Lucene search
K

739 matches found

EUVD
EUVD
added 2026/06/24 3:34 a.m.9 views

EUVD-2026-38645

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability...

6.2CVSS5.9AI score0.00197EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 3:34 a.m.8 views

CVE-2026-12488

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability...

6.2CVSS5.9AI score0.00197EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/24 3:34 a.m.13 views

CVE-2026-12488

CVE-2026-12488 affects GeoVision GV-VMS V20 GV-Cloud (v20.0.2). Talos details describe a stack-based buffer overflow in the GV-Cloud relay path (GvRelayProxy.dll) caused by trusting an unverified message size from the remote server; reading large messages can overflow the stack, enabling possible...

6.2CVSS5.9AI score0.00197EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51656

Name of the Vulnerable Software and Affected Versions GeoVision GV-VMS V20 version 20.0.2 Description Memory corruption occurs within the GV-Cloud functionality. A remote attacker can trigger a denial of service by sending a specially crafted network request while impersonating the legitimate...

6.2CVSS5.8AI score0.00197EPSS
Exploits0References7
OSV
OSV
added 2026/06/15 3:54 p.m.13 views

MAL-2026-5792 Malicious code in nativescript-swisspost-imagepicker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2271ce1525f722f302ee59b9de3270020e6d1aa84d74cc2972cb6ffa34d9a62 package.json declares preinstall: node index.js. On npm install, index.js reads process.env.INITCWD the installing project's working directory, takes...

5.4AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free condition, potentially causing a crash that can be exploited. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

8.8CVSS7.2AI score0.0096EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 2:7 a.m.12 views

Malicious code in chalk-tempalte (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3e82f6fa2867575be5e57fd3b03dada6a93761c97b240f77f98f4b221bde7a7 Package name chalk-tempalte is a single-character transposition of the popular chalk-template package a top-tier npm utility, consistent with...

5.9AI score
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/07 2:23 a.m.12 views

SUSE CVE-2026-7573

An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...

7.7CVSS5.8AI score0.00255EPSS
Exploits0References3
OSV
OSV
added 2026/05/06 3:33 a.m.6 views

GHSA-3C93-G9G6-P5J4 Velocidex Velociraptor has an authorization bypass vulnerability

An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...

5CVSS5.8AI score0.00255EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.11 views

RHCOS 4 : OpenShift Container Platform 4.16.44 (RHSA-2025:10782)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10782 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...

9.1CVSS6.8AI score0.00778EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.13 views

RHCOS 4 : OpenShift Container Platform 4.19.1 (RHSA-2025:9279)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9279 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...

9.1CVSS5.8AI score0.00778EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/11 6:0 p.m.5 views

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS5.9AI score0.00715EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-3805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory. CVE-2026-3805 Note that Nessus...

7.5CVSS7.1AI score0.00715EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.6 views

CVE-2026-26102

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

8.5CVSS5.4AI score0.00106EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.6 views

CVE-2026-26096

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

8.5CVSS5.4AI score0.00096EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.6 views

CVE-2026-26101

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

8.5CVSS5.4AI score0.00106EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.4 views

CVE-2026-2333

Improper Neutralization of Special Elements used in a Command 'Command Injection' in Owl opds 2.2.0.4 allows Command Injection via a crafted network request...

9.8CVSS5.5AI score0.01025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.7 views

CVE-2026-26093

Improper Neutralization of Special Elements used in a Command 'Command Injection' in Owl opds 2.2.0.4 allows Command Injection via a crafted network request...

9.8CVSS5.5AI score0.01105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.6 views

CVE-2026-26095

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

8.5CVSS5.4AI score0.00096EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.5 views

CVE-2026-26099

Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request...

8.4CVSS5.4AI score0.00109EPSS
Exploits0References1
Rows per page
Query Builder