Lucene search
K

41181 matches found

CVE
CVE
added 2026/05/23 7:30 a.m.48 views

CVE-2026-9294

Summary: CVE-2026-9294 affects Edimax BR-6428NS (firmware 1.10). The vulnerability is in the POST Request Handler, inside the function formWanTcpipSetup, where manipulation of the argument pppUserName leads to a buffer overflow. This could be triggered remotely, and an exploit is publicly availab...

9CVSS7.8AI score0.00542EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.19 views

PT-2026-42880

Name of the Vulnerable Software and Affected Versions omec-project amf versions prior to 2.1.2 Description A memory corruption issue exists in the NGReset Message Handler component. A remote attacker can trigger this condition through specific manipulation of the system. Recommendations Apply the...

6.5CVSS6.6AI score0.00228EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.13 views

PT-2026-42876

A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and may be used. It is...

6.5CVSS5.5AI score0.00228EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.16 views

PT-2026-42892

Name of the Vulnerable Software and Affected Versions SourceCodester Hospitals Patient Records Management System version 1.0 Description A security flaw allows for remote SQL injection, which is a technique where malicious SQL statements are inserted into entry fields for execution. The issue...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.15 views

PT-2026-42870

A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipulation of the argument vapurl results in buffer overflow. The attack can be initiated remotely. The...

9CVSS7.8AI score0.00542EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.15 views

PT-2026-42885

A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/22 12:0 a.m.11 views

CVE-2026-46727

An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler rbgetaddrinfo in ext/socket/raddrinfo.c allows a remote attacker who can delay DNS responses near the user-specified timeout to crash a Ruby process that...

8.1CVSS5.8AI score0.00478EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-8695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 6.1.5 contains a use-after-free vulnerability in the gdbrthreadslist function that allows remote attackers to trigger memory corruption by sending a val...

9.8CVSS6.2AI score0.00626EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/05/21 2:0 p.m.17 views

Microsoft Copilot Tampering Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...

9.3CVSS5.8AI score0.0042EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/21 11:53 a.m.13 views

CVE-2026-6474

A flaw was found in PostgreSQL. This vulnerability, an externally-controlled format string in the timeofday function, allows a remote attacker to craft specific timezone zones. Successful exploitation can lead to the retrieval of sensitive portions of server memory, potentially disclosing...

4.3CVSS5.7AI score0.00208EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/21 8:14 a.m.10 views

EUVD-2026-31245

A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...

3.7CVSS5.8AI score0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Netatalk SQL注入漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.0 to 4.4.2 of Netatalk have a SQL injection vulnerability. This vulnerability stems from the MySQL CNID backend’s SQL...

8.8CVSS5.9AI score0.00371EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в chromium

Using use after free in V8 in Google Chrome before version 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01724EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в chromium

Before version 94.0.4606.54, using the "after free" mechanism in the File System API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01349EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в chromium

The use of the “after free in storage foundation” feature in Google Chrome before version 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00813EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в binutils

A vulnerability was discovered in cp-demangle.c within GNU libiberty, as part of the GNU Binutils 2.31 package. This vulnerability stems from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could exploit this vulnerability to cause a...

5.5CVSS6.7AI score0.01686EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в chromium

A heap buffer overflow in Bookmarks in Google Chrome prior to version 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.0282EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Chromium

In V8 in Google Chrome, prior to version 95.0.4638.54, it was possible for a remote attacker to exploit heap corruption through a crafted HTML page...

7.5CVSS7.3AI score0.0076EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.15 views

Astra Linux - уязвимость в ghostscript

A divide-by-zero issue was discovered in epsprintpage within gdevepsn.c in Artifex Software GhostScript 9.50. This issue allows remote attackers to cause a denial of service by opening crafted PDF files...

5.5CVSS6.2AI score0.00619EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux - уязвимость в chromium

Using “after free” in Aura in Google Chrome before version 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01216EPSS
Exploits1References1
Rows per page
Query Builder