Lucene search
K

48 matches found

CVE
CVE
added 6 days ago6 views

CVE-2026-48945

The CVE describes a vulnerability in the K2 Joomla extension (getk2.com) where the article gallery upload path accepts a zip/tar archive and extracts it to /media/k2/galleries//. The extractor renames image files (gif/jpg/jpeg/png/webp) to safe names, but non-image files (including .php) are extr...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field, which will cause a crash in Redis when accessed in affected versions. This issue has been addressed in versions 7.0.11, 6.2.12, and 6.0.19...

6.5CVSS5.7AI score0.00963EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.9 views

CVE-2026-27680

Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets CSS data into a web page served by the application. When a user accesses or clicks the affected page, the injected CSS is executed. As a result...

4.3CVSS5.5AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2026/05/19 7:16 p.m.23 views

CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

6.5CVSS0.00301EPSS
Exploits1References1
CVE
CVE
added 2026/05/19 7:3 p.m.28 views

CVE-2026-32738

libheif (versions

6.5CVSS5.7AI score0.00301EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.3 views

HPE Networking Instant On Access Points 安全漏洞

HPE Networking Instant On Access Points is a wireless network access point from HPE America. A security vulnerability exists in HPE Networking Instant On Access Points that stems from the processing of specially crafted packets that may cause the device to be unresponsive, potentially triggering ...

7.5CVSS5.8AI score0.00397EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-4873

Malware in sbrugna...

3.7CVSS6.4AI score0.00349EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-0985

Malware in sbrugna...

5CVSS6.4AI score0.01444EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-2435

Malicious code in bioql PyPI...

7.8CVSS8.1AI score0.0039EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking the starting location of empty przs in pstore/ram, which could cause a crash on future access...

7.8CVSS5.9AI score0.00147EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/07/08 7:8 p.m.11 views

CVE-2025-37102 Authenticated Command Injection Vulnerability In Instant On Command Line Interface

An authenticated command injection vulnerability exists in the Command line interface of HPE Networking Instant On Access Points. A successful exploitation could allow a remote attacker with elevated privileges to execute arbitrary commands on the underlying operating system as a highly privilege...

7.2CVSS0.01474EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/08 7:8 p.m.4 views

CVE-2025-37102 Authenticated Command Injection Vulnerability In Instant On Command Line Interface

An authenticated command injection vulnerability exists in the Command line interface of HPE Networking Instant On Access Points. A successful exploitation could allow a remote attacker with elevated privileges to execute arbitrary commands on the underlying operating system as a highly privilege...

7.2CVSS8.2AI score0.01474EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/04/30 9:50 a.m.3 views

xorg-x11-server: SELinux unlabeled GLX PBuffer

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...

5.5CVSS5.8AI score0.00321EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.5 views

PT-2024-19671 · WordPress · Avada

Name of the Vulnerable Software and Affected Versions: Avada theme for WordPress versions up to, and including, 7.11.6 Description: The issue is related to Stored Cross-Site Scripting via the plugin's shortcodes due to insufficient input sanitization and output escaping on user-supplied attribute...

6.4CVSS8AI score0.00688EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2018:3436-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.03806EPSS
Exploits0References7
Openbugbounty
Openbugbounty
added 2020/08/12 6:59 a.m.10 views

wonderwork.org Improper Access Control vulnerability OBB-1257231

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
CNVD
CNVD
added 2020/06/11 12:0 a.m.3 views

McAfee VirusScan Enterprise Privilege Permission and Access Control Issues Vulnerability

McAfee VirusScan Enterprise VSE is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. A vulnerability exists in the Microsoft Windows client McTray.exe...

7.8CVSS6.9AI score0.00283EPSS
Exploits0References1
OSV
OSV
added 2020/06/10 12:15 p.m.3 views

CVE-2019-3588

Privilege Escalation vulnerability in Microsoft Windows client McTray.exe in McAfee VirusScan Enterprise VSE 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked...

6.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2020/06/10 12:15 p.m.21 views

CVE-2019-3585

Privilege Escalation vulnerability in Microsoft Windows client McTray.exe in McAfee VirusScan Enterprise VSE 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges...

7.8CVSS0.00283EPSS
Exploits0References1
Prion
Prion
added 2020/06/10 12:15 p.m.17 views

Privilege escalation

Privilege Escalation vulnerability in Microsoft Windows client McTray.exe in McAfee VirusScan Enterprise VSE 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked...

6.9CVSS6.5AI score0.00278EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder