Lucene search
K

3115 matches found

OSV
OSV
added 2026/06/04 3:52 p.m.3 views

MINI-PGRR-38HQ-338J

Bulletin has no description...

9.1CVSS5.2AI score0.00466EPSS
Exploits0
OSV
OSV
added 2026/06/04 12:39 p.m.4 views

MINI-R242-9FJG-CPHX

Bulletin has no description...

6.1CVSS5.7AI score0.00188EPSS
Exploits0
Slackware Linux
Slackware Linux
added 2026/06/04 1:14 a.m.11 views

[slackware-security] proftpd

New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/proftpd-1.3.9b-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Additional fixes for SQL injection, notably for...

8.1CVSS6.1AI score0.05004EPSS
Exploits6
NVD
NVD
added 2026/06/03 2:16 p.m.17 views

CVE-2023-52951

A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...

5.9CVSS0.0013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 1:11 p.m.5 views

CVE-2023-52951

A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...

5.9CVSS5.8AI score0.0013EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/03 1:11 p.m.10 views

EUVD-2023-60579

A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...

5.9CVSS5.8AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/03 1:11 p.m.6 views

CVE-2023-52951

A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...

5.9CVSS5.8AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 1:11 p.m.14 views

CVE-2023-52951

CVE-2023-52951 affects the Synology Note Station Client prior to version 2.2.4-703, where sensitive data is transmitted in cleartext. This enables network-level (MITM) attackers to obtain user credentials. The CVE lists a CVSS v3.1 base score of 5.9 (MEDIUM) with high confidentiality impact and n...

5.9CVSS5.8AI score0.0013EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.12 views

PT-2026-46083

Certain URLs passed to the redirect function can trigger an open redirect to an external domain depending on the level of validation done by the application prior to returning the redirect. !NOTE This does not impact your React Router application if you are using Declarative Mode...

8.7CVSS5.8AI score0.00162EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.13 views

PT-2026-45929

A cleartext transmission of sensitive information vulnerability in Synology Note Station Client before 2.2.4-703 allows man-in-the-middle attackers to obtain user credential...

5.9CVSS5.8AI score0.0013EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

Synology Note Station Client 安全漏洞

Synology Note Station Client is a desktop note application developed by Synology, a Chinese company. It supports note synchronization, knowledge management, and offline editing. Versions of Synology Note Station Client prior to 2.2.4-703 contained security vulnerabilities. These vulnerabilities...

5.9CVSS5.4AI score0.0013EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.18 views

AlmaLinux 9 : libexif (ALSA-2026:22553)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22553 advisory. libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References4
OSV
OSV
added 2026/06/02 11:46 a.m.8 views

CGA-7PG4-6FWH-XV59

Bulletin has no description...

7.7CVSS5.7AI score0.00555EPSS
Exploits0
CVE
CVE
added 2026/06/01 7:23 a.m.48 views

CVE-2026-42253

CVE-2026-42253 affects Apache ActiveMQ and Apache ActiveMQ Web. The vulnerability arises in the MessageServlet of the web console API, which copies every JMS message property into HTTP response headers without validation, enabling potential HTTP header injection and cross-site scripting via JMS m...

6.1CVSS5.8AI score0.01107EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2026/05/29 8:16 p.m.12 views

CVE-2026-48811

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a non-admin user to permanently delete an internal note private thread from any conversation, even after that user's access to the mailbox containing the conversation has been...

4.3CVSS0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 7:47 p.m.19 views

CVE-2026-48811

FreeScout (Laravel) contains a vulnerability where a non-admin can permanently delete an internal note (private thread) in any conversation, even after mailbox access is revoked. The root cause is the ThreadPolicy::delete authorization not verifying mailbox membership, allowing former members to ...

4.3CVSS5.7AI score0.00155EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 5:18 p.m.6 views

CVE-2026-45668

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malicious ZIP archive imported with safe import enabled achieves RCE via docName path traversal and XSS by combining a payload note type: code, mime:...

9.3CVSS5.8AI score0.0017EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/29 5:18 p.m.15 views

CVE-2026-45668

CVE-2026-45668 affects Trilium Notes prior to 0.102.2. A malicious ZIP imported with Safe Import enabled can lead to remote code execution via a #docName path traversal and XSS by combining a payload note (type: code, mime: text/plain) containing HTML/JS with a trigger note (type: doc or launcher...

9.3CVSS5.8AI score0.0017EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 5:18 p.m.16 views

EUVD-2026-33376

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malicious ZIP archive imported with safe import enabled achieves RCE via docName path traversal and XSS by combining a payload note type: code, mime:...

9.3CVSS5.8AI score0.0017EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 5:16 p.m.13 views

CVE-2026-41160

EspoCRM is an open source customer relationship management application. Prior to 9.3.5, a business logic flaw Broken Access Control in EspoCRM 9.3.3 allows low-privileged users to pin arbitrary notes without having the required edit permissions for the parent object. Due to a "write first,...

4.3CVSS0.00292EPSS
Exploits0References1
Rows per page
Query Builder