Lucene search
K

13002 matches found

Nuclei
Nuclei
added 7 hours ago57 views

Kaseya Virtual System Administrator - Open Redirect

Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. id: CVE-2015-286...

4.3CVSS6.2AI score0.10317EPSS
Exploits2References5
EUVD
EUVD
added 2026/07/06 4:41 p.m.10 views

EUVD-2022-49110

Open Babel has out-of-bounds write in MOPAC translationVectors UNIT CELL TRANSLATION...

9.8CVSS6.7AI score0.00816EPSS
Exploits1References5
OSV
OSV
added 2026/07/06 4:41 p.m.5 views

GHSA-55F6-PF8R-C2F4 Open Babel has out-of-bounds write in MOPAC translationVectors[] (UNIT CELL TRANSLATION)

Summary A memory-safety vulnerability in Open Babel's MOPAC output parser allowed an out-of-bounds write into the translationVectors array when reading the "UNIT CELL TRANSLATION" block of a crafted input file. Details The MOPAC output reader stored translation vectors from the UNIT CELL...

7.8CVSS6.6AI score0.00816EPSS
Exploits1References6
OSV
OSV
added 2026/07/01 5:54 p.m.5 views

GHSA-F8H2-C479-VQXF Open Babel has out-of-bounds write in MSI translationVectors[]

Summary A memory-safety vulnerability in Open Babel's MSI parser allowed an out-of-bounds write into the translationVectors array when reading a crafted input file. Details The MSI reader stored cell translation vectors into a fixed-size translationVectors array. A malformed input could push more...

7.8CVSS6.8AI score0.00863EPSS
Exploits1References6
OSV
OSV
added 2026/07/01 5:54 p.m.3 views

GHSA-MJMG-352J-F456 Open Babel has out-of-bounds write in MOPAC IN translationVectors[] (Tv atom)

Summary A memory-safety vulnerability in Open Babel's MOPAC input parser allowed an out-of-bounds write into the translationVectors array when reading Tv translation-vector atoms from a crafted input file. Details The MOPAC IN reader stored Tv-atom translation vectors into a fixed-size...

7.8CVSS7.1AI score0.00863EPSS
Exploits1References6
OSV
OSV
added 2026/07/01 5:53 p.m.3 views

GHSA-7H6R-6P76-68C9 Open Babel has out-of-bounds write in MOPAC translationVectors[] (FINAL POINT)

Summary A memory-safety vulnerability in Open Babel's MOPAC output parser allowed an out-of-bounds write into the translationVectors array when reading the "FINAL POINT" block of a crafted input file. Details The MOPAC output reader stored translation vectors from the FINAL POINT block into a...

7.8CVSS7.1AI score0.00863EPSS
Exploits1References6
OSV
OSV
added 2026/07/01 5:51 p.m.3 views

GHSA-JG3H-PV7C-4F9C Open Babel has out-of-bounds write in Gaussian translationVectors[]

Summary A memory-safety vulnerability in Open Babel's Gaussian output parser allowed an out-of-bounds write into the translationVectors array when reading a crafted input file. Details The Gaussian reader stored periodic-cell translation vectors into a fixed-size translationVectors array. A...

7.8CVSS6.7AI score0.00816EPSS
Exploits1References6
EUVD
EUVD
added 2026/06/26 12:32 a.m.6 views

EUVD-2026-39592

Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic...

8.7CVSS5.9AI score0.00232EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 12:16 a.m.9 views

CVE-2026-9220

Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic...

8.7CVSS0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 11:13 p.m.9 views

CVE-2026-9220

Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic...

8.7CVSS5.9AI score0.00232EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 11:13 p.m.17 views

CVE-2026-9220

The CVE-2026-9220 entry describes a vulnerability in Setracker2 Android Companion App (package com.tgelec.setracker) affecting versions 3.1.5 and earlier. The underlying issue is that requests between the wearable and backend are encrypted with static, hardcoded AES keys and initialization vector...

8.7CVSS5.9AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53067

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc pciepfallocdoorbell stores the allocated doorbell message array in epf-dbmsg/epf-numdb before requesting MSI vectors. If MSI allocation fails, the array is free...

0.00154EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 6:18 p.m.15 views

CVE-2026-50221

In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device from client requests before forwarding them to object-servers. An authenticated user with write access can inject these headers to...

5.4CVSS0.00146EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/06/23 5:3 p.m.12 views

Gogs's write-level collaborators can mutate admin-only repository settings via API

Summary Three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent operations in the web UI sit behind reqRepoAdmin, which requir...

7.1CVSS6AI score0.00478EPSS
Exploits0References5Affected Software1
HackRead
HackRead
added 2026/06/11 1:20 p.m.26 views

Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware

Hackers are using fake Claude Code guide and AI PDFs to spread AsyncRAT malware via Windows attack using PowerShell and Defender exclusions...

5.4AI score
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.13 views

Important: postgresql

Issue Overview: Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores...

8.8CVSS6.5AI score0.00464EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/06/06 10:1 p.m.111 views

Exploit for CVE-2019-5513

VMware Horizon /broker/xml Vulnerability Scanner !Security...

5.3CVSS5.6AI score0.01232EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 p.m.14 views

CVE-2026-11347

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...

8.5CVSS5.5AI score0.00073EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 9:47 p.m.10 views

GHSA-PR2W-4GPJ-CPQ4 Twig: Sandbox: multiple `__toString()` policy bypasses via unguarded string coercion points

Description SandboxNodeVisitor enforces SecurityPolicy::checkMethodAllowed for implicit toString calls by wrapping selected AST nodes in CheckToStringNode. The set of wrapped nodes is incomplete, and several Twig language constructs still trigger PHP string coercion on a Stringable operand withou...

7.1CVSS5.5AI score0.00044EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.10 views

CVE-2025-13167

Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in contact functionality in Synology Contacts before 1.0.10-20659 allows remote authenticated users to read or write specific files containing non-sensitive information via unspecified vectors...

5.4CVSS5.5AI score0.00254EPSS
Exploits0References1
Rows per page
Query Builder