Lucene search
+L

7200 matches found

osv
osv
added 2026/06/02 12:0 a.m.1 views

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References5
vulnersosv
vulnersosv
added 2026/06/01 10:29 a.m.7 views

org.apache.fluss:fluss-kafka (>=0.8.0-incubating <=0.9.0-incubating) potentially affected by CVE-2026-49361 via org.apache.fluss:fluss-rpc (>=0.8.0-incubating <=0.9.0-incubating)

org.apache.fluss:fluss-rpc MAVEN version =0.8.0-incubating, =0.8.0-incubating, =0.9.0-incubating Source cves: CVE-2026-49361 Source advisory: SNYK:JAVA-ORGAPACHEFLUSS-17139463...

7.5CVSS5.5AI score0.0058EPSS
Exploits0
snyk
snyk
added 2026/06/01 10:29 a.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper configuration of the LengthFieldBasedFrameDecoder value. An attacker can cause the application to exhaust JVM heap memory and disrupt service availability by sending...

8.7CVSS5.5AI score0.0058EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/30 8:13 a.m.17 views

CVE-2026-45039

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, getsharedsecret in crates/ecstore/src/rpc/httpauth.rs, falls back to...

9.8CVSS5.7AI score0.00268EPSS
Exploits0References1
nvd
nvd
added 2026/05/29 4:16 p.m.17 views

CVE-2018-25384

Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...

5.4CVSS0.00215EPSS
Exploits0References4
euvd
euvd
added 2026/05/29 2:46 p.m.9 views

EUVD-2018-21906

Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...

5.4CVSS5.7AI score0.00215EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/29 2:46 p.m.34 views

CVE-2018-25384 Wikidforum 2.20 Cross-Site Scripting via reply_text Parameter

Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...

5.4CVSS0.00215EPSS
Exploits0References4
cve
cve
added 2026/05/29 2:46 p.m.18 views

CVE-2018-25384

Wikidforum 2.20 contains a cross-site scripting vulnerability: authenticated attackers can inject JavaScript by submitting crafted HTML in the reply_text parameter via the rpc.php endpoint, causing scripts to execute in other users’ browsers when viewing forum replies. The CVE entry provides this...

5.4CVSS5.7AI score0.00215EPSS
Exploits0References4
nvd
nvd
added 2026/05/29 2:16 a.m.30 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS0.00135EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/29 2:6 a.m.40 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS0.00135EPSS
Exploits0References1
nessus
nessus
added 2026/05/29 12:0 a.m.10 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : XML-RPC for C and C++ vulnerabilities (USN-8313-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8313-1 advisory. It was discovered that Expat, vendored in XML-RPC, incorrectly handled certain files. An...

9.8CVSS7.1AI score0.34174EPSS
Exploits0References3
nessus
nessus
added 2026/05/29 12:0 a.m.21 views

RockyLinux 9 : opentelemetry-collector (RLSA-2026:19353)

The remote RockyLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:19353 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go:...

9.1CVSS5.8AI score0.00651EPSS
Exploits1References17
oraclelinux
oraclelinux
added 2026/05/29 12:0 a.m.16 views

freerdp security update

2.1.1-5.0.5 - Fixed CVE-2026-26955 CVE-2026-26956 Orabug: 39189643 2:2.2.0-5.0.3 - Fixed CVE-2026-22855 CVE-2026-22858 CVE-2026-22859 Orabug: 39075086 2:2.2.0-5.0.1 - fixed CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533 CVE-2026-23884 Orabug: 38971897 2:2.2.0-5 - Update: Refactored R...

8.8CVSS5.9AI score0.02003EPSS
Exploits14
githubexploit
githubexploit
added 2026/05/28 8:6 p.m.82 views

Exploit for CVE-2026-8832

EXPLOIT CVE-2026-8832 !Bannerhttps://img.shields.io/badge/...

8.8CVSS6.5AI score0.01214EPSS
Exploits2
attackerkb
attackerkb
added 2026/05/28 6:39 p.m.8 views

CVE-2026-45039

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, getsharedsecret in crates/ecstore/src/rpc/httpauth.rs, falls back to...

9.8CVSS5.7AI score0.00268EPSS
Exploits0References2Affected Software1
susecve
susecve
added 2026/05/28 3:55 a.m.11 views

SUSE CVE-2026-45964

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References12
redhatcve
redhatcve
added 2026/05/28 3:54 a.m.14 views

CVE-2026-45870

A flaw was found in the Linux kernel's SUNRPC Sun Remote Procedure Call authentication GSS Generic Security Service module. This vulnerability occurs due to memory leaks in the XDR eXternal Data Representation decoding error paths within functions like gssxdecctx, gssxdecstatus, and gssxdecname...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/05/28 12:0 a.m.12 views

rustfs 安全漏洞

RustFS is a high-performance object storage system developed by RustFS. Versions of RustFS prior to 1.0.0-beta.2 contained security vulnerabilities. These vulnerabilities stemmed from the internal RPC layer reverting to the public default key when no shared key was configured, which could lead to...

9.8CVSS5.8AI score0.00268EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/05/27 6:44 p.m.146 views

Exploit for Incorrect Default Permissions in Supervisord Supervisor

LAB 3 — Supervisord XML-RPC Remote Code Execution CVE-2017-11...

9CVSS7.7AI score0.87544EPSS
Exploits10
euvd
euvd
added 2026/05/27 3:33 p.m.15 views

EUVD-2026-32248

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

5.8AI score0.0016EPSS
Exploits0References9
Rows per page
Query Builder