Lucene search
+L

1008 matches found

cvelist
cvelist
added last week36 views

CVE-2026-59817 Ghost: Paid gift memberships obtainable at minimal cost via the donations feature

Ghost is a Node.js content management system. From 6.27.0 before 6.44.0, Ghost's public donation checkout flow allowed an unauthenticated attacker to control donation checkout metadata and obtain full paid gift memberships for a minimal payment without exposing customer or member data or stealing...

5.3CVSS0.00257EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.5 views

PT-2026-56900

Name of the Vulnerable Software and Affected Versions Ghost versions 6.27.0 through 6.43.x Description The public donation checkout flow in this Node.js content management system allows an unauthenticated attacker to manipulate donation checkout metadata. This can lead to the acquisition of full...

5.3CVSS6AI score0.00257EPSS
Exploits0References13
cve
cve
added 2026/07/08 8:46 p.m.83 views

CVE-2026-8472

CVE-2026-8472 affects GitLab Enterprise Edition and reports a privilege/authorization issue where an authenticated user with minimal access could read work item metadata from private projects. The root cause is missing authorization checks, enabling unintended metadata access. Affected versions i...

4.3CVSS6AI score0.00243EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2026/07/08 8:46 p.m.7 views

EUVD-2026-42405

GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to...

4.3CVSS6AI score0.00243EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.10 views

PT-2026-56617

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.9 through 18.11.6 GitLab EE versions 19.0 through 19.0.3 GitLab EE versions 19.1 through 19.1.1 Description An issue exists where missing authorization checks could allow an authenticated user with minimal access...

4.3CVSS6.1AI score0.00243EPSS
Exploits0References6
euvd
euvd
added 2026/07/04 8:38 p.m.7 views

EUVD-2024-55648

The silent Just-In-Time JIT provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username with a local user. This allows the provisioning process to overwrite existing roles of local users wi...

4.8CVSS5.9AI score0.00191EPSS
Exploits0References1
redhat
redhat
added 2026/06/26 9:46 a.m.6 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: vim: vim-X11-9.2.725-1.hum1 aarch64, x8664 vim-common-9.2.725-1.hum1 aarch64, x8664 vim-data-9.2.725-1.hum1 noarch vim-default-editor-9.2.725-1.hum1 noarch vim-enhanced-9.2.725-1.hum1 aarch64,...

8.4CVSS5.8AI score0.00126EPSS
Exploits0References5
ibm
ibm
added 2026/06/23 1:21 p.m.5 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a an arbitrary file read vulnerability (CVE-2026-11806)

Summary IBM WebSphere Application Server Liberty is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled. Vulnerability Details CVEID:CVE-2026-11806 DESCRIPTION: IBM WebSphere Application Server Liberty is affected by an arbitrary file read vulnerability wit...

7.5CVSS6AI score0.00472EPSS
Exploits0Affected Software1
euvd
euvd
added 2026/06/15 10:3 a.m.11 views

EUVD-2026-36707

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains missing authorization checks on multiple web application endpoints. An authenticated attacker with minimal privileges can access endpoints that are not visible in the frontend but remain directly reachable. This allow...

8.6CVSS5.5AI score0.00304EPSS
Exploits1References2
packetstormnews
packetstormnews
added 2026/06/11 12:0 a.m.36 views

Font Generator for Embedded Bitmap and Color Glyph Pipeline Robustness Testing

This Python program constructs a handcrafted TrueType font file that combines multiple font subsystems - including embedded bitmap tables, color glyph definitions, glyph mapping structures, and minimal layout metadata - into a single synthetic test artifact...

5.3AI score
Exploits0
attackerkb
attackerkb
added 2026/06/09 12:21 a.m.8 views

CVE-2026-44754

The Remote Function Call RFC modules of the Operational Data Provisioning Data Replication API ODP-RFC are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which...

6.6CVSS5.5AI score0.00219EPSS
Exploits0References3Affected Software1
redhat
redhat
added 2026/06/08 3:27 a.m.26 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
redhatcve
redhatcve
added 2026/06/05 7:34 p.m.10 views

CVE-2026-1493

LEX Baza Dokumentów is vulnerable to DOM-based XSS in "em" cookie parameter. The application unsafely processes the parameter on the client side, allowing an attacker to execute arbitrary JavaScript in the context of the victim's browser. An attacker with ability to set a cookie can perform a mor...

5.4CVSS5.9AI score0.00178EPSS
Exploits0References1
redhat
redhat
added 2026/06/04 3:52 p.m.10 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
fedora
fedora
added 2026/05/28 1:13 a.m.17 views

[SECURITY] Fedora 44 Update: nginx-mod-js-challenge-0^20230517.gitda6852d-8.fc44

Simple JavaScript proof-of-work based access for Nginx with virtually no over head...

9.2CVSS5.8AI score0.04261EPSS
Exploits3
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. No users are affected if they follow the recommendation...

8.5CVSS7.2AI score0.16118EPSS
Exploits2References1
nessus
nessus
added 2026/05/16 12:0 a.m.13 views

Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2026-1699)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1699 advisory. When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory. CVE-2026-3805 Tenable has extracted the preceding description block...

7.5CVSS7.1AI score0.00715EPSS
Exploits2References4
snyk
snyk
added 2026/05/12 3:0 p.m.12 views

Improper Handling of Unicode Encoding

Overview Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding in the decoding of overlong UTF-8 strings. An attacker can bypass application-level byte filtering or validation by sending malicious sequences that decode to canonical characters. This is only...

6.9CVSS5.8AI score0.00301EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/05/11 8:19 p.m.106 views

wetfish_pentest

sv Everything you need to build a Svelte project, powered by...

5.8AI score
Exploits0
suse
suse
added 2026/05/07 11:53 a.m.7 views

Security update for jetty-minimal

This update for jetty-minimal fixes the following issues: CVE-2026-2332: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques bsc1262115. CVE-2026-5795: Fixed JaspiAuthenticator broken access control...

9.1CVSS5.8AI score0.01127EPSS
Exploits1References8
Rows per page
Query Builder