Lucene search
K

1010 matches found

ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-210429

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
OSV
OSV
added 6 days ago5 views

OESA-2026-2872 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classifie...

5.3CVSS5.2AI score0.00388EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-55838

Name of the Vulnerable Software and Affected Versions radareorg radare2 versions prior to 6.1.7 Description An integer overflow occurs in the r str word get0set function within the libr/util/str.c file. This issue allows a local attacker to trigger the overflow through specific manipulation...

5.5CVSS5.9AI score0.00129EPSS
Exploits1References11
Cvelist
Cvelist
added last week28 views

CVE-2026-14761 radareorg radare2 str.c r_str_append integer overflow

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function rstrndup/rstrappend of the file libr/util/str.c. The manipulation leads to integer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be...

4.8CVSS0.00131EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added last week9 views

CVE-2026-14761

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function rstrndup/rstrappend of the file libr/util/str.c. The manipulation leads to integer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be...

4.8CVSS5.2AI score0.00131EPSS
Exploits1References7Affected Software1
NVD
NVD
added last week11 views

CVE-2026-14757

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...

7.8CVSS0.00142EPSS
Exploits1References6
Cvelist
Cvelist
added last week30 views

CVE-2026-14757 radareorg radare2 cmd_anal.inc core_anal_bytes integer overflow

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...

5.3CVSS0.00142EPSS
Exploits1References6
Debian CVE
Debian CVE
added last week5 views

CVE-2026-14757

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...

7.8CVSS5.6AI score0.00142EPSS
Exploits1
CVE
CVE
added 2026/06/29 5:15 p.m.12 views

CVE-2026-13592

The CVE-2026-13592 issue affects liftoff-sr CIPster (up to commit e8e9dba09bf56962807d3504b783ccdb6287f3e4). The vulnerability is in BufWriter::append within the EtherNet IP Message Handler, where manipulation can cause an out-of-bounds write. It allows remote exploitation, and public exploits ar...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.15

A vulnerability, classified as problematic, has been identified in the Linux kernel. This issue affects the functions unixsockdestructor/unixreleasesock in the file net/unix/afunix.c of the BPF component. The manipulation leading to this issue results in a memory leak. It is recommended that a...

5.5CVSS6AI score0.0026EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 1:0 a.m.32 views

CVE-2026-12203

HKUDS AI-Trader (up to commit 74caf996f78dcc0c657df8365c8544678a16e215) contains an information disclosure vulnerability in the Research Export component, affecting an unknown part of the /api/research/agents.csv endpoint. Manipulation of that endpoint can disclose information and is exploitable ...

6.9CVSS5.4AI score0.00402EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

EulerOS Virtualization 2.13.0 : binutils (EulerOS-SA-2026-2160)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the...

7.8CVSS4.8AI score0.00235EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-7290

A vulnerability was determined in JeecgBoot up to 3.9.1. Impacted is the function SqlInjectionUtil of the file jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java of the component loadDict Endpoint. This manipulation of the argument keyword causes sql...

6.5CVSS6.2AI score0.00204EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 3:0 p.m.12 views

EUVD-2026-34292

A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects unknown code of the file internal/metastore/kv/rootcoord/kvcatalog.go of the component Grantee ID Hash Handler. The manipulation leads to use of weak hash. The attack needs to be performed locally. The...

4.5CVSS4.8AI score0.00089EPSS
Exploits0References8
CVE
CVE
added 2026/06/04 3:0 p.m.20 views

CVE-2026-10814

Milvus up to version 2.6.13 has a local vulnerability in the Grantee ID Hash Handler (internal/metastore/kv/rootcoord/kv_catalog.go) related to using a weak hash. Exploitation is described as locally possible with high complexity; exploitability is difficult. A patch is identified as 3d932f1c3e06...

7CVSS4.8AI score0.00089EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46167

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A hig...

3.6CVSS5.2AI score0.00075EPSS
Exploits0References9
NVD
NVD
added 2026/06/01 7:16 p.m.12 views

CVE-2026-10283

A vulnerability was detected in Bottelet DaybydayCRM up to 2.2.1. Affected is an unknown function of the component Setting Handler. Performing a manipulation results in missing authentication. Remote exploitation of the attack is possible. It is recommended to apply a patch to fix this issue...

6.5CVSS0.00295EPSS
Exploits0References8
CVE
CVE
added 2026/06/01 6:45 p.m.19 views

CVE-2026-10283

CVE-2026-10283 affects Bottelet DaybydayCRM up to version 2.2.1. The vulnerability is in an unknown function of the Setting Handler, where manipulation leads to missing authentication. Remote exploitation is possible. A patch is recommended to fix the issue.

6.5CVSS6.2AI score0.00295EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/01 6:30 p.m.33 views

CVE-2026-10282 Bottelet DaybydayCRM DocumentsController.php view improper authorization

A security vulnerability has been detected in Bottelet DaybydayCRM up to 2.2.1. This impacts the function view of the file app/Http/Controllers/DocumentsController.php. Such manipulation leads to improper authorization. The attack may be launched remotely. It is best practice to apply a patch to...

5.3CVSS0.00227EPSS
Exploits0References8
Rows per page
Query Builder