Lucene search
K

7509 matches found

Nuclei
Nuclei
added yesterday65 views

Navigate CMS 2.9.4 - Server-Side Request Forgery

Navigate CMS 2.9.4 is susceptible to server-side request forgery via feedparser class. This can allow a remote attacker to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter, thus enabling possible theft of sensitive information, data...

4.9CVSS6.2AI score0.2195EPSS
Exploits6References5
NVD
NVD
added 2 days ago6 views

CVE-2026-15494

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. Impacted is an unknown function of the file manager/network/switchstatus.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and...

5.8CVSS0.00202EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43216

A flaw has been found in AMTT Hotel Broadband Operation System 1.0. Impacted is an unknown function of the file manager/network/switchstatus.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and...

5.8CVSS6AI score0.00202EPSS
Exploits0References5
NVD
NVD
added 3 days ago6 views

CVE-2026-56372

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service...

9.1CVSS0.00116EPSS
Exploits0References2
CVE
CVE
added 3 days ago13 views

CVE-2026-56372

ImageMagick (before version 7.1.2-19) contains a heap buffer overflow in the magnify operation. A malformed magnify:method value triggers an out-of-bounds read, which can expose sensitive information or cause denial of service. Multiple sources (NVD, Debian/Ubuntu OSV entries, Red Hat advisory, a...

9.1CVSS6.2AI score0.00116EPSS
Exploits0References2Affected Software1
OSV
OSV
added 3 days ago3 views

CVE-2026-56372 ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service...

4.8CVSS6.2AI score0.00116EPSS
Exploits0References4
Nuclei
Nuclei
added 3 days ago59 views

Micro Focus UCMDB - Remote Code Execution

Micro Focus UCMDB is susceptible to remote code execution. Impacted products include Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions, and Operations Bridge containerized 2020.05, 2019.08, 2019.0...

10CVSS7.2AI score0.74232EPSS
Exploits3References5
OSV
OSV
added 4 days ago3 views

CVE-2026-55843 Snipe-IT: Improper Privilege Management

Snipe-IT is an IT asset/license management system. Prior to 8.6.0, UsersController::update passes a missing permission request field through NormalizePermissionsPayloadAction and PreserveUnauthorizedPrivilegedPermissionsAction in a way that can overwrite a target user’s permissions with a sparse...

7CVSS6.1AI score0.00298EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 4 days ago6 views

CVE-2026-58374

A flaw was found in hostapd. An unauthenticated attacker within wireless range can send a specially crafted management frame during Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing. This crafted frame, containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS6AI score0.00282EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 4 days ago9 views

PT-2026-57271

Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.6.0 Description In the IT asset and license management system, the update function within UsersController incorrectly handles missing permission request fields when processed through NormalizePermissionsPayloadActi...

7CVSS6.1AI score0.00298EPSS
Exploits0References9
EUVD
EUVD
added 5 days ago11 views

EUVD-2026-38358

pypdf: Possible infinite loop when processing threads/articles in writer...

6.9CVSS5.9AI score0.00111EPSS
Exploits0References4
NVD
NVD
added 6 days ago16 views

CVE-2026-39822

On Unix systems, opening a file in an os.Root improperly follows symlinks to locations outside of the Root when the final path component of the a path is a symbolic link and the path ends in /. For example, 'root.Open"symlink/"' will open "symlink" even when "symlink" is a symbolic link pointing...

7.8CVSS0.00181EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42187

The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing...

7.8CVSS6AI score0.00116EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-46592

A flaw was found in the Apache Camel CXF SOAP component. A remote attacker can exploit this vulnerability by manipulating the operationName header in an unauthenticated HTTP request. This improper input validation allows the attacker to force the CxfProducer to invoke unintended SOAP operations o...

7.5CVSS6AI score0.00396EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-59194

A flaw was found in pnpm, a package manager. A remote attacker could exploit this vulnerability by providing a specially crafted patch entry. This crafted entry could resolve outside the configured patches directory, allowing for the deletion of an arbitrary file when pnpm patch-remove is execute...

7.1CVSS6AI score0.00257EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 6 days ago4 views

kernel: smb/client: fix out-of-bounds read in smb2_compound_op()

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

9.1CVSS6.1AI score0.00478EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-56423

Name of the Vulnerable Software and Affected Versions Dgraph versions prior to 25.3.5 Description Dgraph Alpha exposes privileged RPCs used for external snapshot import on the public gRPC port :9080 without authentication or authorization. An unauthenticated network client can access the...

9.1CVSS6.1AI score0.00388EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added last week4 views

kernel: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()

A flaw was found in the Linux kernel's nfnetlinkcthelper component. This vulnerability, an out-of-bounds read, occurs in the nfnlcthelperdumptable function when a network connection tracking helper is removed during a dump operation, leading to a bypassed bounds check. A local attacker could...

7.1CVSS5.9AI score0.00132EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added last week10 views

kernel: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()

A flaw was found in the Linux kernel's nfnetlinkcthelper component. This vulnerability, an out-of-bounds read, occurs in the nfnlcthelperdumptable function when a network connection tracking helper is removed during a dump operation, leading to a bypassed bounds check. A local attacker could...

7.1CVSS5.9AI score0.00132EPSS
Exploits0References5
EUVD
EUVD
added last week7 views

EUVD-2025-13499

Open WebUI allows limited stored XSS vila uploaded html file...

6.3CVSS5.9AI score0.003EPSS
Exploits1References5
Rows per page
Query Builder