Lucene search
K

749 matches found

Nuclei
Nuclei
added 8 hours ago19 views

Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound)

Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. id: CVE-2021-28480 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass...

10CVSS7.6AI score0.83337EPSS
Exploits4References5
Nuclei
Nuclei
added 8 hours ago49 views

Mingsoft MCMS - SQL Injection

SQL injection vulnerability in Mingsoft MCMS up to 5.2.9 via the sqlWhere parameter in /cms/category/list. id: CVE-2022-4375 info: name: Mingsoft MCMS - SQL Injection author: ritikchaddha severity: critical description: | SQL injection vulnerability in Mingsoft MCMS up to 5.2.9 via the sqlWhere...

9.8CVSS7AI score0.0289EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Juniper Junos OS Vulnerability (JSA110077)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110077 advisory. - A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service DoS...

6.8CVSS6AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Juniper Junos OS Vulnerability (JSA110089)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110089 advisory. - A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to...

6CVSS6AI score0.0019EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-14787

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmdprint in the library libr/core/cmdprint.inc of the component pb Pri...

7.8CVSS5.6AI score0.00136EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-14761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function rstrndup/rstrappend of the file libr/util/str....

5.5CVSS5AI score0.00131EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmdanalopcode of the file libr/core/cmdanal.inc.c of th...

5.5CVSS5.6AI score0.00131EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/07/06 1:30 a.m.4 views

CVE-2026-14787

A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmdprint in the library libr/core/cmdprint.inc of the component pb Print Command Handler. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been made availab...

7.8CVSS5.5AI score0.00136EPSS
Exploits1
OSV
OSV
added 2026/07/06 12:0 a.m.4 views

UBUNTU-CVE-2026-14801

A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References9
NVD
NVD
added 2026/07/04 4:17 p.m.9 views

CVE-2026-14633

A vulnerability was determined in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 49b20f53de2b7ec34e920b11c863f1491d911a04. This affects an unknown part of the file /index.php/api/product/set of the component Hidden REST API Endpoint. This manipulation of the argument title/description causes...

5.3CVSS0.00288EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.10 views

PT-2026-55709

Name of the Vulnerable Software and Affected Versions kirilkirkov Ecommerce-CodeIgniter-Bootstrap versions prior to 49b20f53de2b7ec34e920b11c863f1491d911a04 Description A cross site scripting issue exists in the Hidden REST API Endpoint component. A remote attacker can exploit this by manipulatin...

5.3CVSS5.3AI score0.00288EPSS
Exploits0References13
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-532 Sentry's improper authentication on SAML SSO process allows user impersonation

Impact A critical vulnerability was discovered in the SAML SSO implementation of Sentry. It was reported to us via our private bug bounty program. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same...

9.1CVSS5.8AI score0.00584EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: reject zero bdoblocknr in nilfsioctlmarkblocksdirty nilfsioctlmarkblocksdirty uses bdoblocknr to detect dead blocks by comparing it with the current blo...

5.5CVSS6AI score0.00121EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 6:17 p.m.13 views

CVE-2026-11525

Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example,...

3.7CVSS0.00248EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-44250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. In netty-codec- redis prior to versions 4.1.135.Final and 4.2.15.Final...

7.5CVSS5.5AI score0.0038EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 11:45 a.m.6 views

BIT-MILVUS-2026-10814 milvus-io milvus Grantee ID Hash kv_catalog.go weak hash

A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects unknown code of the file internal/metastore/kv/rootcoord/kvcatalog.go of the component Grantee ID Hash Handler. The manipulation leads to use of weak hash. The attack needs to be performed locally. The...

7CVSS4.4AI score0.00089EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/06/09 2:25 a.m.11 views

SUSE CVE-2026-11487

A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...

5.3CVSS5.3AI score0.00923EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-47630

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead ...

7.5CVSS6.7AI score0.00401EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/08 12:30 a.m.13 views

EUVD-2026-34993

A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the file plugins/Stripe/Controllers/StripeController.php of the component Stripe Plugin. Performing a manipulation of the argument Request results in improper...

7.5CVSS5AI score0.00294EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.23 views

PT-2026-47249

A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...

5.3CVSS5.1AI score0.00923EPSS
Exploits0References9
Rows per page
Query Builder