Lucene search
+L

28549 matches found

cvelist
cvelist
added 2026/07/08 8:14 p.m.33 views

CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS0.00557EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/07/08 8:14 p.m.6 views

CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS6.5AI score0.00557EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/08 7:34 p.m.32 views

CVE-2026-59936 pypdf: Possible infinite loop for not terminated inline images

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...

8.7CVSS0.00345EPSS
Exploits0References4
cve
cve
added 2026/07/08 7:34 p.m.8 views

CVE-2026-59936

Technical details about CVE-2026-59936 are not publicly available in the provided documents. Monitor for updates from official advisories to learn affected versions, impact, and fixes.

8.7CVSS6AI score0.00345EPSS
Exploits0References4Affected Software1
euvd
euvd
added 2026/07/08 12:21 p.m.5 views

EUVD-2026-42225

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Webbeyaz Web Design Mediküm Web allows Stored XSS. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

5.4CVSS5.9AI score0.00133EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/08 12:21 p.m.36 views

CVE-2026-8315 Stored XSS in Webbeyaz's Mediküm Web

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Webbeyaz Web Design Mediküm Web allows Stored XSS. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

5.4CVSS0.00133EPSS
Exploits0References1
cve
cve
added 2026/07/08 12:19 p.m.12 views

CVE-2026-8310

Mediküm Web (Webbeyaz Web Design) is affected by CVE-2026-8310, a Reflected XSS caused by improper neutralization of input during web page generation. Affected through 08/07/2026; vendor noted as not supported. The connected documents consistently describe the issue without detailing specific vul...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
euvd
euvd
added 2026/07/08 12:14 p.m.5 views

EUVD-2026-42223

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Webbeyaz Web Design Mediküm Web allows SQL Injection. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

9.8CVSS6AI score0.00266EPSS
Exploits0References1
cve
cve
added 2026/07/08 12:14 p.m.17 views

CVE-2026-8307

SQL injection in Webbeyaz Web Design Mediküm Web (Mediküm Web) due to improper neutralization of special elements in SQL commands. Affected through 08072026; vendor state: product not supported. CVSS 3.1 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base 9.8). No remediation details provided in th...

9.8CVSS6AI score0.00266EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/08 12:14 p.m.35 views

CVE-2026-8307 SQLi in Webbeyaz's Mediküm Web

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Webbeyaz Web Design Mediküm Web allows SQL Injection. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

9.8CVSS0.00266EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/08 8:45 a.m.34 views

CVE-2026-6280 Improper Access Control in Nomysoft Informatics' Nomysem

Exposure of sensitive information due to incompatible policies vulnerability in NOMYSOFT Informatics Education and Consulting Inc. Nomysem allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Nomysem: through 08072026. NOTE: The vendor was contacted early about this...

6.5CVSS0.00223EPSS
Exploits0References1
ossf
ossf
added 2026/07/08 8:26 a.m.9 views

Malicious code in na-rony-test-karem (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd6a8602ce62a88124613cbe7eb85e19a1ae122a0ee98c71676fe4969359888f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References2
snyk
snyk
added 2026/07/08 2:25 a.m.12 views

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the scp process. An attacker can cause files to be placed outside the intended directory by crafting a copy operation between two remote destinations. Remediation A fix was pushed into the master branch but n...

5.4CVSS6.1AI score0.00241EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.6 views

PT-2026-56412

Name of the Vulnerable Software and Affected Versions Mediküm Web versions through 08072026 Description Improper neutralization of input during web page generation allows for Stored Cross-Site Scripting XSS, a condition where malicious scripts are permanently stored on the target server and serve...

5.4CVSS6.1AI score0.00133EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.6 views

PT-2026-56448

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.61 n8n versions prior to 2.27.4 n8n versions 2.28.0 through 2.28.0 Description A SQL injection issue exists in the legacy MySQL v1 node during the executeQuery operation. The system substitutes evaluated...

8.8CVSS6.3AI score0.00314EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.5 views

PT-2026-57874

Name of the Vulnerable Software and Affected Versions Ollama affected versions not specified Description A flaw in the downloadBlob function allows remote, unauthenticated attackers to cause a denial-of-service condition. The issue stems from improper validation of user-supplied data, leading to ...

7.5CVSS7AI score0.00391EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.8 views

PT-2026-56914

Name of the Vulnerable Software and Affected Versions PAN-OS affected versions not specified Description A server-side request forgery SSRF issue in the management web interface allows an authenticated administrator with network access to perform unauthorized requests from the firewall to interna...

7.5CVSS6.2AI score0.00416EPSS
Exploits0References5
osv
osv
added 2026/07/07 3:46 p.m.10 views

MAL-2026-6932 Malicious code in evm-typechain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a78b4d04410e295cbe340c95e6800a0777717d46ce136f0c30b5593d1bd9738 On require, index.js issues an HTTPS GET to https://www.jsonkeeper.com/b/PC5CK, passes the returned JSON cookie field to new Function'require',..., a...

6.5AI score
Exploits0References2
ossf
ossf
added 2026/07/07 3:13 p.m.14 views

Malicious code in notifier-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a5846e3c26fdded8225d54ec017b01be255353470c39a780bbd9b556c059120 The package presents itself as a pino-compatible logger README, keywords, and a module.exports.pino alias mirror the pino identity, and lib/ replicat...

6.3AI score
Exploits0References5
osv
osv
added 2026/07/07 2:34 p.m.6 views

PYSEC-2026-1962 TensorFlow has segfault in array_ops.upper_bound

Impact arrayops.upperbound causes a segfault when not given a rank 2 tensor. Patches We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586. The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1. For more information...

8.7CVSS5.9AI score0.00429EPSS
Exploits0References7
Rows per page
Query Builder