Lucene search
K

30 matches found

EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42593

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt th...

7.1CVSS5.9AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:39 p.m.2 views

BIT-GHOST-2026-53944 Ghost: Private IP filtering bypass to make server-side requests to internal services

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, when making an external request, it is possible to bypass the IP filter that ensures the request isn't going to an internal service using an IPv6 literal which maps to a private IPv4 address. This vulnerability is fixed in...

5.8CVSS5.8AI score0.00197EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/19 2:21 p.m.6 views

NPM: undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

NPM: undici vulnerable to HTTP header injection via Set-Cookie percent-decoding vulnerability discovered by ? in WordPress Npm undici versions 6.27.0...

5.9CVSS5.8AI score0.00257EPSS
Exploits0References4Affected Software1
Fedora
Fedora
added 2026/04/16 11:42 p.m.12 views

[SECURITY] Fedora 44 Update: kf6-syndication-6.25.0-1.fc44

The Syndication Library...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/03/27 5:21 p.m.5 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication due to improper validation of authentication tokens in the incus webui process. An attacker can gain unauthorized access to the user's Incus instances and potentially escalate privileges by interacting with the...

8.8CVSS5.9AI score0.00347EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-33897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root ...

9.9CVSS5.9AI score0.00481EPSS
Exploits0References2
CVE
CVE
added 2026/03/26 11:25 p.m.16 views

CVE-2026-33898

CVE-2026-33898 affects the Incus web UI local web server. Prior to v6.23.0, the server incorrectly validates the authentication token when provided in the URL, while the cookie stores the token correctly. An attacker who can access the temporary localhost web server can gain the same access as th...

8.8CVSS5.9AI score0.00347EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

Incus injection vulnerability

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.20.0 have a vulnerability that allows for injection attacks. This vulnerability stems from the ability to add arbitrary lifecycle hooks in container configurations through line breaks, potential...

8.7CVSS6.1AI score0.00471EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML...

8.7CVSS6.1AI score0.00471EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:20 a.m.5 views

CVE-2021-2297

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

5.3CVSS5.3AI score0.00687EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-2310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult...

7.5CVSS6.9AI score0.00645EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-2145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult...

7.5CVSS6.9AI score0.00791EPSS
Exploits0References2
OSV
OSV
added 2025/04/01 12:15 p.m.15 views

UBUNTU-CVE-2025-3083

Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB v6.0 versions prior to 6.0.20 and MongoDB v7.0 versions prior to...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References3
CVE
CVE
added 2025/03/31 12:55 p.m.53 views

CVE-2025-31542

CVE-2025-31542 identifies an authenticated SQL Injection in the WordPress plugin My auctions allegro (free edition). Affected: My auctions allegro

8.5CVSS7.3AI score0.00304EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/07/25 12:0 a.m.6 views

VulnCheck KEV: CVE-2022-25064

TP-LINK TL-WR840NESV6.20180709 was discovered to contain a remote code execution RCE vulnerability via the function oalwan6setIpAddr...

9.8CVSS7.8AI score0.36224EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.5 views

PT-2024-15096 · WordPress · Wp Compress – Image Optimizer

Name of the Vulnerable Software and Affected Versions: WP Compress – Image Optimizer versions up to, and including, 6.20.01 Description: The issue is related to insufficient validation on the redirect URL supplied via the css parameter, allowing unauthenticated attackers to redirect users to...

6.1CVSS7.2AI score0.00437EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:3 a.m.5 views

SUSE CVE-2020-2914

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

7CVSS6.8AI score0.00385EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.3 views

SUSE CVE-2021-2145

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

7.5CVSS7AI score0.00791EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.5 views

SUSE CVE-2021-2285

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

7.1CVSS6.5AI score0.00373EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.3 views

SUSE CVE-2021-2309

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

7.5CVSS6.6AI score0.0058EPSS
Exploits0References5
Rows per page
Query Builder