Lucene search
K

162582 matches found

RustSec
RustSec
added 2026/06/03 12:0 p.m.11 views

Incomplete message edit validation in matrix-sdk-ui

The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate or spo...

5.8AI score0.00019EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/03 11:39 a.m.12 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:41 a.m.9 views

CVE-2026-35082

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

8.8CVSS6AI score0.00494EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/03 10:41 a.m.38 views

CVE-2026-35082 Local file inclusion vulnerability and deletion in ugw-logread method

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

8.8CVSS0.00494EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 10:41 a.m.12 views

EUVD-2026-34078

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

8.8CVSS6AI score0.00494EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/03 10:41 a.m.8 views

CVE-2026-35082 Local file inclusion vulnerability and deletion in ugw-logread method

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

8.8CVSS6AI score0.00494EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 10:40 a.m.11 views

EUVD-2026-34077

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/03 10:40 a.m.7 views

CVE-2026-35081 Arbitrary process termination vulnerability in method ugw-logstop

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:40 a.m.10 views

CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/03 10:40 a.m.37 views

CVE-2026-35081 Arbitrary process termination vulnerability in method ugw-logstop

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS0.0037EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 10:40 a.m.15 views

CVE-2026-35081

CVE-2026-35081 documents an Arbitrary process termination vulnerability in the ugw-logstop method. A remote attacker with user privileges can terminate arbitrary processes due to insufficient input validation. The Connected documents provide the description and CVSS metrics (CVSSv4.0 base 7.2 HIG...

8.1CVSS6AI score0.0037EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/03 10:40 a.m.11 views

EUVD-2026-34076

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/03 10:40 a.m.11 views

CVE-2026-35080 Arbitrary file delete vulnerability in method ugw-restoreinfo

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 10:40 a.m.37 views

CVE-2026-35080 Arbitrary file delete vulnerability in method ugw-restoreinfo

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS0.0037EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 10:40 a.m.21 views

CVE-2026-35080

CVE-2026-35080 affects the ugw-restoreinfo method, where insufficient validation of user-controlled input enables a remote attacker with user privileges to delete arbitrary local files. The incident is described with the impact of local file deletion and requires LOW privileges with network attac...

8.1CVSS6AI score0.0037EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:40 a.m.9 views

CVE-2026-35080

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/03 10:39 a.m.7 views

CVE-2026-35079 Arbitrary file delete vulnerability in method ugw-restore

The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 10:39 a.m.40 views

CVE-2026-35079 Arbitrary file delete vulnerability in method ugw-restore

The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:39 a.m.4 views

CVE-2026-35079

The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 10:39 a.m.13 views

CVE-2026-35079

The CVE-2026-35079 entry describes an issue in the ugw-restore method where a remote attacker with user privileges can delete arbitrary local files due to insufficient validation of user-controlled input. The vulnerability is assessed with high severity (CVSS 4.0: base 7.2; CVSS 3.1: base 8.1), r...

8.1CVSS6AI score0.0037EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder