Lucene search
K

10 matches found

NVD
NVD
added 5 hours ago5 views

CVE-2026-40501

Cherry Studio versions 1.2.2 through 1.9.12, fixed in commit 1518530, contain a remote code execution vulnerability in SearchService that allows remote attackers to execute arbitrary code by delivering malicious JavaScript through controlled search provider content loaded into an Electron...

8.8CVSS
Exploits0References3
CVE
CVE
added 6 hours ago6 views

CVE-2026-40501

Cherry Studio versions 1.2.2–1.9.12 contain a remote code execution vulnerability in the SearchService due to a nodeIntegration misconfiguration. When an Electron BrowserWindow is created with nodeIntegration enabled and contextIsolation disabled, control over search provider content (provided by...

8.8CVSS6.7AI score
Exploits0References3
EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-44747

Cherry Studio versions 1.2.2 through 1.9.12, fixed in commit 1518530, contain a remote code execution vulnerability in SearchService that allows remote attackers to execute arbitrary code by delivering malicious JavaScript through controlled search provider content loaded into an Electron...

8.8CVSS6.7AI score
Exploits0References3
Cvelist
Cvelist
added 2026/05/11 8:21 a.m.40 views

CVE-2026-43826 Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedded in the host URL

The OpenSearch logging provider, when configured with a host URL that embeds credentials for example https://user:[email protected]:9200, wrote the full host URL — including the embedded credentials — into task logs. Any user with task-log read permission could harvest the backend...

0.0041EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

Apache Airflow 日志信息泄露漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. The Apache Airflow OpenSearch Provider has a vulnerabilit...

6.5CVSS5.8AI score0.0041EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2024:2399-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.0107EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.31 views

SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2024:2399-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2399-1 advisory. Update to Firefox Extended Support Release 115.13.0 ESR MFSA 2024-30, bsc1226316: - CVE-2024-660...

9.8CVSS6.8AI score0.0107EPSS
Exploits2References29
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.11 views

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2024:2371-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2371-1 advisory. Update to Firefox Extended Support Release 115.13.0 ESR MFSA 2024-30, bsc1226316: - CVE-2024-6600: Memory corruption in WebGL API -...

9.8CVSS7.5AI score0.0107EPSS
Exploits2References29
OpenVAS
OpenVAS
added 2024/07/10 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2024:2371-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.0107EPSS
Exploits2References5
OSV
OSV
added 2024/07/09 3:53 p.m.9 views

SUSE-SU-2024:2371-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.13.0 ESR MFSA 2024-30, bsc1226316: - CVE-2024-6600: Memory corruption in WebGL API - CVE-2024-6601: Race condition in permission assignment - CVE-2024-6602: Memory corruption in NSS -...

9.8CVSS8.1AI score0.0107EPSS
Exploits2References16
Rows per page
Query Builder