Lucene search
K

350 matches found

NVD
NVD
added 2026/06/26 9:16 p.m.10 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

7.5CVSS0.00446EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.24 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

0.00446EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.32 views

PT-2026-52968

Name of the Vulnerable Software and Affected Versions relibc affected versions not specified Description A Denial of Service DoS issue exists in the parse month function located in /time/strptime.rs. An attacker can cause the system to crash by providing a specially crafted input. This issue is...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.6 views

CVE-2026-38639

An issue in the parsemonth function /time/strptime.rs of relibc commit ab6a2e allows attackers to cause a Denial of Service DoS via parsing a crafted input...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References5
CVE
CVE
added 2026/06/26 12:0 a.m.20 views

CVE-2026-38639

CVE-2026-38639 affects relibc. The issue is in the parse_month function (path /time/strptime.rs) within commit ab6a2e and allows an attacker to trigger a Denial of Service by parsing a crafted input. The available sources confirm the vulnerability location and impact but do not provide exploitati...

7.5CVSS5.8AI score0.00446EPSS
Exploits0References4
Wired Threat Level
Wired Threat Level
added 2026/05/26 5:31 p.m.15 views

Internet Starts to Return in Iran After 3-Month Blackout

Some internet connectivity is returning in Iran after nearly 90 days offline, web monitoring groups say. But it isn’t clear if the reconnection is permanent...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/05/26 3:55 p.m.20 views

Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month

Anthropic says its Claude Mythos AI identified more than 10,000 software vulnerabilities in one month, including critical flaws in open-source code...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: apr (UTSA-2026-016610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016610 advisory. When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be...

7.1CVSS6.7AI score0.01749EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/16 7:22 p.m.4 views

CVE-2026-6148

A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Performing a manipulation of the argument BRANCHID results in sql injection. The attack is possibl...

7.5CVSS5.7AI score0.00379EPSS
Exploits0References1
NVD
NVD
added 2026/04/13 2:16 a.m.5 views

CVE-2026-6148

A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Performing a manipulation of the argument BRANCHID results in sql injection. The attack is possibl...

7.5CVSS0.00379EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 1:30 a.m.4 views

CVE-2026-6148 code-projects Vehicle Showroom Management System MonthTotalReportUpdateFunction.php sql injection

A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Performing a manipulation of the argument BRANCHID results in sql injection. The attack is possibl...

7.5CVSS6.9AI score0.00379EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/13 1:30 a.m.36 views

CVE-2026-6148 code-projects Vehicle Showroom Management System MonthTotalReportUpdateFunction.php sql injection

A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Performing a manipulation of the argument BRANCHID results in sql injection. The attack is possibl...

7.5CVSS0.00379EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source vehicle exhibition hall management system developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from improper handling...

7.5CVSS7.2AI score0.00379EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-28103

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the str eval function in notification handler.py implements a sandboxed eval for notification text templates. The sandbox attempts to restrict callable names by inspecting code.co names of the...

7.5CVSS5.8AI score0.00476EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.10 views

PT-2026-28104

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.3-rc1 Description An Insecure Direct Object Reference IDOR exists in the 'PUT /api/keys' endpoint. Due to the use of the JavaScript object spread operator after setting the authenticated user's ID, an...

7.1CVSS5.8AI score0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.16 views

PT-2026-28099

What are the limits of AI-assisted vulnerability hunting? I obtained 23 CVEs in one month. BentoML 8.2k CVE-2026-27905 HIGH SillyTavern 24.6k CVE-2026-26286 HIGH Plane 28.2k CVE-2026-27705 MEDIUM NocoDB 46.4k CVE-2026-28399 MEDIUM Mautic 8.4k CVE-2026-3105 HIGH File Browser 27.9k CVE-2026-28492...

9.8CVSS5.8AI score0.00651EPSS
Exploits12References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.17 views

PT-2026-28097

What are the limits of AI-assisted vulnerability hunting? I obtained 23 CVEs in one month. BentoML 8.2k CVE-2026-27905 HIGH SillyTavern 24.6k CVE-2026-26286 HIGH Plane 28.2k CVE-2026-27705 MEDIUM NocoDB 46.4k CVE-2026-28399 MEDIUM Mautic 8.4k CVE-2026-3105 HIGH File Browser 27.9k CVE-2026-28492...

9.8CVSS5.8AI score0.00651EPSS
Exploits12References1
Veeam
Veeam
added 2026/03/24 12:0 a.m.24 views

New Search Experience for Veeam Data Cloud for Microsoft 365

Purpose We are excited to announce the initial rollout of our new search feature, designed to significantly improve the speed and efficiency of your search experience. Below are the details and important limitations to be aware of during this phased rollout. What's New Faster Search Experience Ou...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/12 6:30 p.m.5 views

EUVD-2019-19766

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthlyexpenseoverview endpoint with crafted month values using boolean-based blind,...

7.1CVSS5.9AI score0.00323EPSS
Exploits0References3
NVD
NVD
added 2026/03/12 4:16 p.m.7 views

CVE-2019-25473

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthlyexpenseoverview endpoint with crafted month values using boolean-based blind,...

7.1CVSS0.00323EPSS
Exploits0References2
Rows per page
Query Builder