Lucene search
K

2864 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the Linux kernel’s implementation of string matching within packets. A privileged user with root or CAPNETADMIN status can insert rules into iptables, and this action may cause the system to panic. The issue affects kernels prior to version 5.5-rc1...

4.4CVSS6.7AI score0.00277EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Node-Elliptic

The verify function in lib/elliptic/eddsa/index.js within the Elliptic package, as of version 6.5.6 for Node.js, omits the validation of the condition “sig.S.gtesig.eddsa.curve.n || sig.S.isNeg”...

9.1CVSS6.8AI score0.00507EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.7 views

EUVD-2026-37676

Unauthenticated PHP Object Injection in Mildhill = 1.5 versions...

8.1CVSS5.3AI score0.00395EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/17 2:23 p.m.8 views

WordPress Gutenverse Companion plugin <= 2.5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by mxym in WordPress Plugin Gutenverse Companion versions = 2.5.0...

7.5CVSS5.8AI score0.00238EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/17 2:17 p.m.8 views

CVE-2025-69170

Unauthenticated Local File Inclusion in Eventicity = 1.5 versions...

8.1CVSS0.00348EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 12:47 p.m.9 views

EUVD-2026-37690

Unauthenticated PHP Object Injection in SingleMalt = 1.5 versions...

8.1CVSS5.3AI score0.00395EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 12:47 p.m.7 views

EUVD-2025-210266

Unauthenticated Local File Inclusion in Eventicity = 1.5 versions...

8.1CVSS5.1AI score0.00348EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.7 views

CVE-2026-46884

Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM component: Marketing. Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Apps - Marketing. Successful attac...

9.8CVSS0.00474EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.7 views

CVE-2026-46857

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Oracle Management Service. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

9.8CVSS0.00508EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46855

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metadata Plugin. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle...

9.9CVSS0.00441EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46832

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise...

9.9CVSS0.00411EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.28 views

CVE-2026-49079 WordPress JetSearch plugin <= 3.5.17 - SQL Injection vulnerability

Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...

9.3CVSS0.00346EPSS
Exploits1References1
CVE
CVE
added 2026/06/16 9:17 p.m.22 views

CVE-2026-48055

Streambert (Electron-based desktop app) has a Zip Slip vulnerability in its subtitle extraction logic affecting versions up to 2.4.0. The code concatenates raw archive entry names to a temporary directory, enabling path traversal and arbitrary file writes if a malicious ZIP with traversal sequenc...

10CVSS5.4AI score0.00621EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:31 a.m.7 views

EUVD-2026-37060

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent Agent+ to overwrite a...

7.5CVSS5.3AI score0.00349EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-50101

Unauthenticated Local File Inclusion in Aperitif = 1.5 versions...

8.1CVSS5.2AI score0.00423EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.8 views

EUVD-2026-36972

Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:17 p.m.9 views

CVE-2026-48872

Unauthenticated Sensitive Data Exposure in EmbedPress = 4.5.2 versions...

7.5CVSS0.00278EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.8 views

CVE-2026-40732

Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:19 p.m.5 views

CVE-2026-49083 WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability

Contributor Privilege Escalation in LatePoint = 5.5.1 versions...

7.5CVSS5.2AI score0.00287EPSS
Exploits2References1
CVE
CVE
added 2026/06/15 8:19 p.m.36 views

CVE-2026-49083

Summary: CVE-2026-49083 affects the WordPress LatePoint plugin and is a privilege-escalation vulnerability in versions ≤ 5.5.1. What’s affected: WordPress LatePoint plugin (versions up to and including 5.5.1). Impact (as per provided metrics): CVSS 3.1 base score 7.5 (High), with network attack v...

7.5CVSS5.2AI score0.00287EPSS
Exploits2References1
Rows per page
Query Builder