Lucene search
K

16 matches found

NVD
NVD
added 2026/06/17 2:17 p.m.9 views

CVE-2025-69164

Unauthenticated Local File Inclusion in Skyward = 1.10 versions...

8.1CVSS0.00348EPSS
Exploits0References1
OSV
OSV
added 2026/03/26 7:49 p.m.7 views

CVE-2026-33532 yaml is vulnerable to Stack Overflow via deeply nested YAML collections

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

4.3CVSS6.2AI score0.00469EPSS
Exploits1References6
CVE
CVE
added 2026/03/26 7:49 p.m.57 views

CVE-2026-33532

Summary: CVE-2026-33532 affects the yaml JavaScript library. The vulnerability is in the compose/resolve phase of the parser, where a recursive call path without a depth bound can cause a RangeError: Maximum call stack size exceeded when parsing YAML input (typical payload ~2–10 KB). This can lea...

4.3CVSS6.1AI score0.00469EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.5 views

D-Link DIR-513 安全漏洞

The D-Link DIR-513 is a wireless router product developed by D-Link Corporation. The D-Link DIR-513 v1.10 version has a security vulnerability, which stems from a stack buffer overflow in the curTime parameter within the goform/formSetWizardSelectMode function...

9.8CVSS6AI score0.00595EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : krb5-1.10.3-10.AXS4.1 (AXSA:2013-280:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-280:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

5CVSS7.2AI score0.04211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/06 3:54 p.m.1 views

CVE-2025-58972 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.10.4 - Path Traversal vulnerability

Path Traversal: '.../...//' vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through =...

6.5AI score0.00463EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/07 12:0 p.m.3 views

WordPress Instabot plugin <= 1.10 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Instabot versions = 1.10...

7.1CVSS8.3AI score0.00168EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/02/21 8:15 a.m.3 views

CVE-2024-24798

Cross-Site Request Forgery CSRF vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10...

8.8CVSS7.3AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/24 12:0 a.m.5 views

MiniCMS 跨站脚本漏洞

MiniCMS is the minimalist content management system for personal websites. A security vulnerability exists in MiniCMS version v.1.10 that originates from allowing an unauthenticated attacker to execute arbitrary code via a crafted get request...

9.6CVSS8.9AI score0.00838EPSS
Exploits1References2
OSV
OSV
added 2023/01/30 11:15 p.m.3 views

CVE-2022-32514

A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to gain control of the device when logging into a web page. Affected Products: C-Bus Network Automation Controller - LSS5500NAC Versions prior to V1.10.0, Wiser for C-Bus Automation Controller - LSS5500SHAC...

9.8CVSS5.8AI score0.00781EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.5 views

PT-2022-17133 · Jenkins · Jenkins Snow Commander Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Snow Commander Plugin versions 1.10 and earlier Description: The issue concerns missing permission checks in the Jenkins Snow Commander Plugin, allowing attackers with Overall/Read permission to connect to a specified webserver using...

6.5CVSS6.3AI score0.00912EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/08/24 12:0 a.m.4 views

PT-2021-7369 · Unknown · Go-Ethereum

Name of the Vulnerable Software and Affected Versions: go-ethereum versions prior to v1.10.8 Description: A consensus-vulnerability in go-ethereum Geth could cause a chain split, where vulnerable versions refuse to accept the canonical chain. This issue is related to a memory-corruption bug withi...

7.5CVSS7.1AI score0.01527EPSS
Exploits0References16
CNVD
CNVD
added 2021/01/21 12:0 a.m.4 views

Bosch PRAESIDEO and Bosch PRAESENSA Cross-Site Scripting Vulnerabilities

Bosch Praesideo and Bosch Praesensa are both products of Bosch, Germany.Bosch Praesideo is a device for digital broadcasting in public places. The device can provide daily information dissemination, emergency broadcasting, fire alarm and other functions for buildings and public places.Bosch...

4.8CVSS6AI score0.00609EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/17 12:0 a.m.3 views

D-Link DIR-816 Command Injection Vulnerability (CNVD-2019-02394)

D-Link DIR-816 is a home router product from AUO. A command injection vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a program that uses HTTP requests to build commands, and can be exploited by an attacker for command injection...

10CVSS9.8AI score0.07381EPSS
Exploits2References1
CNVD
CNVD
added 2017/03/20 12:0 a.m.15 views

Artifex Software MuPDF Buffer Overflow Vulnerability

Artifex Software MuPDF is a free, lightweight PDF reader from Artifex Software, USA. A buffer overflow vulnerability exists in the main function of the jstestmain.c file in Artifex Software MuPDF versions prior to 1.10. A remote attacker can exploit this vulnerability to cause a denial of service...

5.5CVSS9.4AI score0.01541EPSS
Exploits0References1
OSV
OSV
added 2014/11/14 12:53 p.m.6 views

SUSE-SU-2015:0653-1 Security update for wireshark

wireshark has been updated to version 1.10.11 to fix five security issues. These security issues have been fixed: SigComp UDVM buffer overflow CVE-2014-8710. AMQP dissector crash CVE-2014-8711. NCP dissector crashes CVE-2014-8712, CVE-2014-8713. TN5250 infinite loops CVE-2014-8714. This...

9.3CVSS6.3AI score0.60643EPSS
Exploits27References100
Rows per page
Query Builder