Lucene search
K

9 matches found

EUVD
EUVD
added 2026/05/29 7:58 p.m.11 views

EUVD-2026-33444

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which is 64-bit on amd64 ...

8.7CVSS5.8AI score0.00378EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 3:46 p.m.21 views

CVE-2026-42281

The CVE-2026-42281 entry relates to MagicMirror² prior to 2.36.0, where an unauthenticated SSRF in the /cors endpoint allows arbitrary server-side HTTP requests (to internal networks, cloud metadata, and localhost) and can exfiltrate environment variables via URL placeholders. The vulnerability a...

9.2CVSS6AI score0.01623EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/02/26 2:8 a.m.15 views

CVE-2026-27963

Audiobookshelf (web application) prior to version 2.32.0 is affected by a stored XSS vulnerability via malicious library metadata. Attackers with library modification privileges can inject JS code that runs in victims’ browsers, potentially enabling session hijacking and data exfiltration. A fix ...

4.8CVSS5.7AI score0.00226EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/12/30 12:17 p.m.2 views

OESA-2025-2889 python-requests security update

Requests is an HTTP library, written in Python, as an alternative to Python's builtin urllib2 which requires work even method overrides to perform basic tasks. Features of Requests: - GET, HEAD, POST, PUT, DELETE Requests: + HTTP Header Request Attachment. + Data/Params Request Attachment. +...

5.6CVSS8AI score0.0034EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

WordPress plugin Яндекс Доставка (Boxberry) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

5.4CVSS6.6AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:31 a.m.5 views

CVE-2024-26351

flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery CSRF via the component /core/tools/updateplace.php...

6.1CVSS6.4AI score0.00196EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:3 a.m.5 views

SUSE CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

8.1CVSS9.3AI score0.05223EPSS
Exploits0References3
CNVD
CNVD
added 2018/05/03 12:0 a.m.2 views

GNU Binutils Binary File Descriptor Library Denial of Service Vulnerability (CNVD-2018-09562)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

5.5CVSS6.8AI score0.01886EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/11 12:0 a.m.4 views

Buffalo WZR-1750DHP2 Buffer Overflow Vulnerability

The Buffalo WZR-1750DHP2 is a router product from the Buffalo Group of Japan. A buffer overflow vulnerability exists in the Buffalo WZR-1750DHP2 version 2.30 and earlier. An attacker can exploit this vulnerability to execute arbitrary code with the help of specially crafted files...

9.3CVSS8.1AI score0.01585EPSS
Exploits0References1
Rows per page
Query Builder