Lucene search
K

5342 matches found

Nuclei
Nuclei
added yesterday107 views

TrakSYS 11.x.x - Sensitive Data Exposure

A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been...

6.9CVSS5.5AI score0.02053EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday245 views

Kyocera TASKalfa printer - Path Traversal

CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. id: CVE-2023-34259 info: name: Kyocera TASKalfa printer - Path...

4.9CVSS6.7AI score0.60745EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday87 views

Intelbras WIN 300/WRN 342 - Credentials Disclosure

Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the defwirelesspassword line in the HTML source code. id: CVE-2021-3017 info: name: Intelbras WIN 300/WRN 342 - Credentials Disclosure author: pikpikcu severity: high description:...

7.5CVSS7AI score0.63023EPSS
Exploits0References5
Chainguard
Chainguard
added 5 days ago6 views

CVE-2026-39822 vulnerabilities

Vulnerabilities for packages: zarf-fips, kube-fluentd-operator, harbor, ocm-cli-fips, glab, azure-aad-pod-identity-mic, knative-eventing-fips, k9s-fips, redka, rekor-fips, libnvidia-container, flux-source-watcher-fips, apko, fuse-overlayfs-snapshotter, melange, mattermost,...

7.8CVSS6.1AI score0.00181EPSS
Exploits0
Wolfi
Wolfi
added 5 days ago9 views

CVE-2026-42505 vulnerabilities

Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, croc, crossplane-provider-aws-s3, crossplane-provider-aws-eks, src, k8ssandra-operator, openbao-k8s, authservice, neuvector-dbgen, docker-compose, telegraf, cluster-autoscaler, manifest-tool, kube-arangodb,...

5.3CVSS6.1AI score0.00419EPSS
Exploits0
NVD
NVD
added 2026/07/06 8:16 p.m.6 views

CVE-2026-14898

The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...

6.5CVSS0.00221EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 7:41 p.m.5 views

EUVD-2026-41915

The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...

6.1AI score0.00221EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.7 views

PT-2026-55971

Name of the Vulnerable Software and Affected Versions OpenAI Codex for macOS affected versions not specified Description The desktop application renders remote images from Markdown within model responses. An attacker can use indirect prompt injection—a technique where malicious instructions are...

6.5CVSS6AI score0.00221EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 9:48 p.m.22 views

EUVD-2026-31658

Cargo crates in third party registries can override the cached source of other crates...

6.5CVSS5.8AI score0.00294EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 8:35 p.m.9 views

Malicious code in pdf-converter-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b3a5f6d1d39c20feca11d0129f0efa21bdf564586045555b756cc25bce73efc Package is advertised as a PDF converter but contains no PDF generation code. Its sole public method TXTtoPDFConverter.createpdftxtpath, pdfpath is...

5.8AI score
Exploits0References2
NVD
NVD
added 2026/06/19 8:16 p.m.16 views

CVE-2026-48787

gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code through POST /autoCode/addFunc, and then...

8.7CVSS0.0047EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 11:39 p.m.14 views

EUVD-2026-36421

@nuxt/webpack-builder and @nuxt/rspack-builder dev server same-origin check bypassed when Sec-Fetch-Site, Origin, and Referer are all absent incomplete fix for GHSA-6m52-m754-pw2g...

5.9CVSS5.2AI score0.0028EPSS
Exploits1References6
NVD
NVD
added 2026/06/12 2:16 p.m.14 views

CVE-2026-49993

Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g. Source code may still be stolen during dev when using the webpack /...

5.9CVSS0.0028EPSS
Exploits1References5
NVD
NVD
added 2026/06/12 2:16 p.m.16 views

CVE-2026-45670

Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...

5.9CVSS0.00208EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/12 12:57 p.m.9 views

CVE-2026-49993 @nuxt/webpack-builder and @nuxt/rspack-builder dev server same-origin check bypassed when Sec-Fetch-Site, Origin, and Referer are all absent (incomplete fix for GHSA-6m52-m754-pw2g)

Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g. Source code may still be stolen during dev when using the webpack /...

5.9CVSS5.3AI score0.0028EPSS
Exploits1References5
CVE
CVE
added 2026/06/12 12:57 p.m.30 views

CVE-2026-49993

Nuxt (Vue.js) users using the @nuxt/rspack-builder and @nuxt/webpack-builder are affected. The CVE concerns an incomplete fix for GHSA-6m52-m754-pw2g in versions 3.15.4–3.21.6 and 4.0.0–4.4.6, where the dev server could leak source code if bound to a non-loopback address and a malicious site is o...

5.9CVSS5.3AI score0.0028EPSS
Exploits1References5Affected Software2
Vulnrichment
Vulnrichment
added 2026/06/12 12:51 p.m.8 views

CVE-2026-45670 Nuxt: Dev server exposes built source over LAN to malicious sites (incomplete fix for GHSA-4gf7-ff8x-hq99)

Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...

5.9CVSS5.2AI score0.00208EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.20 views

PT-2026-48868

Name of the Vulnerable Software and Affected Versions @nuxt/rspack-builder versions 3.15.4 through 3.21.6 @nuxt/rspack-builder versions 4.0.0 through 4.4.6 @nuxt/webpack-builder versions 3.15.4 through 3.21.6 @nuxt/webpack-builder versions 4.0.0 through 4.4.6 Description An incomplete fix in the...

5.9CVSS5.3AI score0.0028EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.11 views

CVE-2026-6332

CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that could cause the disclosure of a sensitive information which could result in revealing protected source code and loss of confidentiality, When an authorized attacker accesses the source code for editing or compiling it...

7.5CVSS5.5AI score0.00125EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.10 views

TOR Virtual Network Tunneling Tool 0.4.9.9

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

5.9AI score
Exploits0
Rows per page
Query Builder