Lucene search
K

1023225 matches found

BDU FSTEC
BDU FSTEC
added 1 hour ago12 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00425EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 1 hour ago9 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS6.1AI score0.02593EPSS
Exploits1References2
GithubExploit
GithubExploit
added 1 hour ago9 views

Exploit for CVE-2026-54415

CVE-2026-54415 — Azuriom CMS Broken Access Control → Account T...

8.6CVSS6AI score0.00348EPSS
Exploits1
OSV
OSV
added 3 hours ago2 views

RHSA-2026:35272 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

7.5CVSS5.9AI score0.00361EPSS
Exploits0References10
OSV
OSV
added 3 hours ago2 views

RHSA-2026:35387 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

7.8CVSS5.9AI score0.00144EPSS
Exploits0References11
OSV
OSV
added 3 hours ago4 views

RHSA-2026:34975 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

6.5CVSS6.1AI score0.00162EPSS
Exploits0References25
OSV
OSV
added 3 hours ago1 views

RHSA-2026:34293 Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

Bulletin has no description...

5.9CVSS5.9AI score0.00239EPSS
Exploits0References10
OSV
OSV
added 3 hours ago3 views

RHSA-2026:30135 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

9.1CVSS5.9AI score0.00419EPSS
Exploits0References10
Rockylinux
Rockylinux
added 7 hours ago5 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

9.6CVSS6AI score0.00476EPSS
Exploits0
Rockylinux
Rockylinux
added 7 hours ago5 views

rrdtool security update

An update is available for rrdtool. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The round robin database RRD system stores and displays time-series data, suc...

7.8CVSS6.2AI score0.00132EPSS
Exploits0
OSV
OSV
added 7 hours ago5 views

RLSA-2026:33445 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component CVE-2026-12313 firefox:...

7.5CVSS5.9AI score0.00476EPSS
Exploits0References30
OSV
OSV
added 7 hours ago4 views

RLSA-2026:34155 Moderate: rrdtool security update

The round robin database RRD system stores and displays time-series data, such as network bandwidth, machine-room temperature, and server load average. RRDtool is a high performance data logging and graphing utility, which can be easily integrated with shell scripts, or used to create application...

7.8CVSS6.1AI score0.00132EPSS
Exploits0References2
GithubExploit
GithubExploit
added 9 hours ago23 views

Exploit for CVE-2026-34038

CVE-2026-34038: Authenticated Remote Command Injection in Cool...

6.1AI score
Exploits0
Nuclei
Nuclei
added 10 hours ago6 views

YMC Filter WordPress - Unauthenticated Post Disclosure

YMC Filter WordPress plugin 3.11.3 contains a broken access control vulnerability caused by improper authorization and lack of validation in a REST API endpoint, letting unauthenticated attackers retrieve private and non-public post content, exploit requires no authentication. id: CVE-2026-10823...

7.5CVSS5.9AI score0.00921EPSS
Exploits0References2
Nuclei
Nuclei
added 10 hours ago4 views

Gorse < 0.5.10 - Unauthenticated Database Dump

Gorse 0.5.10 contains an authentication bypass caused by empty adminapikey in /api/dump and /api/restore endpoints, letting unauthenticated remote attackers access and modify protected data, exploit requires default empty adminapikey configuration. id: CVE-2026-56782 info: name: Gorse 0.5.10 -...

9.8CVSS6AI score0.03016EPSS
Exploits2References2
Nuclei
Nuclei
added 10 hours ago5 views

LeadConnector < 3.0.22 - Unauthenticated Arbitrary Data Write

LeadConnector WordPress plugin 3.0.22 contains a broken access control caused by missing authorization in a REST route, letting unauthenticated attackers overwrite existing data remotely, exploit requires no authentication. id: CVE-2026-1890 info: name: LeadConnector 3.0.22 - Unauthenticated...

5.3CVSS5.9AI score0.00645EPSS
Exploits0References2
Nuclei
Nuclei
added 10 hours ago31 views

Joomla! Component Sweetykeeper 1.5 - Local File Inclusion

A directory traversal vulnerability in the Sweety Keeper comsweetykeeper component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1474 info: name: Joomla! Compone...

6.8CVSS6.1AI score0.09471EPSS
Exploits2References5
Nuclei
Nuclei
added 10 hours ago35 views

WordPress Plugin WP Content Source Control - Directory Traversal

A directory traversal vulnerability in the filegetcontents function in downloadfiles/download.php in the WP Content Source Control wp-source-control plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the path parameter. id: CVE-2014-5368 inf...

5CVSS7.4AI score0.18817EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago22 views

WP Planet <= 0.1 - Cross-Site Scripting

A cross-site scripting vulnerability in rss.class/scripts/magpiedebug.php in the WP-Planet plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter. id: CVE-2014-4592 info: name: WP Planet = 0.1 - Cross-Site Scripting author:...

6.1CVSS6.5AI score0.03884EPSS
Exploits2References4
Nuclei
Nuclei
added 10 hours ago23 views

WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting

A cross-site scripting vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the apiurl parameter. id: CVE-2014-4558 info: name: WooCommerce Swipe = 2.7.1 - Cross-Site...

6.1CVSS6.5AI score0.04055EPSS
Exploits2References4
Rows per page
Query Builder