Lucene search
K

3952 matches found

EUVD
EUVD
added 2026/06/26 1:11 a.m.9 views

EUVD-2026-39603

A stored XSS vulnerabilities exists in the maintenance-acl-check.php and maintenance-banners-check.php tools of Revive Adserver 6.0.7. The issue was caused by entity names being displayed without proper escaping when inconsistencies were detected. Whether the XSS payload is executed when an...

4.4CVSS5.8AI score0.00199EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 1:11 a.m.9 views

CVE-2026-50742

A stored XSS vulnerabilities exists in the maintenance-acl-check.php and maintenance-banners-check.php tools of Revive Adserver 6.0.7. The issue was caused by entity names being displayed without proper escaping when inconsistencies were detected. Whether the XSS payload is executed when an...

4.4CVSS5.8AI score0.00199EPSS
Exploits1References2
CVE
CVE
added 2026/06/26 1:11 a.m.12 views

CVE-2026-50742

CVE-2026-50742 describes a stored XSS in Revive Adserver 6.0.7, occurring in the maintenance tools, specifically in the files maintenance-acl-check.php and maintenance-banners-check.php . The root cause is that entity names are displayed without proper escaping when inconsistencies are detected, ...

5.4CVSS5.8AI score0.00199EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/06/26 12:16 a.m.10 views

CVE-2026-43920

FOSSBilling is a free, open-source billing and client management system. In versions 0.5.4 through 0.7.2, the /run-patcher maintenance endpoint in FOSSBilling was accessible without authentication, which allowed unauthenticated remote users to trigger update patch routines that modify configurati...

6.9CVSS0.00545EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.18 views

PT-2026-52650

Name of the Vulnerable Software and Affected Versions Revive Adserver version 6.0.7 Description Stored Cross-Site Scripting XSS occurs in the maintenance-acl-check.php and maintenance-banners-check.php tools. The issue arises when entity names are displayed without proper escaping during the...

5.4CVSS5.9AI score0.00199EPSS
Exploits1References8
BDU FSTEC
BDU FSTEC
added 2026/06/26 12:0 a.m.3 views

The vulnerability of the net/batman-adv/bat_iv_ogm.c module in the Linux operating system allows a hacker to trigger a system failure during maintenance operations.

The vulnerability of the net/batman-adv/bativogm.c module in the Linux operating system is related to incorrect calculations of buffer size. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.1AI score0.00121EPSS
Exploits0References13Affected Software2
CVE
CVE
added 2026/06/25 11:6 p.m.23 views

CVE-2026-43920

CVE-2026-43920 affects FOSSBilling versions 0.5.4–0.7.2 where the unauthenticated /run-patcher endpoint allowed privileged maintenance operations (config migrations, DB schema changes including ALTER/DROP/UPDATE, filesystem deletions/renames, and cache clearing) to be executed without admin auth,...

6.9CVSS6AI score0.00545EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 11:6 p.m.38 views

CVE-2026-43920 FOSSBilling: Unauthenticated update patcher endpoint allows remote maintenance execution

FOSSBilling is a free, open-source billing and client management system. In versions 0.5.4 through 0.7.2, the /run-patcher maintenance endpoint in FOSSBilling was accessible without authentication, which allowed unauthenticated remote users to trigger update patch routines that modify configurati...

6.9CVSS0.00545EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52177

Name of the Vulnerable Software and Affected Versions Tealium iQ Tag Management versions 0.0.0 through 2.4.0 Description Improperly controlled modification of dynamically-determined object attributes in the Tealium iQ Tag Management module allows for Object Injection. This occurs because the...

6.1AI score0.00417EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/18 8:41 p.m.10 views

Untrusted Search Path

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Untrusted Search Path via the PATH environment variable influencing the selection of the trash executable during maintenance tasks. An attacker can execute unintended local executables by...

7.2CVSS5.9AI score0.00119EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46935

Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

7.5CVSS0.00311EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.10 views

CVE-2026-46934

Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

7.5CVSS0.00311EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46915

Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite component: Production. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

8.5CVSS0.00311EPSS
Exploits0References1
OSV
OSV
added 2026/06/16 9:32 p.m.4 views

GHSA-2W22-3F6X-3HF4 Duplicate Advisory: Workspace-derived service PATH could influence trash command selection

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rx78-29qr-5hq8. This link is maintained to preserve external references. Original Description OpenClaw before 2026.5.2 contains a path traversal vulnerability in maintenance task execution that allows...

7.2CVSS5.7AI score0.00119EPSS
Exploits0References4
NVD
NVD
added 2026/06/16 7:17 p.m.11 views

CVE-2026-53865

OpenClaw before 2026.5.2 contains a path traversal vulnerability in maintenance task execution that allows workspace-derived service paths to influence trash command selection. Attackers can execute unintended local executables from operator-unintended paths during maintenance operations by...

7.2CVSS0.00119EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:5 p.m.21 views

CVE-2026-53865

CVE-2026-53865 : OpenClaw prior to 2026.5.2 has a path traversal bug in maintenance task execution that lets workspace-derived service paths influence the trash command. An attacker can run unintended local executables from operator-unintended paths by manipulating environment paths during mainte...

7.2CVSS5.7AI score0.00119EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.17 views

PT-2026-50039

Name of the Vulnerable Software and Affected Versions Oracle Complex Maintenance, Repair and Overhaul versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite. A low...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-49782

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.2 Description A path traversal issue exists in the maintenance task execution process where workspace-derived service paths can influence the selection of the trash command. By manipulating workspace-derived...

7.2CVSS5.6AI score0.00119EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.33 views

PT-2026-50038

Name of the Vulnerable Software and Affected Versions Oracle Complex Maintenance, Repair and Overhaul versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite. A low...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-50022

Name of the Vulnerable Software and Affected Versions Oracle Complex Maintenance, Repair and Overhaul versions 12.2.3 through 12.2.15 Description An issue exists in the Production component of Oracle Complex Maintenance, Repair and Overhaul within Oracle E-Business Suite. A low privileged attacke...

8.5CVSS5.8AI score0.00311EPSS
Exploits0References3
Rows per page
Query Builder