Lucene search
K

276239 matches found

RedhatCVE
RedhatCVE
added 2026/02/06 1:26 a.m.5 views

CVE-2025-70073

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function...

7.2CVSS6AI score0.00657EPSS
Exploits1References1
OSV
OSV
added 2026/02/06 1:10 a.m.5 views

CLEANSTART-2026-WX01708 vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device

Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. See references for individual vulnerability details...

9.8CVSS8.6AI score0.84841EPSS
Exploits16References73
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.7 views

Tanium Client 安全漏洞

Tanium Client is a terminal proxy software developed by the American company Tanium. Tanium Client has a security vulnerability, which stems from a denial-of-service vulnerability...

3.3CVSS5.8AI score0.00096EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.7 views

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Versions of FUXA 1.2.9 and earlier contain security vulnerabilities. These vulnerabilities stem from authorization bypasses, which could allow unverified remote attackers to modify device labels...

9.3CVSS5.8AI score0.00479EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.7 views

Inforprograma JumpStart 代码问题漏洞

Inforprograma JumpStart is a software installation and configuration tool developed by Inforprograma in Portugal. Version 0.6.0.0 of Inforprograma JumpStart contains a code vulnerability. This vulnerability stems from the jswpbapi service having a service path that lacks quotation marks, which ma...

8.5CVSS6AI score0.00128EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.5 views

PT-2026-6829

Name of the Vulnerable Software and Affected Versions QuickDate version 1.3.2 Description The software contains a SQL injection issue that allows remote attackers to manipulate database queries. This is achieved through the located parameter in the /find matches API endpoint. Attackers can inject...

8.8CVSS5.7AI score0.0041EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/06 12:0 a.m.6 views

Cisco TelePresence Collaboration Endpoint Software and RoomOS Software DoS (cisco-sa-tce-roomos-dos-9V9jrC2q)

According to its self-reported version, Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service is affected by a vulnerability. - A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software cou...

7.5CVSS5.5AI score0.0037EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/06 12:0 a.m.4 views

Oracle Linux 7 : python (ELSA-2026-1537)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1537 advisory. 2.7.5-94.0.3 - Fix for CVE-2025-12084 Orabug: 38902314 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

6.3CVSS8.2AI score0.00696EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/05 7:23 p.m.6 views

CVE-2026-23624

GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...

6.5CVSS5.4AI score0.00373EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/05 6:24 p.m.1 views

CVE-2025-15330

Tanium addressed an improper input validation vulnerability in Deploy...

8.8CVSS5.3AI score0.00339EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/05 6:23 p.m.28 views

CVE-2025-15331 Tanium addressed an uncontrolled resource consumption vulnerability in Connect.

Tanium addressed an uncontrolled resource consumption vulnerability in Connect...

4.3CVSS0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/05 6:16 p.m.26 views

CVE-2025-15341 Tanium addressed an incorrect default permissions vulnerability in Benchmark.

Tanium addressed an incorrect default permissions vulnerability in Benchmark...

6.5CVSS0.00306EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/05 5:23 p.m.11 views

Improper Certificate Validation

Overview std/crypto/tls is a Go standard library package std/crypto/tls Affected versions of this package are vulnerable to Improper Certificate Validation. Go Vulnerability Report: During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated betwe...

10CVSS8.4AI score0.00765EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/05 4:13 p.m.6 views

EUVD-2020-31029

PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'addpanelform' function that allows attackers to execute arbitrary code through an eval function with unsanitized POST data. Attackers can exploit the vulnerability by sending crafted panelcontent POST parameters to the...

8.6CVSS6.7AI score0.00541EPSS
Exploits1References3
CVE
CVE
added 2026/02/05 4:13 p.m.11 views

CVE-2020-37131

CVE-2020-37131 affects Nsauditor Product Key Explorer 4.2.2.0. A local denial-of-service flaw can crash the application by pasting a crafted 1000-byte payload (repeating characters) into the Key input. Public references document the input field handling for registration keys as the trigger. Explo...

6.7CVSS5.4AI score0.00228EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/05 4:13 p.m.27 views

CVE-2020-37119 Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a...

9.8CVSS0.00607EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/02/05 6:1 a.m.5 views

web2py vulnerable to open redirect

Overview web2py contains the following vulnerability. Open redirect CWE-601 - CVE-2026-25198 Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When accessing a speciall...

5.1CVSS5.7AI score0.00294EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/05 3:7 a.m.29 views

CVE-2025-10314 Malicious Code Execution Vulnerability in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows

Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files EXE or DLLs in the installation directory with specially...

8.8CVSS0.00148EPSS
Exploits0References3
OSV
OSV
added 2026/02/05 12:27 a.m.5 views

GHSA-VWCG-C828-9822 FUXA Unauthenticated Remote Code Execution via Admin JWT Minting

Note GitHub incorrectly stated this vulnerability is identical to CVE-2025-69970, which describes the fact that authentication is disabled by default. This advisory describes an exploit chain that enables authentication bypass via the heartbeat refresh endpoint when authentication is enabled. Thi...

10CVSS6.3AI score0.00677EPSS
Exploits0References4
NVD
NVD
added 2026/02/05 12:15 a.m.6 views

CVE-2019-25276

Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Rockwell Software\FactoryTalk...

8.5CVSS0.0019EPSS
Exploits0References3
Rows per page
Query Builder