Lucene search
K

116 matches found

EUVD
EUVD
added 2026/06/26 2:53 p.m.6 views

EUVD-2026-39753

Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...

4.3CVSS5.8AI score0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.9 views

PT-2026-52843

Name of the Vulnerable Software and Affected Versions LXD versions prior to 6.9 LXD version 5.21 Description A nil-pointer dereference occurs in the CreateCustomVolumeFromBackup function when processing a specially crafted custom-volume backup tarball that omits the expires at snapshot field. An...

6.5CVSS6AI score0.00389EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/22 5:1 p.m.3 views

EUVD-2026-11599

OpenCTI has Semi-Blind SSRF via Unvalidated External URL in Data Ingestion Feature...

7.7CVSS5.8AI score0.00212EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Squid

Squid is a web proxy cache. Starting from version 3.5.27 and before version 6.8, Squid may be vulnerable to a Denial of Service attack against the HTTP Chunked decoder due to an uncontrolled recursion bug. This issue allows a remote attacker to cause a Denial of Service when sending a crafted,...

8.6CVSS6.9AI score0.65254EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49188

Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tamper with serialized payloads in transit and inject malicious objects. Because deserialization is performed without proper validation or class...

7.5CVSS6.3AI score0.00235EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/31 2:28 a.m.15 views

EUVD-2026-33483

The Advanced Custom Fields ACF® plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.8.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to overwrit...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/29 3:12 p.m.32 views

CVE-2026-33384 Session Fixation in QuickCMS

QuickCMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in a patch to version...

4.8CVSS0.00154EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 6:28 p.m.30 views

CVE-2026-47335

CVE-2026-47335 : Ubuntu Linux 6.8 reportedly contains SAUCE patches and a possible NULL pointer dereference in AppArmor notification handling, exploitable by an unprivileged local user and capable of triggering a kernel panic. The connected sources provide minimal details beyond this description;...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/28 12:0 a.m.18 views

CVE-2026-47335

Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel panic...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.9 views

UBUNTU-CVE-2026-47330

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...

3.3CVSS5.8AI score0.00092EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/05/28 12:0 a.m.19 views

CVE-2026-47327

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops...

3.3CVSS5.8AI score0.00091EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44485

Name of the Vulnerable Software and Affected Versions Ubuntu Linux version 6.8 Description An issue exists in the AppArmor AF INET/AF INET6 socket mediation code due to the use of an uninitialized variable. This flaw can be triggered by an unprivileged local user, potentially leading to incorrect...

3.3CVSS5.9AI score0.00094EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.8 views

Canonical Ubuntu Linux 安全漏洞

Canonical Ubuntu Linux is a Linux operating system developed by the British company Canonical. The Canonical Ubuntu Linux versions 6.8, 6.17, and 7.0 have security vulnerabilities. These vulnerabilities stem from potential null pointer dereferencing when handling AFINET/AFINET6 socket mediation,...

3.3CVSS5.8AI score0.00094EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/28 12:0 a.m.20 views

CVE-2026-47329

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses...

3.3CVSS5.8AI score0.00092EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/25 9:30 p.m.12 views

WordPress Auto Affiliate Links plugin <= 6.8.8.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Affiliate Links versions = 6.8.8.3...

5.3CVSS5.8AI score0.00231EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/04/08 9:31 a.m.7 views

EUVD-2026-20425

Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects G5Plus April: from n/a through = 6.8...

5.3CVSS5.9AI score0.00191EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.3 views

CVE-2026-39714

Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects G5Plus April: from n/a through = 6.8...

5.3CVSS0.00191EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31440

AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. Prior to 6.8, a stored cross-site scripting XSS vulnerability was identified in the modal item preview functionality. When item content longer than 800 characters was processed, attacker-controlled...

8.5CVSS6.1AI score0.00219EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/01 12:31 p.m.5 views

EUVD-2026-17851

A vulnerability was detected in Harvard University IQSS Dataverse up to 6.8. This affects an unknown function of the file /ThemeAndWidgets.xhtml of the component Theme Customization. Performing a manipulation of the argument uploadLogo results in unrestricted upload. Remote exploitation of the...

6.5CVSS6.2AI score0.00257EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.9 views

PT-2026-29508

A vulnerability was detected in Harvard University IQSS Dataverse up to 6.8. This affects an unknown function of the file /ThemeAndWidgets.xhtml of the component Theme Customization. Performing a manipulation of the argument uploadLogo results in unrestricted upload. Remote exploitation of the...

6.5CVSS5.5AI score0.00257EPSS
Exploits0References6
Rows per page
Query Builder