Lucene search
K

1038 matches found

CVE
CVE
added 4 days ago6 views

CVE-2026-54470

Dell Unisphere for PowerMax, versions up to 10.3.0.5, are affected by an Improper Restriction of XML External Entity Reference. The issue targets the XML parser in a network-accessible context and could allow a low-privileged, remote attacker to gain unauthorized access to sensitive data. The CVS...

5.3CVSS6.1AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 4 days ago12 views

CVE-2026-54469

Dell Unisphere for PowerMax, versions 10.3.0.5 and earlier, are affected by a Deserialization of Untrusted Data vulnerability that could allow arbitrary command execution with root privileges via remote access from a low-privilege attacker. The CVE (CVE-2026-54469) is documented with a high-sever...

8.8CVSS6.3AI score0.00442EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-58303

Stack-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before b30b63fc63b403907d8137da1c65aaa4521fe74e...

6.1CVSS6.2AI score0.00116EPSS
Exploits0References3
NVD
NVD
added last week9 views

CVE-2026-27844

Uncaught Exception CWE-248 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to trigger a Controller restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected: 9.50 prior t...

2.7CVSS0.00227EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 2:26 a.m.11 views

EUVD-2026-37973

Integer Overflow or Wraparound vulnerability in the EtherNet/IP function of Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module FX5-EIP versions 1.000 and prior allows a remote attacker to cause a denial-of-service DoS condition in the affected product by rapidly establishing a larg...

8.7CVSS5.4AI score0.00379EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.22 views

PT-2026-50902

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An incorrect conversion between numeric types occurs in NI grpc-device due to missing range checks in CodeGen. This issue may result in the silent discarding of high bits if a size value...

6.3CVSS5.8AI score0.0018EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/17 12:47 p.m.12 views

EUVD-2026-37692

Unauthenticated Cross Site Scripting XSS in Royal Elementor Addons Pro 1.7.1041 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:57 p.m.11 views

CVE-2026-39547

CVE-2026-39547 : Unauthenticated Local File Inclusion in WordPress Theme Getaway versions before 1.8. The connected records confirm, for Getaway

8.1CVSS5.2AI score0.00338EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-9694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain...

4.3CVSS5.7AI score0.00211EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 2:59 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in dompurify-3.2.6.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in dompurify-3.2.6.tgz Vulnerability Details CVEID:CVE-2026-41238 DESCRIPTION: DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a prototype...

6.9CVSS5.4AI score0.00263EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-48261

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A heap-based buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold. This issue could result in arbitrary code execution in...

7.8CVSS6.3AI score0.00174EPSS
Exploits0References5
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.11 views

CVE-2026-3219 affecting package python-virtualenv for versions less than 20.36.1-4

CVE-2026-3219 affecting package python-virtualenv for versions less than 20.36.1-4. A patched version of the package is available...

4.6CVSS6.2AI score0.00144EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/05/30 3:37 a.m.9 views

CVE-2026-39834 affecting package cert-manager for versions less than 1.12.15-8

CVE-2026-39834 affecting package cert-manager for versions less than 1.12.15-8. A patched version of the package is available...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
NVD
NVD
added 2026/05/28 11:16 p.m.9 views

CVE-2026-9944

Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS0.00197EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 5:45 p.m.14 views

CVE-2026-45021

Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin bootstrap token and signing keys to any webpage the operator visits while the control plane is...

5.1CVSS5.8AI score0.00204EPSS
Exploits0References9Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the Base component’s ability to be reused after being released, potentially allowing remote attackers to execute...

8.8CVSS6.2AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Volcano 安全漏洞

Volcano is a batch processing system built using Kubernetes, developed by Volcano OpenSource. Vulnerabilities exist in versions of Volcano before v1.14.2, v1.13.3, and v1.12.4. These vulnerabilities stem from the Webhook server’s lack of a limit on the size of the HTTP request bodies. Pods that...

6.8CVSS5.9AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.33 views

Webmin 安全漏洞

Webmin is a set of web-based system management tools for Unix-like operating systems, developed by the Webmin community. Versions of Webmin prior to 2.640 contained a security vulnerability, which stemmed from the insecure construction of the attachment save file name in the mailboxes/detachall.c...

9.4CVSS5.8AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/23 12:0 a.m.19 views

New API SQL注入漏洞

The New API is an interface software developed by QuantumNous. Versions of the New API prior to 0.12.1 have a SQL injection vulnerability. This vulnerability originates from the SearchUserTopUps/SearchAllTopUps function in the model/topup.go file of the self Endpoint component, which may lead to...

6.5CVSS6.7AI score0.00192EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Ruby-Rack

There is a possible denial-of-service vulnerability in Rack versions 2.0.9.1, 2.1.4.1, and 2.2.3.1, specifically in the multipart parsing component of Rack...

7.5CVSS6.4AI score0.02056EPSS
Exploits0References2
Rows per page
Query Builder