Lucene search
K

500 matches found

OSV
OSV
added last week3 views

CVE-2026-15164 Heap-based Buffer Overflow in ciscodump

Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service...

5.5CVSS6.1AI score0.00097EPSS
Exploits1References4
OSV
OSV
added 2026/07/06 6:27 a.m.6 views

OESA-2026-2836 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/07/06 5:55 a.m.4 views

BIT-MASTODON-2026-46348 Mastodon: SSRF Bypass via IPv6 Unspecified Address (::)

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, the list of disallowed IP address ranges was lacking an IP address range that can be used to reach local IP addresses. An attacker can use an IP address in the affected range to make...

8.7CVSS6AI score0.00337EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/07/02 1:24 p.m.6 views

WordPress Advanced Shipment Tracking for WooCommerce plugin <= 4.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Advanced Shipment Tracking for WooCommerce versions = 4.0...

7.6CVSS6AI score0.00372EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/07/02 8:42 a.m.8 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 4:16 p.m.12 views

CVE-2026-8480

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...

4.3CVSS0.00087EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/29 4:17 p.m.6 views

WordPress Editorial Rating – Product Review & Rating System plugin <= 4.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Supoj Polsawas sp0x5ec in WordPress Plugin Editorial Rating – Product Review & Rating System versions = 4.0.5...

4.4CVSS5.8AI score0.0024EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-57642

Contributor SQL Injection in Gallery = 4.7.8 versions...

8.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-54840

Unauthenticated Broken Access Control in Newsletters = 4.13 versions...

7.3CVSS0.00213EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57645

newsletterssubscribers Broken Access Control in Newsletters = 4.13 versions...

8.1CVSS5.8AI score0.00189EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 2:53 p.m.4 views

EUVD-2026-39744

Administrator SQL Injection in WP All Import = 4.0.1 versions...

7.6CVSS5.8AI score0.00279EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:48 p.m.21 views

CVE-2026-50128

Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11 and 4.4.18, Mastodon has a feature to let websites credit authors of their articles. To prevent false attribution claims, Mastodon uses the attributionDomains JSON-LD term, however, an error in how...

5.3CVSS5.9AI score0.00129EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/22 10:16 p.m.7 views

CVE-2026-48166

Filament is a collection of full-stack components for accelerated Laravel development. From 4.0.0 until 4.11.5 and 5.6.5, the login page has an observable timing discrepancy that allows unauthenticated attackers to enumerate registered email addresses. The impact is limited to disclosing whether ...

5.3CVSS0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.19 views

PT-2026-51387

Name of the Vulnerable Software and Affected Versions Filament versions 4.0.0 through 4.11.4 Filament versions 5.0.0 through 5.6.4 Description The login page contains a timing discrepancy that enables unauthenticated attackers to perform email enumeration. This allows an attacker to determine if ...

5.3CVSS5.9AI score0.0021EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36923

Unauthenticated Cross Site Scripting XSS in WooCommerce Product Table Lite = 4.6.3 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.11 views

CVE-2026-40792

Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...

6.3CVSS0.00249EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-34886

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

7.5CVSS0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.9 views

CVE-2026-40727 WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability

Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...

7.7CVSS5.2AI score0.00342EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49366

Unauthenticated Cross Site Scripting XSS in GiveWP = 4.14.2 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/13 1:13 a.m.14 views

[SECURITY] Fedora 44 Update: vmod-uuid-1.10-31.fc44

UUID Varnish vmod used to generate a uuid, including versions 1, 3, 4 and 5 as specified in RFC 4122. See the RFC for details about the various versions...

5.4AI score
Exploits0
Rows per page
Query Builder