identified in Flos Freeware Notepad2 4.2.25. This impacts an unknown function in the library TextShaping.dll. Executing a manipulation can lead to uncontrolled search path. The attack is restricted to local execution. The attack requires a high level of complexity. The...

7.3CVSS6.6AI score0.00211EPSS
Exploits1References5
CVE
CVE
added 2026/03/22 1:2 p.m.16 views

CVE-2026-4546

CVE-2026-4546 affects Flos Freeware Notepad2 4.2.25, where a weakness in the TextShaping.dll library leads to an uncontrolled search path. The issue is exploitable only via local access with high attack complexity and low privileges required, potentially impacting confidentiality, integrity, and ...

7.3CVSS6.6AI score0.00211EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/22 1:2 p.m.1 views

CVE-2026-4546 Flos Freeware Notepad2 TextShaping.dll uncontrolled search path

A weakness has been identified in Flos Freeware Notepad2 4.2.25. This impacts an unknown function in the library TextShaping.dll. Executing a manipulation can lead to uncontrolled search path. The attack is restricted to local execution. The attack requires a high level of complexity. The...

7.3CVSS5.3AI score0.00211EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/03/22 9:15 a.m.5 views

CVE-2026-4541

A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/cryptosigned25519tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local...

2.5CVSS4.9AI score0.00083EPSS
Exploits0References10
OSV
OSV
added 2026/03/22 9:15 a.m.12 views

UBUNTU-CVE-2026-4541

A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/cryptosigned25519tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local...

2.5CVSS4.8AI score0.00083EPSS
Exploits0References11
CVE
CVE
added 2026/03/22 8:35 a.m.28 views

CVE-2026-4541

The CVE-2026-4541 entry concerns janmojzis tinyssh (up to 20250501) with a flaw in the Ed25519 Signature Handler—specifically in tinyssh/crypto_sign_ed25519_tinyssh.c. The issue is described as improper verification of a cryptographic signature in a local-execution scenario, with high attack comp...

2.5CVSS4.7AI score0.00083EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/03/22 12:0 a.m.7 views

PT-2026-27008

Name of the Vulnerable Software and Affected Versions Flos Freeware Notepad2 version 4.2.25 Description A weakness exists in Flos Freeware Notepad2 4.2.25, impacting an unknown function within the TextShaping.dll library. Exploitation involves a manipulation that can lead to an uncontrolled searc...

7.3CVSS7AI score0.00211EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/03/18 1:34 a.m.3 views

CVE-2026-22168

OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle malicious arguments throug...

7.1CVSS6.2AI score0.00406EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/18 1:34 a.m.29 views

CVE-2026-22168 OpenClaw < 2026.2.21 - Command Injection via cmd.exe /c Trailing Arguments in system.run

OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle malicious arguments throug...

7.1CVSS0.00406EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/18 1:34 a.m.4 views

EUVD-2026-12708

OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in system.run that allows authenticated operators to execute arbitrary trailing arguments after cmd.exe /c while approval text reflects only a benign command. Attackers can smuggle malicious arguments throug...

7.1CVSS6.2AI score0.00406EPSS
Exploits0References3
Rows per page
Query Builder