Lucene search
+L

2200 matches found

Circl
Circl
added 2026/06/16 5:0 a.m.11 views

CVE-2026-0646

creationtimestamp| type| source ---|---|--- 2026-06-16 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-05 2026-06-16 16:12:33+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mog6uxnajr2d 2026-06-16 17:25:57+00:00| seen|...

8.7CVSS4.9AI score0.00343EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.9 views

CVE-2026-46559

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. An incorrect check during JPEG 2000 JP2 image processing, when certain options are specified, can lead to a heap buffer overwrite of a single byte. This vulnerability could allow a...

6.2CVSS5.2AI score0.00116EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/15 2:9 a.m.10 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS6.3AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.11 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.10 views

SUSE CVE-2026-46559

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...

3.3CVSS5.4AI score0.00116EPSS
Exploits0References7
Wolfi
Wolfi
added 2026/06/12 1:48 a.m.10 views

CVE-2026-11651 vulnerabilities

Vulnerabilities for packages: chromium...

9.6CVSS5.4AI score0.00337EPSS
Exploits0
Circl
Circl
added 2026/06/10 7:3 p.m.12 views

CVE-2026-0273

creationtimestamp| type| source ---|---|--- 2026-06-10 19:03:31+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3mnxfn6ayke2z 2026-06-10 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1917 2026-06-11 03:03:21+00:00| seen|...

8.6CVSS5.8AI score0.01373EPSS
Exploits0References5
CVE
CVE
added 2026/06/09 7:57 p.m.105 views

CVE-2025-71319

CVE-2025-71319 affects image-size versions 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2. The vulnerability resides in the findBox function, triggered when processing crafted images with zero-sized boxes (JXL, HEIF, or JP2), causing an infinite loop and denial of service. The issue could lead to appl...

8.7CVSS5.8AI score0.0064EPSS
Exploits1References8Affected Software1
EUVD
EUVD
added 2026/06/09 6:30 p.m.11 views

EUVD-2026-35623

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.42 views

CVE-2026-45607 Windows Hyper-V Remote Code Execution Vulnerability

...

8.4CVSS0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.39 views

CVE-2026-44819 Microsoft Office Remote Code Execution Vulnerability

...

7.8CVSS0.00457EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 9:16 a.m.9 views

DEBIAN-CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

9.1CVSS5.5AI score0.00369EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48050

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

Microsoft Exchange Server 服务端请求伪造漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...

8.8CVSS5.8AI score0.00465EPSS
Exploits0References1
Circl
Circl
added 2026/06/08 4:45 a.m.12 views

CVE-2022-50953

creationtimestamp| type| source ---|---|--- 2026-06-08 04:45:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnquqk7yuu2k...

6.9CVSS5.3AI score0.00342EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.14 views

AlmaLinux 10 : kernel (ALSA-2026:19569)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:19569 advisory. kernel: net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 kernel: net/sched: Make cakeenqueue return NETXMITCN when past...

9.8CVSS7.2AI score0.93235EPSS
Exploits45References15
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.10 views

CVE-2026-11029

Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00233EPSS
Exploits0
Circl
Circl
added 2026/06/04 2:57 p.m.11 views

CVE-2026-10854

creationtimestamp| type| source ---|---|--- 2026-06-04 14:57:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnhv3u7pcq2x...

5.3CVSS5.8AI score0.00176EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/03 3:56 a.m.9 views

CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

2.3CVSS5.8AI score0.00349EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.15 views

RockyLinux 9 : nginx:1.24 (RLSA-2026:19371)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19371 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References3
Rows per page
Query Builder