Lucene search
K

41188 matches found

NVD
NVD
added 3 days ago11 views

CVE-2026-13482

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS0.00189EPSS
Exploits0References6
CVE
CVE
added 3 days ago13 views

CVE-2026-13482

CVE-2026-13482 affects skypilot-org/skypilot

6.3CVSS5.2AI score0.00189EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago9 views

EUVD-2026-39982

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS5.2AI score0.00189EPSS
Exploits0References6
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-13482 skypilot-org skypilot User ID server.py username.encode weak hash

A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...

6.3CVSS0.00189EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-53098

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /preview.php endpoint where manipulating the course year section variable allows for SQL injection. This allows a remote attacker to interfere with...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-53167

Name of the Vulnerable Software and Affected Versions VoltAgent versions prior to 2.1.18 Description An improper authorization issue exists within the Memory REST API component, specifically in the handleGetMemoryConversation function located in the...

3.1CVSS5.8AI score0.0022EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 3 days ago11 views

PT-2026-53165

Name of the Vulnerable Software and Affected Versions RAGapp versions prior to 0.1.6 Description A path traversal issue exists in the Knowledge File Handler component. This flaw allows remote attackers to manipulate files via the FileHandler.upload file and FileHandler.remove file functions locat...

6.5CVSS6.6AI score0.00294EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 3 days ago3 views

Linux Distros Unpatched Vulnerability : CVE-2026-13503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file...

6.9CVSS5.6AI score0.0055EPSS
Exploits0References3
Nuclei
Nuclei
added 5 days ago18 views

HuangDou UTCMS V9 - OS Command Injection

A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection.The attack may be launched remotely. The...

9.8CVSS6.6AI score0.73666EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 6 days ago5 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago4 views

CVE-2026-52958

A flaw was found in the Linux kernel's libceph component. This vulnerability, located within the osdmapdecode function, can lead to an out-of-bounds memory access. A remote attacker could exploit this by sending a specially crafted and corrupted osdmap message, where the maxosd value exceeds the...

9.1CVSS5.9AI score0.00544EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-39149

Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must vis...

8.8CVSS5.4AI score0.0067EPSS
Exploits0References3
OSV
OSV
added last week2 views

DEBIAN-CVE-2026-13027

Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00195EPSS
Exploits0References1
CVE
CVE
added last week19 views

CVE-2026-13027

CVE-2026-13027 is a use-after-free in Chrome’s FileSystem prior to 149.0.7827.197, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. Affected: Google Chrome (FileSystem component); root cause: use-after-free vulnerability; impact: heap corruption with high...

8.8CVSS5.9AI score0.00195EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/22 9:4 p.m.9 views

CVE-2026-56306

Capgo before 12.128.2 contains a parsing vulnerability in the x-limited-key-id header that can bypass subkey enforcement and let attackers make requests under the main API key context instead of restricted subkey permissions. The issue arises from malformed, zero, or duplicate header values produ...

6.4CVSS5.9AI score0.00251EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 12:31 a.m.9 views

EUVD-2026-38200

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/22 12:31 a.m.8 views

EUVD-2026-38195

A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz5in1redirect of the file /goform/wiz5in1redirect of the component POST Request Handler. Such manipulation of the argument newpass leads to command injection. The attack can be launched remotely. The exploit is...

6.5CVSS6.5AI score0.01158EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/22 12:31 a.m.9 views

EUVD-2026-38196

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. Th...

6.5CVSS6.4AI score0.01158EPSS
Exploits0References6
NVD
NVD
added 2026/06/21 11:16 p.m.11 views

CVE-2026-12814

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS0.01182EPSS
Exploits0References5
CVE
CVE
added 2026/06/21 10:45 p.m.12 views

CVE-2026-12814

CVE-2026-12814 affects Comfast CF-WR631AX V3 up to version 2.7.0.8. The vulnerability is located in the API Endpoint component, specifically the file path /cgi-bin/mbox-config?section=ping_config, where manipulation of the destination argument leads to an OS command injection. The issue can be ex...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References5
Rows per page
Query Builder