Lucene search
K

5519 matches found

NVD
NVD
added yesterday6 views

CVE-2026-13221

Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perlstudychunk. When such branches are combined into a trie, the delta between the first branch and the shared tail is stored ...

9.1CVSS
Exploits0References3
Veracode
Veracode
added 5 days ago7 views

Sensitive Information Exposure

Apache Camel Undertow Component is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper handling of exception responses, where processing errors return full Java stack traces instead of suppressing them, allowing attackers to obtain sensitive information such as...

5.3CVSS5.9AI score0.00363EPSS
Exploits0References4Affected Software2
NVD
NVD
added 6 days ago14 views

CVE-2026-57258

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-57248 Foxit PDF Editor/Reader Annotation Improper Release Vulnerability

When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type and argument checks. As a result, due to the damage to the internal structure of the annotations, it causes the application to crash during subsequent release...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago12 views

CVE-2026-57248

The CVE-2026-57248 entry concerns Foxit PDF Editor/Reader where opening a PDF and performing JavaScript to write annotation attributes can bypass object type/argument checks, corrupting the internal annotation structure and causing a crash on release. This is described as a local, user-interactio...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software2
CVE
CVE
added 6 days ago13 views

CVE-2026-57247

Foxit PDF Editor/Reader is affected by CVE-2026-57247 where field processing re-enters the document structure and deletes the current page, then continues using the field objects that were obtained before deletion, causing an illegal read and a crash. The entry lists a CVSSv3.1 base score of 7.8 ...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software2
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42194

The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42190

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS6AI score0.00112EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago8 views

CVE-2026-57258

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS6AI score0.00112EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 6 days ago10 views

PT-2026-56357

Name of the Vulnerable Software and Affected Versions Foxit PDF Editor/Reader affected versions not specified Description The PRC file header parsing logic trusts the constructed file structure description information and assumes the underlying array contains elements. When reading these elements...

6.1CVSS6.1AI score0.00112EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 6 days ago15 views

PT-2026-56347

Name of the Vulnerable Software and Affected Versions Foxit PDF Editor/Reader affected versions not specified Description Insufficient object type and argument checks occur when the application opens a PDF file and JavaScript writes annotation attributes. This leads to damage in the internal...

7.8CVSS6AI score0.00116EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/06 9:35 p.m.7 views

EUVD-2026-41153

Craft CMS: Stored XSS via Structure entry title in table view...

5.9CVSS5.9AI score0.00412EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/05 9:15 a.m.7 views

EUVD-2026-41742

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editproduct.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

7.5CVSS6.8AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/03 6:50 a.m.40 views

CVE-2026-9230 Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute via Leaked Nonce from /quiz/structure

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00312EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55509

Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker versions prior to 11.1.5 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attacker...

4.3CVSS5.8AI score0.00312EPSS
Exploits0References19
CVE
CVE
added 2026/07/01 9:57 p.m.15 views

CVE-2026-55793

Craft CMS versions 5.0.0-RC1–5.9.22 are affected by a stored XSS in a Structure entry title. An author-level control panel user can insert malicious JavaScript into an entry title. When a victim with saveEntries permission drags another entry under the poisoned one in table view, the payload exec...

5.9CVSS5.7AI score0.00412EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 9:57 p.m.33 views

CVE-2026-55793 Craft CMS: Stored XSS via Structure entry title in table view

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in an entry title. When an admin, or any control panel user with saveEntries for the same Structure section, drags another entry under th...

5.9CVSS0.00412EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 5:45 p.m.6 views

GHSA-P594-7XW4-G76P Open Babel has out-of-bounds write in CSR PadString (title field)

Summary A memory-safety vulnerability in Open Babel's CSR parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the PadString helper used to handle the CSR title field. A title longer than the fixed destination buffer caused the parser to write past the...

7.8CVSS7.3AI score0.00816EPSS
Exploits1References6
Fedora
Fedora
added 2026/06/30 1:8 a.m.7 views

[SECURITY] Fedora 43 Update: perl-Socket-2.041-1.fc43

This Perl module provides a variety of constants, structure manipulators and other functions related to socket-based networking. The values and functions provided are useful when used in conjunction with Perl core functions such as socket, setsockopt and bind. It also provides several other suppo...

9.1CVSS5.6AI score0.00389EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.5 views

SUSE CVE-2026-53182

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References10
Rows per page
Query Builder