Lucene search
K

93 matches found

NVD
NVD
added 2 days ago3 views

CVE-2026-55021

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

8.7CVSS0.00487EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-58285

Name of the Vulnerable Software and Affected Versions Power BI Report Server versions prior to 15.0.1121.120 Description Improper neutralization of input during web page generation leads to cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites. This allo...

8CVSS6AI score0.00538EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-58319

Name of the Vulnerable Software and Affected Versions Windows Server Update Service affected versions not specified Description An uncaught exception in the Windows Server Update Service allows an unauthorized attacker to perform tampering over a network. Recommendations Deploy the July 14 update...

7.5CVSS6.1AI score0.01205EPSS
Exploits0References3
NVD
NVD
added 2026/07/03 9:17 p.m.10 views

CVE-2026-58524

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

6.1CVSS0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55612

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue exists where sensitive information is exposed to an unauthorized actor, which could allow a remote attacker to perform spoofing over a network. Recommendations ...

6.5CVSS6AI score0.00651EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55616

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A use after free issue exists that allows an unauthorized attacker to execute arbitrary code over a network. Use after free is a memory corruption flaw that occurs when ...

8.8CVSS6.3AI score0.00556EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/22 10:59 a.m.48 views

kernel: nvmet-tcp: fix race between ICReq handling and queue teardown

A flaw was found in the Linux kernel's NVMe over TCP nvmet-tcp implementation. A race condition exists between the handling of an Initialization Connection Request ICReq and the teardown of a queue. A remote attacker, by sending an ICReq and immediately closing the connection, could trigger a...

9.8CVSS5.8AI score0.00353EPSS
Exploits0References5
OSV
OSV
added 2026/06/14 5:10 p.m.4 views

CVE-2026-54410

nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recvmsgheader function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled byte past the end of the 260-byte receive buffer by sending a crafted MBAP frame whose Length fiel...

8.8CVSS6.2AI score0.00541EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.10 views

CVE-2026-47287

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

6.5CVSS5.5AI score0.00622EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.9 views

CVE-2026-45462

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7AI score0.00505EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.31 views

CVE-2026-45462

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00505EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.17 views

CVE-2026-45464

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS0.0051EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:5 p.m.26 views

CVE-2026-47638

Microsoft SharePoint (Office SharePoint) is affected by CVE-2026-47638 due to improper neutralization of input during web page generation, enabling an authorized attacker to spoof users over the network (XSS). The NVD entries describe this as a cross-site scripting vulnerability with network acce...

5.4CVSS5.4AI score0.00505EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/09 5:4 p.m.42 views

CVE-2026-47287

CVE-2026-47287 affects Visual Studio Code. The provided documents describe a relative path traversal vulnerability that could allow tampering over a network. Per CVSS data, the attack vector is NETWORK with no privileges required but user interaction is required, and the impact includes high inte...

6.5CVSS5.5AI score0.00622EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.12 views

Remote Desktop Client Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS7.4AI score0.00473EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/06/09 11:16 a.m.74 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2026-33829 - Security Vulnerability Quick Usage ba...

4.3CVSS5.7AI score0.03447EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.23 views

PT-2026-47955

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-48030

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...

7.3CVSS6.8AI score0.00559EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-48022

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

6.5CVSS5.5AI score0.00622EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.39 views

CVE-2026-46135 nvmet-tcp: fix race between ICReq handling and queue teardown

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

9.8CVSS0.00353EPSS
Exploits0References5
Rows per page
Query Builder