Lucene search
K

7036 matches found

Circl
Circl
added 2026/06/18 5:55 a.m.9 views

CVE-2026-54224

creationtimestamp| type| source ---|---|--- 2026-06-18 05:55:00+00:00| seen| https://cert.pl/en/posts/2026/06/CVE-2026-54219...

7.1CVSS5AI score0.00272EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RuggedCom Rox Classic Buffer Overflow (CVE-2022-30552)

Das U-Boot 2022.01 has a Buffer Overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505481; scriptversion"1.2";...

5.5CVSS6.9AI score0.00439EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.4 views

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-13106)

Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

8.3CVSS7AI score0.01764EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/17 10:29 p.m.8 views

CVE-2026-48818

A flaw was found in Starlette, a lightweight ASGI framework. On Windows systems, the StaticFiles component is vulnerable to Server-Side Request Forgery SSRF. A remote attacker can exploit this by providing a specially crafted Universal Naming Convention UNC path, which causes the system to initia...

7.5CVSS5AI score0.00368EPSS
Exploits0References7
CVE
CVE
added 2026/06/17 3:5 p.m.23 views

CVE-2026-3490

CVE-2026-3490 affects picklescan prior to version 1.0.4, where the blocklist of dangerous functions is bypassed via pkgutil.resolve_name. The underlying issue is an incomplete blocklist that allows indirect REDUCE calls to resolve dangerous functions, enabling remote code execution (e.g., os.syst...

10CVSS5.9AI score0.00623EPSS
Exploits0References2
Circl
Circl
added 2026/06/17 2:57 p.m.7 views

CVE-2025-59872

creationtimestamp| type| source ---|---|--- 2026-06-17 14:57:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moil5pdlca2f...

9.8CVSS4.9AI score0.00454EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46965

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

8.8CVSS0.00402EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46966

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

7.5CVSS0.00311EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.11 views

CVE-2026-46963

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS0.00402EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.11 views

CVE-2026-46964

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS0.00402EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/16 7:18 a.m.6 views

wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark

A flaw was found in the USB HID dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of memory, resulting in a denial of service...

7.5CVSS5.1AI score0.00184EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50062

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Universal Work Queue versions 12.2.3 through 12.2.15 Description An issue exists in the Work Provider Site Level Administration component of the Oracle Universal Work Queue. A low privileged attacker with network...

9.9CVSS5.9AI score0.00402EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50065

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Universal Work Queue versions 12.2.3 through 12.2.15 Description An issue exists in the Work Provider Site Level Administration component of the Oracle Universal Work Queue. A low privileged attacker with network...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.10 views

PT-2026-50063

Name of the Vulnerable Software and Affected Versions Oracle Universal Work Queue versions 12.2.3 through 12.2.15 Description An issue exists in the Work Provider Site Level Administration component of the Oracle Universal Work Queue product within Oracle E-Business Suite. A low privileged attack...

9.9CVSS5.9AI score0.00402EPSS
Exploits0References3
Circl
Circl
added 2026/06/15 9:2 p.m.10 views

CVE-2026-52718

creationtimestamp| type| source ---|---|--- 2026-06-15 21:02:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moe6n7ygzu2v...

6.5CVSS5AI score0.00307EPSS
Exploits0References1
OSV
OSV
added 2026/06/15 8:16 p.m.7 views

GHSA-WQP7-X3PW-XC5R Starlette: SSRF and NTLM credential theft via UNC paths in StaticFiles on Windows

Summary When serving static files on Windows, StaticFiles resolves the requested path with os.path.realpath. If a UNC path such as \attacker.com\share reaches the resolver, realpath causes the process to open a connection to the remote host over SMB port 445. This is a server-side request forgery...

7.5CVSS5.6AI score0.00368EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 3:16 a.m.15 views

CVE-2026-12210

A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the component utcp-gql/utcp-websocket. Performing a manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may b...

6.5CVSS0.00228EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/15 2:30 a.m.9 views

CVE-2026-12210 universal-tool-calling-protocol python-utcp utcp-gql/utcp-websocket server-side request forgery

A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the component utcp-gql/utcp-websocket. Performing a manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may b...

6.5CVSS5.1AI score0.00228EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/15 2:30 a.m.11 views

EUVD-2026-36684

A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the component utcp-gql/utcp-websocket. Performing a manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may b...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References7
CVE
CVE
added 2026/06/15 2:30 a.m.20 views

CVE-2026-12210

CVE-2026-12210 affects the universal-tool-calling-protocol project, specifically the python-utcp 1.1.0 release, with a vulnerability in the utcp-gql/utcp-websocket component that enables server-side request forgery. The description notes a remote, public exploit and a lack of vendor response. The...

6.5CVSS6.3AI score0.00228EPSS
Exploits0References7
Rows per page
Query Builder