Lucene search
K

162410 matches found

EUVD
EUVD
added 2026/06/03 4:6 p.m.15 views

EUVD-2026-34135

A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability...

6.1CVSS6AI score0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/03 4:2 p.m.7 views

CVE-2026-7195

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to...

8.8CVSS5.8AI score0.00471EPSS
Exploits0References1
Cisco
Cisco
added 2026/06/03 4:0 p.m.12 views

Cisco Finesse Remote File Inclusion Vulnerability

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

6.1CVSS6.1AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 3:49 p.m.16 views

CVE-2026-46261

CVE-2026-46261 relates to the Linux kernel wpcm-fiu SPI driver. The issue is a potential NULL pointer dereference when platform_get_resource_byname() returns NULL, if the NULL is dereferenced by resource_size(). The patch moves the fiu->memory_size assignment to occur after the error check for...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/03 3:49 p.m.15 views

CVE-2026-46260

The CVE-2026-46260 entry is supported by multiple connected sources detailing a kernel IPv6 out-of-bounds read when creating an IPv6 route with RTA_NH_ID, due to fib6_info not containing trailing fib6_nh and an unsafe read of iter->fib6_nh. The fix adds a check of iter->nh before dereferenc...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/03 3:25 p.m.9 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/03 3:25 p.m.8 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/03 3:6 p.m.11 views

CVE-2026-6657 CORS Origin Validation Bypass in jupyter-server

A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This allow...

6.1CVSS6AI score0.00134EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/03 3:6 p.m.14 views

EUVD-2026-34104

A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This allow...

6.1CVSS6.6AI score0.00134EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:6 p.m.5 views

CVE-2026-6657

A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This allow...

6.1CVSS6.6AI score0.00134EPSS
Exploits1References2
CVE
CVE
added 2026/06/03 3:6 p.m.24 views

CVE-2026-6657

A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This allow...

8.8CVSS6.6AI score0.00134EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/03 3:6 p.m.43 views

CVE-2026-6657 CORS Origin Validation Bypass in jupyter-server

A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This allow...

6.1CVSS0.00134EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/03 2:28 p.m.8 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References8
NVD
NVD
added 2026/06/03 2:16 p.m.14 views

CVE-2026-37460

Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS0.00335EPSS
Exploits0References3
OSV
OSV
added 2026/06/03 2:16 p.m.5 views

DEBIAN-CVE-2026-37460

Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.5AI score0.00335EPSS
Exploits0References1
NVD
NVD
added 2026/06/03 2:16 p.m.13 views

CVE-2025-70101

An out-of-bounds read in the ext4extbinsearchidx function in src/ext4extent.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by supplying a specially crafted ext4 filesystem image. The vulnerability occurs due to insufficient validation of extent header fields before...

6.5CVSS0.0028EPSS
Exploits1References4
OSV
OSV
added 2026/06/03 2:16 p.m.6 views

UBUNTU-CVE-2026-37460

Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.2AI score0.00335EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/03 2:14 p.m.78 views

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

No d...

10CVSS7AI score0.99999EPSS
Exploits347
Snyk
Snyk
added 2026/06/03 1:41 p.m.12 views

CRLF Injection

Overview laravel/framework is a PHP framework for web artisans. Affected versions of this package are vulnerable to CRLF Injection in the validateEmail function, and Address.php, which are used by the default email rule. An attacker can modify outbound email contents by injecting malicious string...

6.9CVSS5.5AI score0.00048EPSS
Exploits0References2
OSV
OSV
added 2026/06/03 1:30 p.m.8 views

HSEC-2026-0008 crypton-x509-validation and crypton-x509 do not enforce X.509 Name Constraints

crypton-x509-validation and crypton-x509 do not enforce X.509 Name Constraints The crypton-x509-validation and crypton-x509 libraries did not enforce the X.509 Name Constraints extension during certificate validation. The Name Constraints extension is a critical X.509 extension that restricts the...

9.1CVSS5.9AI score0.00223EPSS
Exploits0References2
Rows per page
Query Builder