Lucene search
K

102 matches found

CVE
CVE
added 2 days ago8 views

CVE-2026-14468

Terraform Enterprise contains a vulnerability in its VCS ingestion of registry modules where the boundary on packaged module content was not correctly enforced. An authenticated user could include files from outside the intended repository content in a module and then download them, potentially e...

7.7CVSS6AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 3 days ago7 views

ROOT-OS-UBUNTU-2404-CVE-2025-68188 CVE-2025-68188 in rootio-linux - Patched by Root

Root has patched CVE-2025-68188 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS5.4AI score0.00166EPSS
Exploits0
NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-56032

Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...

9.8CVSS0.00525EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.8 views

EUVD-2026-36807

Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-10229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::readmeshes of the file HL1MDLLoader.cpp of the component Half-Life...

5.3CVSS5.8AI score0.00125EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Assimp 安全漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a zero-division error in the FBXExporter.cpp file’s...

4.8CVSS4.6AI score0.00112EPSS
Exploits0References7
Debian
Debian
added 2026/05/17 4:58 a.m.13 views

[BSA-133] Security Update for incus

Mathias Gibbens uploaded new packages for incus which fixed the following security problems: CVE ID : CVE-2026-40195 CVE-2026-40197 CVE-2026-40243 CVE-2026-40251 CVE-2026-41647 CVE-2026-41648 CVE-2026-41684 CVE-2026-41685 Multiple security issues were discovered in Incus, a system container and...

7.1CVSS5.8AI score0.00408EPSS
Exploits8
Patchstack
Patchstack
added 2026/05/07 5:32 p.m.17 views

NPM: Compromised version of intercom-client published to npm

NPM: Compromised version of intercom-client published to npm vulnerability discovered by ? in WordPress Npm intercom-client versions 7.0.4...

5.8AI score
Exploits0References6Affected Software1
OSV
OSV
added 2026/04/30 2:15 p.m.8 views

JLSEC-2026-365

A potential memory leak issue was discovered in SDL2 in GLESCreateTexture function in SDLrendergles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected...

7.5CVSS7.4AI score0.01265EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-34232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the...

7.5CVSS7AI score0.00466EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-25710

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary...

9.1CVSS6.2AI score0.00311EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31269

Name of the Vulnerable Software and Affected Versions Accept PayPal Payments using Contact Form 7 versions through 4.0.4 Description A missing authorization issue exists in the ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension, allowing exploitation of...

5.8AI score0.00195EPSS
Exploits0References4
NVD
NVD
added 2026/04/02 2:16 p.m.7 views

CVE-2026-31933

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4...

7.5CVSS0.00351EPSS
Exploits0References2
OSV
OSV
added 2026/04/02 2:16 p.m.4 views

UBUNTU-CVE-2026-31932

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4...

7.5CVSS5.7AI score0.00267EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.4 views

PT-2026-26942

Name of the Vulnerable Software and Affected Versions Suricata affected versions not specified Description Security issues have been resolved in the libsuricata8 0 4-8.0.4-1.1 package on openSUSE Tumbleweed. Recommendations At the moment, there is no information about a newer version that contain...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References11
OSV
OSV
added 2026/03/10 8:8 p.m.4 views

CVE-2026-29793 NoSQL Injection via WebSocket id Parameter in MongoDB Adapter

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, Socket.IO clients can send arbitrary JavaScript objects as the id argument to any service method get, patch, update, remove. The transport layer performs no type...

9.3CVSS6AI score0.00461EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/09 10:54 p.m.2 views

CVE-2026-30919 facileManager Affected by Stored Cross-Site Scripting (XSS)

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , stored XSS also known as persistent or second-order XSS occurs when an application receives data from an untrusted source and includes that data in its subsequent HTTP responses in an unsafe manner. Thi...

7.6CVSS5.8AI score0.00187EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/25 1:13 a.m.6 views

EUVD-2025-208105

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, when a link is sent via Secure Messaging, clicking the link opens the website within the OpenEMR/Portal site. This behavior could be exploited for phishing. Version 7.0...

7.2CVSS5.5AI score0.00157EPSS
Exploits1References2
OSV
OSV
added 2026/02/25 12:31 a.m.7 views

CVE-2025-67491 OpenEMR has Stored XSS in ub04 helper

OpenEMR is a free and open source electronic health records and medical practice management application. Versions 5.0.0.5 through 7.0.3.4 have a stored cross-site scripting vulnerability in the ub04 helper of the billing interface. The variable $data is passed in a click event handler enclosed in...

8.5CVSS5.3AI score0.00246EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/02/21 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-24122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires befo...

3.7CVSS5.4AI score0.00197EPSS
Exploits2References3
Rows per page
Query Builder