Lucene search
K

1393429 matches found

EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-43172

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service...

4.8CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-43171

Capgo before 12.128.2 contains an information disclosure vulnerability in the findapikeybyvalue PostgreSQL function marked SECURITY DEFINER and executable by the anon role. Unauthenticated attackers can call this function via the /rest/v1/rpc/findapikeybyvalue endpoint to retrieve sensitive API k...

8.7CVSS6.1AI score
Exploits0References3
CVE
CVE
added 4 hours ago5 views

CVE-2026-56303

Capgo before 12.128.2 contains an information disclosure in the PostgreSQL function find_apikey_by_value (marked SECURITY DEFINER) that can be executed by the anon role. An unauthenticated caller can hit the /rest/v1/rpc/find_apikey_by_value endpoint to retrieve API key metadata such as user_id, ...

8.7CVSS6.1AI score
Exploits0References2
Circl
Circl
added 6 hours ago3 views

CVE-2026-57828

creationtimestamp| type| source ---|---|--- 2026-07-11 10:24:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqeh2ucr3v2b 2026-07-11 10:41:33+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqei242wbd2c 2026-07-11 11:37:49+00:00| seen|...

9CVSS6.1AI score
Exploits0References6
Chainguard
Chainguard
added 8 hours ago7 views

GHSA-FXHP-MV3V-67QP vulnerabilities

Vulnerabilities for packages: oras, oras-fips...

6.1AI score
Exploits0
Wolfi
Wolfi
added 8 hours ago6 views

GHSA-FXHP-MV3V-67QP vulnerabilities

Vulnerabilities for packages: oras...

6.1AI score
Exploits0
Circl
Circl
added 9 hours ago3 views

CVE-2026-4661

creationtimestamp| type| source ---|---|--- 2026-07-11 07:38:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqe5rxtqrn2e 2026-07-11 07:50:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqe6hic4ql2k 2026-07-11 08:00:38+00:00| seen|...

7.5CVSS6.1AI score
Exploits0References4
Circl
Circl
added 9 hours ago6 views

CVE-2026-6801

creationtimestamp| type| source ---|---|--- 2026-07-11 07:35:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqe5nejffn2e 2026-07-11 08:02:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqe76hgzi22x...

5.3CVSS6.1AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 9 hours ago5 views

CVE-2026-52761

A flaw was found in ModSecurity, an open-source web application firewall WAF. The t:utf8toUnicode transformation function, responsible for converting UTF-8 encoded characters to Unicode, generates incorrect output on i386 architectures. This vulnerability allows an attacker to bypass WAF rules,...

5.8CVSS6AI score
Exploits0References6
Circl
Circl
added 9 hours ago5 views

CVE-2026-10865

creationtimestamp| type| source ---|---|--- 2026-07-11 07:34:05+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqe5kutobe2i 2026-07-11 08:32:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqeatdoff72k...

5.3CVSS6.1AI score
Exploits0References2
Circl
Circl
added 9 hours ago5 views

CVE-2026-15155

creationtimestamp| type| source ---|---|--- 2026-07-11 07:32:48+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqe5imu2qi2e 2026-07-11 07:59:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqe6xqk3ap2g 2026-07-11 08:00:32+00:00| seen|...

8.8CVSS6.1AI score
Exploits0References3
Circl
Circl
added 12 hours ago3 views

CVE-2026-13353

creationtimestamp| type| source ---|---|--- 2026-07-11 04:40:38+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdtuqz2qt27 2026-07-11 05:00:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqduyyvv3g25 2026-07-11 06:37:34+00:00| seen|...

8.8CVSS6.1AI score
Exploits0References3
Nuclei
Nuclei
added 14 hours ago151 views

kkFileView 4.1.0 - Cross-Site Scripting

kkFileView 4.1.0 is susceptible to cross-site scripting via the url parameter at /controller/OnlinePreviewController.java. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...

6.1CVSS6.4AI score0.01084EPSS
Exploits1References2
Nuclei
Nuclei
added 14 hours ago93 views

AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion

AVEVA InTouch Access Anywhere Secure Gateway is vulnerable to local file inclusion. id: CVE-2022-23854 info: name: AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion author: For3stCo1d severity: high description: | AVEVA InTouch Access Anywhere Secure Gateway is vulnerable to loc...

7.5CVSS7AI score0.45957EPSS
Exploits5References5
Nuclei
Nuclei
added 14 hours ago73 views

Advantech R-SeeNet - Cross-Site Scripting

Advantech R-SeeNet contains a cross-site scripting vulnerability in the devicegraphpage.php script via the graph parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution. id: CVE-2021-21801 info: name: Advantech R-SeeNet - Cross-Site Scripting author: gy74...

9.6CVSS6.9AI score0.63415EPSS
Exploits1References4
Nuclei
Nuclei
added 14 hours ago84 views

Jenzabar 9.2x-9.2.2 - Cross-Site Scripting

Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting vulnerability. It allows /ics?tool=search&query. id: CVE-2021-26723 info: name: Jenzabar 9.2x-9.2.2 - Cross-Site Scripting author: pikpikcu severity: medium description: Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting...

6.1CVSS6.7AI score0.10949EPSS
Exploits3References5
Nuclei
Nuclei
added 14 hours ago101 views

IceWarp Mail Server - Open Redirect

IceWarp Mail Server contains an open redirect via the referer parameter. This can lead to phishing attacks or other unintended redirects. id: CVE-2021-36580 info: name: IceWarp Mail Server - Open Redirect author: DhiyaneshDk severity: medium description: | IceWarp Mail Server contains an open...

6.1CVSS6.4AI score0.01529EPSS
Exploits0References5
Nuclei
Nuclei
added 14 hours ago13 views

Yellow Pencil Visual Theme Customizer < 7.2.1 - Privilege Escalation

The WaspThemes Visual CSS Style Editor aka yellow-pencil-visual-theme-customizer plugin before 7.2.1 for WordPress allows ypoptionupdate CSRF, as demonstrated by use of ypremoteget to obtain admin access. id: CVE-2019-11886 info: name: Yellow Pencil Visual Theme Customizer 7.2.1 - Privilege...

8.8CVSS7AI score0.0189EPSS
Exploits1References3
Nuclei
Nuclei
added 14 hours ago34 views

White Star Software ProTop - Directory Traversal

A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences. id: CVE-2025-44177 info: name:...

8.2CVSS7.1AI score0.04173EPSS
Exploits3References4
Nuclei
Nuclei
added 14 hours ago25 views

SAP Solution Manager - Open Redirect

SAP Solution Manager contains an open redirect vulnerability via the logoff endpoint. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-26836 info: name: SAP Solution Manager - Open...

6.1CVSS6.4AI score0.02338EPSS
Exploits1References4
Rows per page
Query Builder