Lucene search
+L

853 matches found

nvd
nvd
added 2 days ago3 views

CVE-2026-47736

Puma is a Ruby/Rack web server built for parallelism. From 5.5.0 until 7.2.1 and 8.0.2, when PROXY protocol v1 support is enabled, Puma reads incoming bytes into an internal buffer while waiting for CRLF to determine whether a PROXY v1 line is present, allowing an attacker that continuously sends...

7.5CVSS0.0035EPSS
Exploits0References5
nessus
nessus
added 2 days ago2 views

openSUSE 16 Security Update : tiff (openSUSE-SU-2026:21289-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21289-1 advisory. This update for tiff fixes the following issues - CVE-2026-12912: heap-based buffer overflow when processing crafted PixarLog-compressed TIFF...

7.8CVSS6.9AI score0.00553EPSS
Exploits0References8
nvd
nvd
added 4 days ago5 views

CVE-2026-15496

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS0.01158EPSS
Exploits0References5
cvelist
cvelist
added 4 days ago33 views

CVE-2026-15496 SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS0.01158EPSS
Exploits0References5
cve
cve
added 4 days ago14 views

CVE-2026-15496

SonicCloudOrg sonic-agent (up to version 2.7.2) contains a remote os command injection in GroovyScriptImpl.evalIsFailed within Groovy Script Handler. The vulnerable function is in sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java. Exploitation is public and report...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
euvd
euvd
added 2026/07/07 4:51 p.m.12 views

EUVD-2026-22188

Open WebUI has Blind Server Side Request Forgery in its Image Edit Functionality...

4.3CVSS5.9AI score0.00227EPSS
Exploits1References2
nvd
nvd
added 2026/07/02 12:17 p.m.8 views

CVE-2026-57690

Unauthenticated Cross Site Request Forgery CSRF in Werkstatt = 4.7.2 versions...

4.3CVSS0.00104EPSS
Exploits0References1
nvd
nvd
added 2026/07/02 12:17 p.m.5 views

CVE-2026-57689

Subscriber Broken Access Control in Werkstatt = 4.7.2 versions...

4.3CVSS0.00222EPSS
Exploits0References1
cve
cve
added 2026/07/02 11:15 a.m.15 views

CVE-2026-57689

The CVE-2026-57689 entry concerns the WordPress Werkstatt theme (versions up to 4.7.2) with a Broken Access Control flaw. Affected component: Werkstatt WordPress theme; root cause: broken access control mechanisms in version <= 4.7.2. Impact: unauthorized access to restricted functionality, as...

4.3CVSS5.8AI score0.00222EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/07/02 12:0 a.m.8 views

PT-2026-55031

Unauthenticated Cross Site Request Forgery CSRF in Werkstatt = 4.7.2 versions...

4.3CVSS5.8AI score0.00104EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/02 12:0 a.m.9 views

PT-2026-55030

Subscriber Broken Access Control in Werkstatt = 4.7.2 versions...

4.3CVSS5.8AI score0.00222EPSS
Exploits0References3
patchstack
patchstack
added 2026/06/29 12:19 p.m.10 views

WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Werkstatt versions = 4.7.2...

4.3CVSS5.8AI score0.00222EPSS
Exploits0Affected Software1
nessus
nessus
added 2026/06/24 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-61022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the sqlotbcolpreds component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS6AI score0.0035EPSS
Exploits0References3
euvd
euvd
added 2026/06/23 6:31 p.m.10 views

EUVD-2025-210321

An issue in the timettodt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

5.9AI score0.00482EPSS
Exploits0References2
euvd
euvd
added 2026/06/23 6:31 p.m.7 views

EUVD-2025-210315

An issue in the sqlostripinjoin component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References2
osv
osv
added 2026/06/23 6:17 p.m.4 views

DEBIAN-CVE-2025-61024

An issue in the sqlotryinloop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References1
nvd
nvd
added 2026/06/23 5:16 p.m.9 views

CVE-2025-61025

An issue in the sslrqstget component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS0.0035EPSS
Exploits0References1
osv
osv
added 2026/06/23 5:16 p.m.3 views

DEBIAN-CVE-2025-61023

An issue in the stcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References1
nvd
nvd
added 2026/06/23 5:16 p.m.9 views

CVE-2025-61020

An issue in the sqlostripinjoin component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS0.00482EPSS
Exploits0References4
osv
osv
added 2026/06/23 5:16 p.m.6 views

DEBIAN-CVE-2025-61019

An issue in the sqlokeypartbest component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References1
Rows per page
Query Builder