Lucene search
K

9123 matches found

Nuclei
Nuclei
added 18 hours ago108 views

FUDForum 3.1.0 - Cross-Site Scripting

FUDForum 3.1.0 contains a cross-site scripting vulnerability. An attacker can inject JavaScript via index.php in the author parameter, thereby possibly stealing cookie-based authentication credentials and launching other attacks. id: CVE-2021-27520 info: name: FUDForum 3.1.0 - Cross-Site Scriptin...

6.1CVSS6.3AI score0.06396EPSS
Exploits4References5
Nuclei
Nuclei
added 18 hours ago11 views

WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected)

The WordPress Qwizcards plugin before version 3.95 does not sanitise and escape the "themestylesheet" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting vulnerability. id: CVE-2025-6174 info: name: WordPress Qwizcards alert'randstr'" matchers-...

6.1CVSS5.9AI score0.0046EPSS
Exploits0References2
Nuclei
Nuclei
added 18 hours ago21 views

TP-Link Archer A20 v3 Router - Cross-site Scripting

The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting XSS due to improper handling of directory listing paths in the web interface. When a specially crafted URL is visited, the router's web page renders the directory listing and executes arbitrary JavaScript embedded in the URL...

4.8CVSS7.3AI score0.00875EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 21 hours ago4 views

Security update for flannel (important)

openSUSE Security Update: Security update for flannel Announcement ID: openSUSE-SU-2026:0239-1 Rating: important References: 1265780 1266620 Cross-References: CVE-2026-33814 CVE-2026-39821 CVSS scores: CVE-2026-33814 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-39821 SUSE: 9.1...

9.1CVSS6.8AI score0.00781EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added yesterday3 views

Security update for rustup

This update for rustup fixes the following issues Security issues: CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243862. CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249008. CVE-2026-25727: time: parsing of user-provided inp...

8.7CVSS7.1AI score0.00412EPSS
Exploits1References48
EUVD
EUVD
added yesterday5 views

EUVD-2026-42642

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

6AI score
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-42641

An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line...

6.5CVSS6AI score
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-42640

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

6AI score
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-51597

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

9.1CVSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-51598

An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line...

6.5CVSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-51599

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

9.8CVSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-1933 DESCRIPTION: A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks,...

9.8CVSS6.9AI score0.12797EPSS
Exploits10Affected Software1
Nuclei
Nuclei
added yesterday102 views

WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion

WordPress Delightful Downloads Jquery File Tree versions 2.1.5 and older are susceptible to local file inclusion vulnerabilities via jqueryFileTree. id: CVE-2017-1000170 info: name: WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion author: dwisiswant0 severity: high...

7.5CVSS7AI score0.57608EPSS
Exploits7References5
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2026-51598

An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line...

6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-51597

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

6AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-51599

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-56872

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-56874

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

6AI score
Exploits0References2
Vulnrichment
Vulnrichment
added yesterday3 views

CVE-2026-51597

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

6.1AI score
Exploits0References1
Vulnrichment
Vulnrichment
added yesterday2 views

CVE-2026-51599

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

6.1AI score
Exploits0References1
Rows per page
Query Builder