Lucene search
K

41223 matches found

CNNVD
CNNVD
added 2026/05/17 12:0 a.m.9 views

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the ogstimeradd function in the nausf-handler.c file within the...

6.5CVSS5.8AI score0.00372EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.12 views

PT-2026-41525

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile key results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.10 views

PT-2026-41568

Name of the Vulnerable Software and Affected Versions adenhq hive versions prior to 0.11.0 Description A path traversal issue exists in the Delete Request Handler component. A remote attacker can perform a manipulation affecting the read events tail function within the core/framework/server/route...

7.5CVSS7.1AI score0.0061EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.15 views

PT-2026-41569

Name of the Vulnerable Software and Affected Versions MetaCRM versions prior to 6.4.0 Beta06 Description An unrestricted file upload issue exists in the '/common/jsp/upload3.jsp' file. A remote attacker can exploit this by manipulating the File argument, allowing the upload of unauthorized files...

7.5CVSS7.2AI score0.00278EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.11 views

PT-2026-41591

A weakness has been identified in linlinjava litemall up to 1.8.0. Affected is an unknown function of the component Admin Endpoint. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.13 views

PT-2026-41536

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs sbi subscription data add/ogs sbi nf service add in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the attack remotely. The...

5.3CVSS5.4AI score0.00455EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.14 views

AstrBot 路径遍历漏洞

AstrBot is an open-source multi-platform LLM chatbot and development framework developed by AstrBot. Versions of AstrBot 4.23.5 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the improper handling of the postfile function in the File Upload Handler component...

6.5CVSS6.5AI score0.00358EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.7 views

H2O 安全漏洞

H2O is an open-source memory platform for distributed, scalable machine learning developed by H2O.ai. Versions of H2O such as h2o-3 7402 and earlier contain security vulnerabilities. These vulnerabilities stem from improper access control in the exec function of the AstSetProperty.java file withi...

6.9CVSS6AI score0.0031EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.14 views

PT-2026-41542

Name of the Vulnerable Software and Affected Versions h2oai h2o-3 versions prior to 7402 Description A weakness in the Rapids setproperty Primitive Handler allows remote attackers to bypass access controls. The issue resides in the exec function within the file...

6.9CVSS6.3AI score0.0031EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.14 views

PT-2026-41544

Name of the Vulnerable Software and Affected Versions AstrBotDevs AstrBot versions prior to 4.23.6 Description A path traversal issue exists in the File Upload Handler component within the post file function of the astrbot/dashboard/routes/chat.py file. This occurs when the filename argument is...

6.5CVSS6.6AI score0.00358EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/16 1:14 a.m.11 views

SUSE CVE-2026-8582

Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3
OSV
OSV
added 2026/05/15 2:2 p.m.8 views

OESA-2026-2332 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

7.5CVSS6AI score0.01263EPSS
Exploits0References2
Redos
Redos
added 2026/05/15 12:0 a.m.8 views

ROS-20260515-73-0046

A vulnerability in the Navigation feature of Google Chrome browser is related to improper authorization. Exploitation of the vulnerability could allow an attacker acting remotely to bypass navigation restrictions using a specially crafted HTML page...

6.5CVSS5.8AI score0.0016EPSS
Exploits0
Redos
Redos
added 2026/05/15 12:0 a.m.8 views

ROS-20260515-73-0050

A vulnerability in the WebView web page display component of Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity and availability of protected information using...

8.8CVSS5.7AI score0.00277EPSS
Exploits0
Redos
Redos
added 2026/05/15 12:0 a.m.7 views

ROS-20260515-73-0017

A vulnerability in the Media component of the Google Chrome browser is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

9.1CVSS7.6AI score0.00305EPSS
Exploits0
Redos
Redos
added 2026/05/15 12:0 a.m.8 views

ROS-20260515-73-0036

A vulnerability in the TextEncoding component of Google Chrome and Microsoft Edge browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

8.8CVSS5.7AI score0.00271EPSS
Exploits0
NVD
NVD
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8519

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS0.00234EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/14 7:52 p.m.12 views

EUVD-2026-30391

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00214EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/14 7:52 p.m.9 views

CVE-2026-8567

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.9AI score0.00183EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/14 7:52 p.m.10 views

CVE-2026-8560

Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6AI score0.00251EPSS
Exploits0
Rows per page
Query Builder