Lucene search
K

17 matches found

EUVD
EUVD
added 2026/04/21 6:31 p.m.4 views

EUVD-2026-24143

This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 9.4 and a CVSS Vector of...

9.4CVSS6AI score0.0127EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/21 5:0 p.m.3 views

CVE-2026-21571

This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 9.4 and a CVSS Vector of...

9.4CVSS6AI score0.0127EPSS
Exploits0References3Affected Software1
GithubExploit
GithubExploit
added 2026/04/15 1:31 a.m.120 views

ps459

Multi-Firmware PS4 WebKit & Kernel Exploit Chain An exploit c...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/31 6:56 a.m.123 views

ha-ps4-jb

🎮 PS4 JB Web Server — Home Assistant Add-on A Home Assistant...

5.8AI score
Exploits0
NVD
NVD
added 2026/03/27 3:16 p.m.4 views

CVE-2026-33205

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's web view allows an attacker to perform blind GET requests to arbitra...

5.5CVSS0.00173EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/27 1:53 p.m.2 views

CVE-2026-33206 calibre has a path traversal vulnerability

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a path traversal vulnerability exists in Calibre' handling of images in Markdown and other similar text-based files allowing an attacker to include arbitrary files from the...

8.2CVSS5.9AI score0.00208EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 1:52 p.m.1 views

CVE-2026-33205

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's web view allows an attacker to perform blind GET requests to arbitra...

4.8CVSS6AI score0.00173EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/27 1:52 p.m.4 views

CVE-2026-33205 calibre has Server-Side Request Forgery in ebook viewer backend

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's web view allows an attacker to perform blind GET requests to arbitra...

4.8CVSS6AI score0.00173EPSS
Exploits1References3
OSV
OSV
added 2026/03/20 11:37 a.m.14 views

BIT-PARSE-2026-32886 Parse Server's Cloud function dispatch crashes server via prototype chain traversal

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.47, remote clients can crash the Parse Server process by calling a cloud function endpoint with a crafted function name that traverses the JavaScript prototype chain of a...

8.2CVSS6AI score0.00512EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.5 views

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were security vulnerabilities in versions of Parse Server prior to 9.6.0-alpha.17 and 8.6.42. These vulnerabilities stemmed from the ability to override fields...

4.3CVSS5.8AI score0.00306EPSS
Exploits0References3
CVE
CVE
added 2026/03/17 6:0 p.m.11 views

CVE-2026-21570

The CVE-2026-21570 entry describes a high-severity remote code execution in Atlassian Bamboo Data Center. Affected releases include 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0. An authenticated attacker can execute code on the remote system (CVSS v4.0 base score 8.6, attack ...

8.6CVSS6.1AI score0.00507EPSS
Exploits0References2
OSV
OSV
added 2026/03/16 9:53 a.m.3 views

BIT-PARSE-2026-32269 Parse Server OAuth2 adapter app ID validation sends wrong token to introspection endpoint

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.39, the OAuth2 authentication adapter does not correctly validate app IDs when appidField and appIds are configured. During app ID validation, a malformed value is sent t...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/20 12:0 a.m.2 views

idnovate Super User 安全漏洞

idnovate Super User is a customer login module for PrestaShop by idnovate. A security vulnerability exists in idnovate Super User version 9.6.0 and earlier, which stems from improper export of the AndroidManifest.xml file component de.idnow...

5.5CVSS5.5AI score0.00278EPSS
Exploits1References6
Patchstack
Patchstack
added 2024/12/02 11:31 a.m.2 views

WordPress WP Travel plugin <= 9.6.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WP Travel versions = 9.6.0...

6.5CVSS7AI score0.00276EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/19 12:0 a.m.3 views

PT-2023-25969 · Slims · Slims

Name of the Vulnerable Software and Affected Versions: SLims version 9.6.0 Description: The issue allows an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape image.php" file in the imageURL parameter. This is a Server-Side Reques...

9.9CVSS8.5AI score0.00459EPSS
Exploits0References6
OSV
OSV
added 2022/08/27 12:0 a.m.2 views

GHSA-6278-2Q4M-CMF3 ZK Framework vulnerable to malicious POST

ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

7.5CVSS5.9AI score0.95335EPSS
Exploits5References6
Positive Technologies
Positive Technologies
added 2018/07/19 12:0 a.m.7 views

PT-2018-12490 · Phpcms · Phpcms

Name of the Vulnerable Software and Affected Versions: PHPCMS version 9.6.0 Description: The issue allows remote attackers to upload and execute arbitrary PHP code. This can be achieved by sending a .txt?.php.jpg URI in the SRC attribute of an IMG element within infocontent JSON data to the...

9.8CVSS9.6AI score0.01472EPSS
Exploits0References2
Rows per page
Query Builder