CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

110 matches found

EUVD-2026-34968

A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function setmacfilter of the file /sbin/jdcwebrpc. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

9CVSS5.9AI score0.00043EPSS

Exploits0References5

ATTACKERKB•added 3 days ago•5 views

CVE-2026-11413

9CVSS8.1AI score0.00043EPSS

Exploits0References5Affected Software1

NVD•added 3 days ago•7 views

CVE-2026-7796

The EmbedPress – PDF Embedder, Embed PDF viewer, YouTube Videos, 3D FlipBook, Social feeds & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block 'url' attribute in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping...

6.4CVSS0.00056EPSS

Exploits0References11

Positive Technologies•added 3 days ago•12 views

PT-2026-47153

Name of the Vulnerable Software and Affected Versions JingDong JD Cloud Box AX6600 version 4.5.3.r4546 Description A stack-based buffer overflow occurs in the set macfilter function within the /sbin/jdcweb rpc file. This issue allows a remote attacker to initiate an attack by manipulating the...

9CVSS8.1AI score0.00043EPSS

Exploits0References9

CNNVD•added 2026/05/27 12:0 a.m.•4 views

WordPress plugin auto making JSON-LD 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.7AI score0.00013EPSS

Exploits0References3

OSV•added 2026/04/09 12:0 a.m.•2 views

OPENSUSE-SU-2026:10519-1 glances-common-4.5.3-1.1 on GA media

These are all security issues fixed in the glances-common-4.5.3-1.1 package on the GA media of openSUSE Tumbleweed...

7.8CVSS5.8AI score0.00635EPSS

Exploits4References2

Tenable Nessus•added 2026/04/05 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-33641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, Glances supports dynamic configuration values in which substrings...

7.8CVSS6AI score0.00635EPSS

Exploits3References3

Cvelist•added 2026/04/02 2:57 p.m.•13 views

CVE-2026-33641 Glances Vulnerable to Command Injection via Dynamic Configuration Values

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, Glances supports dynamic configuration values in which substrings enclosed in backticks are executed as system commands during configuration parsing. This behavior occurs in Config.getvalue and is implemented...

7.8CVSS0.00635EPSS

Exploits3References3

AlpineLinux•added 2026/04/02 2:56 p.m.•5 views

CVE-2026-33533

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.3, the Glances XML-RPC server activated with glances -s or glances --server sends Access-Control-Allow-Origin: on every HTTP response. Because the XML-RPC handler does not validate the Content-Type header, an...

7.1CVSS5.8AI score0.00048EPSS

Exploits1References3

AlpineLinux•added 2026/03/18 5:21 p.m.•0 views

CVE-2026-32611

Glances is an open-source system cross-platform monitoring tool. The GHSA-x46r fix commit 39161f0 addressed SQL injection in the TimescaleDB export module by converting all SQL operations to use parameterized queries and psycopg.sql composable objects. However, the DuckDB export module...

9.1CVSS5.8AI score0.00018EPSS

Exploits1References3

Cvelist•added 2026/03/18 5:21 p.m.•15 views

CVE-2026-32611 Glances has a SQL Injection in DuckDB Export via Unparameterized DDL Statements

7CVSS0.00018EPSS

Exploits1References3

ATTACKERKB•added 2026/03/18 5:21 p.m.•1 views

CVE-2026-32611

7CVSS5.8AI score0.00018EPSS

Exploits1References4Affected Software1

Tenable Nessus•added 2026/03/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-32611

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Glances is an open-source system cross-platform monitoring tool. The GHSA-x46r fix commit 39161f0 addressed SQL injection in the TimescaleDB export module by...

9.1CVSS5.9AI score0.00018EPSS

Exploits1References3

Tenable Nessus•added 2026/01/15 12:0 a.m.•2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003328 advisory. The InfiniBand aka IB stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service kerne...

7.8CVSS6.5AI score0.00251EPSS

Exploits0References56

Cvelist•added 2025/10/13 2:30 p.m.•4 views

CVE-2025-43991

SupportAssist for Home PCs versions 4.8.2 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain an UNIX Symbolic Link Symlink following vulnerability. A low privileged attacker with local access to the system could potentially exploit this vulnerability to delete arbitrar...

6.3CVSS0.00015EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-11543

Malware in sbrugna...

8.8CVSS8.6AI score0.00997EPSS

Exploits2References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-28563

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.00119EPSS

Exploits0References1