Lucene search
K

257 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.8 views

Fedora 43 : python-django5 (2026-4d1404fc5d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4d1404fc5d advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

9.8CVSS5.8AI score0.00056EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.4 views

Fedora 44 : python-django5 (2026-9b7a6474a1)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9b7a6474a1 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

9.8CVSS5.8AI score0.00056EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.4 views

Fedora 44 : python-django6 (2026-de6e24ae07)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-de6e24ae07 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

9.8CVSS5.9AI score0.00056EPSS
Exploits1References10
NVD
NVD
added 2026/05/14 1:16 p.m.9 views

CVE-2026-6008

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

6.8CVSS0.00036EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 12:24 p.m.31 views

CVE-2026-6008 IDOR in Im Park's DijiDemi

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

6.8CVSS0.00036EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 12:24 p.m.7 views

CVE-2026-6008

CVE-2026-6008 describes an authorization bypass/IDOR in DijiDemi (Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co.). Affected versions are v4.5.12.1 before v4.5.13.0. Root cause: user‑controlled key enables privilege escalation. Impact includes hi...

6.8CVSS5.8AI score0.00036EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 12:24 p.m.6 views

EUVD-2026-30270

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

6.8CVSS5.8AI score0.00036EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 12:24 p.m.5 views

CVE-2026-6008 IDOR in Im Park's DijiDemi

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

6.8CVSS5.8AI score0.00036EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.7 views

PT-2026-40914

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

6.8CVSS5.8AI score0.00036EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.2 views

Fedora 42 : python-django5 (2026-b9548393aa)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b9548393aa advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

9.8CVSS5.8AI score0.00056EPSS
Exploits1References10
NVD
NVD
added 2026/04/30 1:16 p.m.2 views

CVE-2026-7399

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

8.1CVSS0.00013EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/30 12:39 p.m.28 views

CVE-2026-7399 IDOR in MeWare Software's PDKS

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

8.1CVSS0.00013EPSS
Exploits0References2
CVE
CVE
added 2026/04/30 12:39 p.m.6 views

CVE-2026-7399

CVE-2026-7399 describes an authorization bypass via a user-controlled key in MeWare Software Development Inc. PDKS, enabling privilege abuse. Affected: PDKS versions from V16.20200313 up to before VMYR_3.5.2025117. The vulnerability is classified with CVSS 3.1 base score 8.1 (High), with attack v...

8.1CVSS5.2AI score0.00013EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/30 12:39 p.m.1 views

EUVD-2026-26371

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

8.1CVSS5.2AI score0.00013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:39 p.m.1 views

CVE-2026-7399

Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR3.5.2025117...

8.1CVSS5.2AI score0.00013EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/28 1:54 p.m.4 views

CVE-2026-40556

In the connected Debian/CVE entry, GNU nano is affected by a local permission issue: when the user’s ~/.local directory does not exist, nano creates it with mode 0777, making it world‑writable in environments where the umask is lax. This creates a race window where an attacker could leverage the ...

5.3AI score
Exploits0
Ubuntu
Ubuntu
added 2026/04/23 10:0 a.m.10 views

USN-8204-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.2AI score0.00092EPSS
Exploits0
EUVD
EUVD
added 2026/04/22 6:31 p.m.2 views

EUVD-2026-25020

A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...

5CVSS5.8AI score0.00012EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 5:16 p.m.3 views

CVE-2026-35372

A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...

5CVSS0.00012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 4:8 p.m.27 views

CVE-2026-35372 uutils coreutils ln Security Bypass via Improper Handling of the --no-dereference Flag

A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...

5CVSS0.00012EPSS
Exploits0References2
Rows per page
Query Builder