Lucene search
K

45 matches found

EUVD
EUVD
added 2026/07/03 7:15 p.m.8 views

EUVD-2026-41562

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1ccan.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References6
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-558 Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write

A Path Traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. Impact An attacker can craft a malicious .msg file with attachment filenames containing path traversal...

9.8CVSS8.1AI score0.00616EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 8:17 p.m.7 views

CVE-2026-55958

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...

8.3CVSS0.00269EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.6 views

CVE-2026-5536

A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpcserver.py of the component gRPC server. Executing a manipulation can lead to deserialization. The attack may be performed from remote. The vendor was contacted early about this...

7.5CVSS6.7AI score0.00378EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/03 5:15 p.m.3 views

CVE-2026-5475 NASA cFS CCSDS Header Size cfe_sb_priv.c CFE_SB_TransmitMsg memory corruption

A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...

5.5CVSS6AI score0.00218EPSS
Exploits0References5
CVE
CVE
added 2026/04/03 5:15 p.m.10 views

CVE-2026-5475

NASA cFS up to 7.0.0 contains a memory corruption vulnerability in the CCSDS Header Size Handler. The affected function is CFE_SB_TransmitMsg in cfe_sb_priv.c, within the CCSDS Header Size Handler component. The issue is triggered by a manipulation of input leading to memory corruption. The CVE e...

5.5CVSS6AI score0.00218EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/05 7:23 p.m.4 views

CVE-2025-64712

The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitra...

9.8CVSS5.5AI score0.00616EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.7 views

Unstructured 安全漏洞

Unstructured is an open-source preprocessing tool for unstructured data developed by Unstructured. Versions of Unstructured prior to 0.18.18 contained a security vulnerability due to a path traversal vulnerability in the partitionmsg function. This vulnerability could allow arbitrary files to be...

9.8CVSS7.5AI score0.00616EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/03 9:18 a.m.8 views

CVE-2026-22881

Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

6.8CVSS5.4AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/02/02 7:16 a.m.19 views

CVE-2026-22881

Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

6.8CVSS0.00217EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/02 6:37 a.m.32 views

CVE-2026-22881

Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

6.8CVSS0.00217EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/02 6:37 a.m.4 views

CVE-2026-22881

Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

6.8CVSS5.4AI score0.00217EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/02/02 6:37 a.m.17 views

CVE-2026-22881

CVE-2026-22881 affects Cybozu Garoon 5.15.0 through 6.0.3, where a cross-site scripting vulnerability in the Message function could allow an attacker to reset arbitrary users’ passwords. Root cause is not explicitly detailed beyond the XSS in the Message feature. No exploitation status or in-the-...

6.8CVSS6.2AI score0.00217EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/02/02 6:37 a.m.6 views

EUVD-2026-5120

Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

6.8CVSS5.4AI score0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.8 views

Cybozu Garoon 跨站脚本漏洞

Cybozu Garoon is a portal-based OA office system developed by Cybozu. This system provides functions such as portals, email, bookmarks, calendar management, bulletin boards, and file management. Versions of Cybozu Garoon from 5.15.0 to 6.0.3 had a cross-site scripting vulnerability. This...

6.8CVSS6.3AI score0.00217EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.8 views

PT-2026-5616

Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

6.8CVSS5.4AI score0.00217EPSS
Exploits0References3
Snyk
Snyk
added 2025/12/02 6:50 a.m.6 views

Directory Traversal

Overview unstructured is an A library that prepares raw documents for downstream ML tasks. Affected versions of this package are vulnerable to Directory Traversal via the partitionmsg function’s handling of attachment filenames in email MSG files. An attacker can exploit this vulnerability by...

9.8CVSS7.5AI score0.00616EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/03/20 5:15 p.m.4 views

CVE-2024-57440

D-Link DSL-3788 revA1 1.01R1B036EUEN is vulnerable to Buffer Overflow via the COMMMAKECustomMsg function of the webproc cgi...

7.5CVSS5.3AI score0.00747EPSS
Exploits0References4
OSV
OSV
added 2024/10/25 5:15 a.m.4 views

CVE-2024-9686

The Order Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nktgnfwsendtestmessage' function in versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to send a test messa...

5.3CVSS5.8AI score0.00318EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/08 12:0 a.m.17 views

CVE-2024-34255

jizhicms v2.5.1 contains a Cross-Site ScriptingXSS vulnerability in the message function...

6.7AI score0.00261EPSS
Exploits1References1
Rows per page
Query Builder