Lucene search
K

3057 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-44469

The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before...

8.5CVSS5.5AI score0.00105EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/04 5:36 p.m.13 views

kas's late signature validation may allow unnoticed repository manipulations

Impact So far, kas checks out and processes repositories regarding configuration includes prior to validating signatures of those repositories. This may allow to replace on original repository with one under the control of an attacker under very specific conditions. First of all, the attacker mus...

5.8AI score0.00021EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/04 2:50 p.m.14 views

matrix-sdk-ui: Incomplete edit validation

Impact The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate...

5.9AI score0.00019EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/04 2:50 p.m.6 views

GHSA-H97M-27FX-42RX matrix-sdk-ui: Incomplete edit validation

Impact The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate...

4.9CVSS5.9AI score0.00019EPSS
Exploits0References5
OSV
OSV
added 2026/06/03 12:0 p.m.12 views

RUSTSEC-2026-0158 Incomplete message edit validation in matrix-sdk-ui

The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate or spo...

4.9CVSS5.8AI score0.00019EPSS
Exploits0References3
RustSec
RustSec
added 2026/06/03 12:0 p.m.11 views

Incomplete message edit validation in matrix-sdk-ui

The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate or spo...

5.8AI score0.00019EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/03 12:30 a.m.10 views

EUVD-2021-34847

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execu...

8.3CVSS6.2AI score0.00107EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.13 views

PT-2026-46306

Name of the Vulnerable Software and Affected Versions matrix-sdk-ui versions prior to 0.16.1 Description The message edit validation logic is missing a check when replacing an encrypted event, as the replacement event is not required to be encrypted. This allows a malicious homeserver administrat...

4.9CVSS5.8AI score0.00019EPSS
Exploits0References8
NVD
NVD
added 2026/06/02 10:16 p.m.23 views

CVE-2021-4480

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execu...

8.3CVSS0.00107EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 9:31 p.m.8 views

CVE-2021-4480 Dräger Protector Software Local Privilege Escalation via Insecure File Permissions

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execu...

8.3CVSS6.2AI score0.00107EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 9:31 p.m.14 views

CVE-2021-4480

CVE-2021-4480 affects Dräger Protector Software prior to version 6.4.2. The issue is a local privilege escalation caused by insecure file system permissions that allow a local attacker to replace binaries or loaded modules and execute code with NT SYSTEM privileges. The description does not speci...

8.3CVSS6.2AI score0.00107EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 3:23 p.m.13 views

EUVD-2026-33951

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

5.5CVSS5.8AI score0.00162EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/02 7:48 a.m.43 views

CVE-2026-3620 Word Replacer <= 0.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Replacement' Parameter

The Word Replacer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'replacement' parameter in all versions up to, and including, 0.4. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.00246EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/06/02 7:48 a.m.7 views

CVE-2026-3620

The Word Replacer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'replacement' parameter in all versions up to, and including, 0.4. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS6AI score0.00246EPSS
Exploits0References10
CVE
CVE
added 2026/06/02 7:48 a.m.21 views

CVE-2026-3620

CVE-2026-3620 – Word Replacer (WordPress) is vulnerable to Stored Cross-Site Scripting via the replacement parameter in all versions up to 0.4. The root cause is insufficient input sanitization and output escaping, allowing authenticated attackers with Administrator-level access and above to inje...

4.4CVSS6AI score0.00246EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/06/02 7:48 a.m.9 views

CVE-2026-3620 Word Replacer <= 0.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Replacement' Parameter

The Word Replacer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'replacement' parameter in all versions up to, and including, 0.4. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS6AI score0.00246EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/02 7:48 a.m.11 views

EUVD-2026-33895

The Word Replacer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'replacement' parameter in all versions up to, and including, 0.4. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS6AI score0.00246EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.12 views

PT-2026-45861

Name of the Vulnerable Software and Affected Versions Dräger Protector Software versions prior to 6.4.2 Description Insecure file system permissions allow local attackers to execute arbitrary code with elevated privileges. This is achieved by replacing binaries or loaded modules on the host syste...

8.3CVSS6.2AI score0.00107EPSS
Exploits0References7
Malwarebytes
Malwarebytes
added 2026/06/01 2:40 p.m.23 views

Fake BlueWallet steals passwords, accounts, and crypto from Macs

A fake website impersonating BlueWallet a real Bitcoin wallet is targeting Mac users with a simple but effective attack. BlueWallet itself has not been compromised. Instead, cybercriminals have stolen the name and branding of the legitimate Bitcoin wallet to make a malicious download appear...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/01 11:24 a.m.10 views

CVE-2026-9308 Arbitrary JavaScript execution in Reader View due to wrong HTML replacement order

Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...

5.9AI score0.00157EPSS
Exploits0References2
Rows per page
Query Builder