Lucene search
K

7268 matches found

NVD
NVD
added 3 days ago10 views

CVE-2026-55110

A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing CORS misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session...

7.5CVSS0.00181EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-55110

A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing CORS misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session...

7.5CVSS0.00181EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-41388

A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing CORS misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session...

7.5CVSS5.7AI score0.00181EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-55110

A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing CORS misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session...

7.5CVSS5.7AI score0.00181EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 12:33 a.m.5 views

EUVD-2026-39140

Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must vis...

8.8CVSS5.4AI score0.0067EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 12:17 a.m.9 views

CVE-2026-9780

Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must vis...

8.8CVSS0.0067EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 9:43 p.m.22 views

CVE-2026-2050 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00552EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in GIMP

GIMP JP2 File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.8AI score0.00539EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/15 12:0 p.m.29 views

CVE-2016-20067 WordPress CP Polls 1.0.8 Cross-Site Request Forgery

WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML pages that execute unwanted poll operations when administrators visit the page while logged in...

5.3CVSS0.00116EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/13 12:34 a.m.10 views

EUVD-2026-36634

Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

4.6CVSS5.3AI score0.00225EPSS
Exploits0References3
NVD
NVD
added 2026/06/13 12:16 a.m.19 views

CVE-2026-11443

Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

4.6CVSS0.00225EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 11:4 p.m.39 views

CVE-2026-11443

CVE-2026-11443 affects Allegra via the downloadAttachment method, where insufficient validation of user-supplied data enables cross-site scripting and an authentication bypass. This allows remote attackers to execute arbitrary script in the context of the current user after visiting a malicious p...

4.6CVSS5.3AI score0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 11:4 p.m.7 views

CVE-2026-11443 Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability

Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

4.6CVSS5.7AI score0.00225EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 6:43 a.m.29 views

CVE-2026-12060 Hepta Platforms|Heptabase - Exposed Dangerous

Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining...

6.9CVSS0.00313EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 6:43 a.m.6 views

CVE-2026-12060 Hepta Platforms|Heptabase - Exposed Dangerous

Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining...

6.9CVSS5.3AI score0.00313EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 6:43 a.m.13 views

EUVD-2026-36390

Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining...

6.9CVSS5.3AI score0.00313EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 6:43 a.m.22 views

CVE-2026-12060

CVE-2026-12060 concerns Heptabase (Hepta Platforms) with an Exposed Dangerous Method or Function vulnerability. The description indicates unauthenticated remote attackers can leverage social engineering to persuade a victim to open or load a malicious webpage inside the Heptabase application, res...

6.9CVSS5.3AI score0.00313EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 12:32 a.m.9 views

EUVD-2026-36156

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.7AI score0.00615EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 10:16 p.m.12 views

CVE-2026-2049

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00615EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2026/06/09 12:0 a.m.14 views

Adobe Acrobat Pro DC Annots.api Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

7.8CVSS5.8AI score0.00266EPSS
Exploits0References1
Rows per page
Query Builder