Lucene search
K

12 matches found

EUVD
EUVD
added 3 days ago7 views

EUVD-2026-42044

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS6AI score0.00291EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-56197

Name of the Vulnerable Software and Affected Versions Django versions prior to 6.0.7 Django versions prior to 5.2.16 Description An issue exists where DomainNameValidator fails to prohibit newlines in domain names. While CharField strips newlines when used via a form field, other implementations...

6.1CVSS6.1AI score0.00217EPSS
Exploits0References12
Hacker One
Hacker One
added 2026/06/03 9:0 p.m.7 views

Revive Adserver: Missing ownership validation allows cross‑manager tracker–campaign linking

A vulnerability was reported in Revive Adserver version 6.0.7 and earlier that allowed a low-privileged user to link their trackers to campaigns owned by other managers on the same instance. This was due to a lack of proper ownership validation in the tracker-campaigns.php script, which handled t...

4.3CVSS5.9AI score0.00287EPSS
Exploits2
NVD
NVD
added 2026/02/05 12:15 a.m.5 views

CVE-2019-25267

Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...

8.5CVSS0.00222EPSS
Exploits1References3
OSV
OSV
added 2025/10/30 12:31 a.m.7 views

GHSA-JQMQ-FPWV-P925 Drupal Simple OAuth (OAuth2) & OpenID Connect allows Authentication Bypass

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Simple OAuth OAuth2 & OpenID Connect allows Authentication Bypass. This issue affects Simple OAuth OAuth2 & OpenID Connect: from 6.0.0 before 6.0.7...

7.5CVSS7AI score0.00343EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/30 12:31 a.m.5 views

EUVD-2025-36872

Drupal Simple OAuth OAuth2 & OpenID Connect allows Authentication Bypass...

7.5CVSS6.4AI score0.00343EPSS
Exploits0References2
OSV
OSV
added 2024/09/25 12:0 a.m.3 views

CVE-2024-46489

A remote command execution RCE vulnerability in promptr v6.0.7 allows attackers to execute arbitrary commands via a crafted URL...

8.8CVSS7.9AI score0.00924EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.5 views

SUSE CVE-2018-16858

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script i...

8.8CVSS7.4AI score0.67321EPSS
Exploits10References8
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.3 views

PT-2022-34915 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to memory corruption with too many bridges in the drm/msm/hdmi component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

7.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.3 views

PT-2022-34898 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to the addition of atomic check to bridge ops in the drm/msm/dp module. It was introduced in version v5.17 and fixed in version v6.0.7. The actual impact and attack...

7.2AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/05 4:15 p.m.4 views

CVE-2022-36834

Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction...

5CVSS5.8AI score0.00164EPSS
Exploits0References3
OSV
OSV
added 2020/04/27 5:15 p.m.3 views

CVE-2020-9294

An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface...

9.8CVSS7.3AI score0.77778EPSS
Exploits2References1
Rows per page
Query Builder