Lucene search
K

119 matches found

EUVD
EUVD
added 2026/01/16 12:30 a.m.5 views

EUVD-2026-3030

EUVD-2026-3030...

7.5CVSS6.4AI score0.00451EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/01/15 8:10 p.m.10 views

h3 v1 has Request Smuggling (TE.TE) issue

I was digging into h3 v1 specifically v1.15.4 and found a critical HTTP Request Smuggling vulnerability. Basically, readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this header should be case-insensitive. The...

9.8CVSS6.9AI score0.00576EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/01/13 6:35 p.m.6 views

EUVD-2026-2054

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.1AI score0.00216EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/13 3:28 p.m.4 views

EUVD-2026-2325

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices getmeterlevelsfromurb parses the 64-byte meter packets sent by the device and fills the per-channel arrays meterlevel, complevel and masterlevel in struct...

5.8AI score0.00173EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/13 9:44 a.m.4 views

EUVD-2026-2362

Affected devices do not properly enforce user authentication on specific API endpoints. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that the attacker has learned the identity of a...

10CVSS6.7AI score0.00601EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/09 4:19 p.m.7 views

EUVD-2026-1703

GestSup versions up to and including 3.2.56 contain a pre-authentication stored cross-site scripting XSS vulnerability in the API error logging functionality. By sending an API request with a crafted X-API-KEY header value for example, to /api/v1/ticket.php, an unauthenticated attacker can cause...

5.1CVSS5.4AI score0.00258EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/09 4:18 p.m.4 views

EUVD-2026-1710

GestSup versions up to and including 3.2.56 contain a SQL injection vulnerability in the search bar functionality. User-controlled search input is incorporated into SQL queries without sufficient neutralization, allowing an authenticated attacker to manipulate database queries. Successful...

7.7CVSS6.9AI score0.00294EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/09 10:4 a.m.5 views

EUVD-2026-1773

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to create a denial of service condition by providing crafted responses to external API calls...

6.5CVSS6.1AI score0.00479EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/08 4:21 p.m.3 views

EUVD-2026-1448

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki - UploadWizard extension allows Cross-Site Scripting XSS.This issue affects MediaWiki - UploadWizard extension: 1.45, 1.44, 1.43, 1.39...

6.1CVSS5.4AI score0.00202EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/07 12:31 p.m.8 views

EUVD-2026-1245

EUVD-2026-1245...

6.7CVSS6.4AI score0.00075EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:39 a.m.7 views

CVE-1999-0239

Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET...

7.5CVSS7.1AI score0.07449EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/06 4:36 p.m.4 views

EUVD-2026-0994

Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.4...

6.5AI score0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/06 12:0 a.m.4 views

EUVD-2026-1000

An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access point, there is a misconfiguration vulnerability about vsftpd. Through this vulnerability, all files uploaded anonymously via the FTP protocol is automatically owned by the root user and remote...

9.8CVSS6.6AI score0.00491EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/02 6:30 p.m.2 views

EUVD-2026-0159

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.3 views

EUVD-2026-0330

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.2 views

EUVD-2026-0467

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.3 views

EUVD-2026-0473

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.3 views

EUVD-2026-0532

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.4 views

EUVD-2026-0607

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/02 3:19 p.m.7 views

EUVD-2026-0666

A path traversal vulnerability has been reported to affect Qfiling. The remote attackers can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qfiling 3.13.1 and later...

9.3CVSS6.3AI score0.00447EPSS
Exploits0References2
Rows per page
Query Builder