Lucene search
K

162635 matches found

Vulnrichment
Vulnrichment
added 2026/06/03 10:39 a.m.7 views

CVE-2026-35078 Arbitrary file delete vulnerability in method ugw-logstop

The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 10:39 a.m.10 views

EUVD-2026-34073

The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:39 a.m.6 views

CVE-2026-35077

The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/03 10:39 a.m.6 views

CVE-2026-35077 Arbitrary file delete vulnerability in method ugw-delete-file

The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 10:39 a.m.17 views

CVE-2026-35077

Technical details such as affected product versions, root cause specifics, and remediation are not publicly available in the provided documents. Monitor for updates from CERT VDE and CVE listings.

8.1CVSS6AI score0.0037EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/03 10:38 a.m.11 views

EUVD-2026-34072

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:38 a.m.5 views

CVE-2026-35076

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 10:38 a.m.20 views

CVE-2026-35076

CVE-2026-35076 describes an arbitrary local file delete vulnerability in the bac-scanresult method caused by insufficient validation of user-controlled input. The issue allows a remote attacker with user privileges to delete arbitrary local files. The provided metrics indicate a high-severity imp...

8.1CVSS6AI score0.0037EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/03 10:38 a.m.7 views

CVE-2026-35076 Arbitrary file delete vulnerability in method bac-scanresult

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 10:38 a.m.40 views

CVE-2026-35076 Arbitrary file delete vulnerability in method bac-scanresult

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/03 10:1 a.m.10 views

CVE-2026-0078

In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00079EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/03 10:1 a.m.13 views

CVE-2025-59611

Memory corruption in diagnostic services due to absence of input validation...

6.7CVSS5.8AI score0.00079EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/03 8:19 a.m.10 views

crypto/x509: Incorrect enforcement of email constraints in crypto/x509

A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly...

7.5CVSS7.1AI score0.00606EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/03 8:19 a.m.10 views

google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/03 8:19 a.m.13 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/03 8:19 a.m.15 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/06/03 7:49 a.m.5 views

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

7.5CVSS7.2AI score0.00349EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/03 3:28 a.m.12 views

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS5.9AI score0.12797EPSS
Exploits7References4
SUSE CVE
SUSE CVE
added 2026/06/03 2:23 a.m.15 views

SUSE CVE-2026-44740

Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loops, uncontrolled recursion, or excessive resource consumption. These issues arise from insufficien...

7.5CVSS5.7AI score0.00295EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/03 12:30 a.m.12 views

EUVD-2026-34055

The EmergencyWP – Dead Man's switch & legacy deliverance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the formsettingsui settings save handler, procedural include scope functio...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References5
Rows per page
Query Builder