Lucene search
K

1542 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rcv: process: Fix kernel gp leakage childregs represents the registers that are active for the new thread in the user context. For a kernel thread, childregs-gp is never used, as the kernel’s gp value is not touched by the switch...

7.1CVSS6.4AI score0.00264EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

9.3CVSS7.9AI score0.036EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 7:16 p.m.11 views

CVE-2026-34682

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00148EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 7:16 p.m.13 views

CVE-2026-34660

Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially...

9.3CVSS0.00436EPSS
Exploits0References1
Adobe
Adobe
added 2026/05/12 12:0 a.m.32 views

APSB26-52 : Security update available for Adobe Substance 3D Designer

Adobe has released an update for Adobe Substance 3D Designer that addresses important vulnerabilities. Successful exploitation could lead to arbitrary file system read and arbitrary code execution in the context of the current user...

6.3AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/20 2:12 a.m.4 views

fontforge: FontForge: Remote Code Execution via malicious SFD file parsing

A flaw was found in FontForge. This vulnerability allows a remote attacker to execute arbitrary code by tricking a user into opening a specially crafted SFD Spline Font Database file. The issue stems from improper validation of array indexes during SFD file parsing, which can lead to writing data...

8.8CVSS8.1AI score0.00581EPSS
Exploits0References5
NVD
NVD
added 2026/04/14 10:16 p.m.7 views

CVE-2026-27304

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS0.04047EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 9:53 p.m.5 views

CVE-2026-27304 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS6.3AI score0.04047EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 9:53 p.m.15 views

CVE-2026-27306

CVE-2026-27306 affects ColdFusion versions 2023.18, 2025.6 and earlier due to improper input validation that can lead to arbitrary code execution in the context of the current user. Attacker requires elevated privileges, and exploitation requires a victim to open a malicious file. Overall risk is...

8.4CVSS6.3AI score0.00298EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/14 9:31 p.m.6 views

EUVD-2026-22697

Illustrator versions 30.2, 29.8.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 7:44 p.m.2 views

CVE-2026-27313

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 6:30 p.m.5 views

EUVD-2026-22671

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.3CVSS6.3AI score0.00629EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/14 5:5 p.m.27 views

CVE-2026-34628 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/14 4:18 p.m.28 views

CVE-2026-34626 Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)

Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation of...

6.3CVSS0.00337EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.9 views

PT-2026-32945

Name of the Vulnerable Software and Affected Versions Adobe Framemaker versions prior to 2022.9 Description An Integer Underflow Wrap or Wraparound issue exists where an arithmetic operation results in a value smaller than the minimum representable value, causing it to wrap around to a very large...

7.8CVSS6.4AI score0.00173EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Adobe Bridge 安全漏洞

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

7.8CVSS6.4AI score0.00259EPSS
Exploits0References1
NVD
NVD
added 2026/04/13 7:16 p.m.19 views

CVE-2026-40041

Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload,...

5.3CVSS0.00109EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.9 views

PT-2026-32495

Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload,...

5.3CVSS5.8AI score0.00109EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/08 8:11 p.m.3 views

EUVD-2026-20605

AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. Prior to 6.8, a stored cross-site scripting XSS vulnerability was identified in the modal item preview functionality. When item content longer than 800 characters was processed, attacker-controlled...

8.5CVSS6.1AI score0.00219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006823)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006823 advisory. In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the...

7.1CVSS6AI score0.00264EPSS
Exploits0References4
Rows per page
Query Builder