Lucene search
K

48975 matches found

Nuclei
Nuclei
added 11 hours ago86 views

Adobe ColdFusion - Cross-Site Scripting

Adobe Coldfusion versions 2016 update 16 and earlier, 2018 update 10 and earlier and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. An attacker could abuse this vulnerability to execute arbitrary JavaScript code...

5.4CVSS6.6AI score0.37095EPSS
Exploits0References5
Nuclei
Nuclei
added 11 hours ago10 views

Guten Free Options - Cross Site Scripting

Guten Free Options WordPress plugin = 0.9.5 contains a reflected cross-site scripting caused by unsanitized parameter output, letting attackers execute malicious scripts in high privilege users' browsers, exploit requires victim to click malicious link. id: CVE-2024-13492 info: name: Guten Free...

6.1CVSS7.2AI score0.00561EPSS
Exploits1References1
NVD
NVD
added yesterday5 views

CVE-2026-20462

In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871...

6.7CVSS0.00136EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-20463

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309...

6.7CVSS0.00134EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-20459

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

5.3CVSS0.00182EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-20458

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS0.00192EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-40883

UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.cpp, when the server-supplied nameLength equals exactly 2024 the code declares a 2024-byte stack buffer dn2024 and calls ReadStringdn, 2024. ReadString...

7.6CVSS6.1AI score0.00416EPSS
Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-20463

Technical details for CVE-2026-20463 are not publicly provided in the supplied documents. Monitor for updates from vendors and security bulletins.

6.7CVSS5.8AI score0.00134EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-40876

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309...

6.7CVSS5.8AI score0.00134EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday34 views

CVE-2026-20463

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309...

0.00134EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-20462

Technical details about CVE-2026-20462 are not publicly available in the provided documents. Monitor for updates from vendors and security bulletins to obtain affected components, impact, and remediation specifics.

6.7CVSS6.1AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday33 views

CVE-2026-20462

In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871...

0.00136EPSS
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-20461

CVE-2026-20461 : In the Modem component, an out-of-bounds write can occur due to a missing bounds check. This may allow a remote denial of service when a UE connects to a rogue base station controlled by an attacker; exploitation does not require user interaction or additional privileges. Public ...

5.3CVSS6AI score0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday34 views

CVE-2026-20461

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00192EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-20460

CVE-2026-20460 affects the Modem via information disclosure caused by improper input validation. The issue could enable remote information disclosure if a UE connects to a rogue base station controlled by an attacker, with no extra execution privileges and without user interaction. The available ...

5.3CVSS6AI score0.00182EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday34 views

CVE-2026-20460

In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

0.00182EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-40872

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

5.3CVSS6AI score0.00182EPSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-20458

CVE-2026-20458 affects the Modem with a memory corruption via a missing bounds check. This could enable remote escalation of privilege if a UE connects to a rogue base station, with no extra execution privileges required and no user interaction. Exploitation is described as adjacent access under ...

7.5CVSS6AI score0.00192EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-20457

CVE-2026-20457 affects Modem. It describes a system crash caused by improper input validation, potentially enabling remote denial of service when a UE connects to a rogue base station. Exploitation details are not provided in the sources; the CVE notes an adjacent attack vector with high complexi...

5.3CVSS6AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2 days ago34 views

CVE-2026-14138

CVE-2026-14138 affects Google Chrome on Windows (WebAppInstalls) prior to build 150.0.7871.47. The issue is an inappropriate implementation that can enable UI spoofing via a crafted HTML page when a user is prompted to perform specific UI gestures. Impact is UI spoofing with low severity and part...

4.2CVSS5.8AI score0.00163EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder