Lucene search
+L

2398 matches found

Cvelist
Cvelist
added 2026/06/11 6:47 p.m.33 views

CVE-2025-24165

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination...

0.00121EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.11 views

CVE-2025-46280

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination...

5.5CVSS5.4AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.8 views

CVE-2026-27136

A flaw was found in golang.org/x/net/html. When arbitrary HTML is parsed and then rendered, it can result in an unexpected HTML tree. This allows an attacker to bypass HTML sanitization mechanisms, leading to Cross-Site Scripting XSS attacks in applications. Such attacks can result in information...

8.1CVSS5.9AI score0.00178EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.15 views

CVE-2026-42506

A flaw was found in golang.org/x/net/html. When parsing arbitrary HTML that is subsequently rendered, an unexpected HTML tree can be generated. A remote attacker could leverage this vulnerability to execute Cross-Site Scripting XSS attacks in applications that attempt to sanitize input HTML befor...

6.1CVSS6AI score0.00188EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.9 views

CVE-2026-42502

A flaw was found in golang.org/x/net/html. This vulnerability allows an attacker to manipulate how HTML is processed and displayed. By providing specially crafted HTML, an attacker can cause an unexpected structure in the rendered output. This can lead to Cross-Site Scripting XSS attacks, where...

6.1CVSS6AI score0.00178EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.9 views

CVE-2026-28986

A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination...

7.5CVSS5.4AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.13 views

CVE-2026-28969

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system...

7.5CVSS5.4AI score0.0045EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 5:17 p.m.14 views

CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

6.9CVSS0.00836EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/05 4:22 p.m.80 views

CVE-2026-7473 Arista EOS Unexpected Tunnel Protocol Decapsulation and Forwarding Bypass

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

6.9CVSS0.00836EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/05 3:49 p.m.46 views

CVE-2025-5090 Arista CloudVision Exchange Cluster Instability via Unexpected Switch Messages

CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service DoS scenario. Note that this would require the attacker to have a high privilege access...

7.1CVSS0.00235EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 3:49 p.m.8 views

CVE-2025-5090

CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service DoS scenario. Note that this would require the attacker to have a high privilege access...

7.1CVSS5.5AI score0.00235EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/05 3:49 p.m.12 views

EUVD-2025-210076

CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service DoS scenario. Note that this would require the attacker to have a high privilege access...

7.1CVSS5.5AI score0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 3:49 p.m.10 views

CVE-2025-5090 Arista CloudVision Exchange Cluster Instability via Unexpected Switch Messages

CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service DoS scenario. Note that this would require the attacker to have a high privilege access...

7.1CVSS5.5AI score0.00235EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 3:49 p.m.17 views

CVE-2025-5090

CVE-2025-5090 affects Arista CloudVision Exchange (CVX) in Arista EOS-based deployments. The issue arises when CVX processes unexpected messages from a connected switch, leading to agent crashes on CVX and instability in the CVX cluster, enabling a DoS under high-privilege conditions on the conne...

7.1CVSS5.5AI score0.00235EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 5:58 a.m.7 views

CVE-2026-21826

HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection. An attacker can manipulate the Host header and cause the application to behave in unexpected ways...

6.1CVSS5.5AI score0.00144EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/05 5:58 a.m.35 views

CVE-2026-21826

CVE-2026-21826 affects HCL Digital Experience and HCL Digital Experience Compose. The root cause is likely improper handling of the Host header, enabling an attacker to manipulate the Host header and cause the application to behave in unexpected ways. The CVSS 3.1 vector indicates: Network attack...

6.1CVSS5.5AI score0.00144EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2024-55613

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

9.6CVSS5.8AI score0.00302EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.22 views

PT-2026-46905

HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection. An attacker can manipulate the Host header and cause the application to behave in unexpected ways...

6.1CVSS5.5AI score0.00144EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.12 views

Arcadia Crafty Controller 安全漏洞

Arcadia Crafty Controller is a server management panel developed under the open-source Crafty Controller project. There is a security vulnerability in Arcadia Crafty Controller. This vulnerability stems from a lack of resilience to unexpected messages from connection switches, which may lead to...

7.1CVSS5.5AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.15 views

PT-2026-46975

CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service DoS scenario. Note that this would require the attacker to have a high privilege access...

7.1CVSS5.5AI score0.00235EPSS
Exploits0References2
Rows per page
Query Builder