Lucene search
K

3719 matches found

Nuclei
Nuclei
added yesterday16 views

WordPress Themify Builder < 7.5.8 - Open Redirect

The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerability. The plugin does not validate the tbredirectfail parameter before redirecting users to its value, which could allow attackers to redirect users to malicious websites. id: CVE-2024-3032 info: name:...

6.1CVSS5.8AI score0.00823EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday209 views

Gitea 1.22.0 - Cross-Site Scripting

Gitea 1.22.0 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability allows an attacker to inject malicious scripts that get stored on the server and executed in the context of another user's session. id: CVE-2024-6886 info: name: Gitea 1.22.0 - Cross-Site Scripting...

10CVSS7.3AI score0.40321EPSS
Exploits3References2
OSV
OSV
added 2 days ago5 views

ROOT-OS-UBUNTU-2204-CVE-2025-71289 CVE-2025-71289 in rootio-linux - Patched by Root

Root has patched CVE-2025-71289 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS5.8AI score0.00127EPSS
Exploits0
OSV
OSV
added 2 days ago7 views

ROOT-OS-DEBIAN-11-CVE-2026-46187 CVE-2026-46187 in rootio-linux - Patched by Root

Root has patched CVE-2026-46187 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

4.7CVSS5.8AI score0.00093EPSS
Exploits0
NVD
NVD
added 6 days ago9 views

CVE-2023-37524

HCL Traveler for Microsoft Outlook HTMO is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerabl...

7.7CVSS0.00108EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-54275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the serverhostname TLS SNI check can be bypassed when an existi...

7.5CVSS5.8AI score0.00266EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

MiracleLinux 8 : dracut-049-244.git20260529.el8_10 (AXSA:2026-806:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-806:01 advisory. dracut: dracut: Root code execution via DHCP options command injection CVE-2026-6893 Tenable has extracted the preceding description block directly from the...

7.5CVSS6.4AI score0.01131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.11 views

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2026:2453-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2453-1 advisory. This update for java-180-ibm fixes the following issues - CVE-2026-22007: APIs in the specified component can lead to an unauthorized read acce...

9.8CVSS7.4AI score0.00702EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties...

7.1CVSS6AI score0.00191EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49616

CVE ID :CVE-2026-54295 Published : June 15, 2026, 6:32 p.m. | 1 hour, 18 minutes ago Description :None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.2AI score0.0004EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-44492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NOPROXY...

8.6CVSS5.9AI score0.00921EPSS
Exploits1References3
Circl
Circl
added 2026/06/09 3:44 p.m.10 views

CVE-2026-42914

creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...

5.3CVSS5.3AI score0.00794EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.7 views

CVE-2026-8784

A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...

4.6CVSS5.1AI score0.00157EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:26 p.m.7 views

CVE-2026-45776 Open XDMoD has Broken Access Control via Client-Controlled Session Variable

OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, a flaw in Open XDMoD's access control logic allows an attacker to submit a crafted HTTPS POST request that sets a session variable used for authorization decisions. If an installation of Open XDMoD...

5.3CVSS5.4AI score0.00236EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via...

4.3CVSS5.5AI score0.00176EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/06/04 2:25 p.m.6 views

@beemstream/keystone-document-gallery (>=2.0.0 <=2.0.6), @k6js/admin-ui (>=0.3.0-20250618-02 <=0.4.7) +19 more potentially affected by CVE-2026-10802 via @keystone-6/core (>=1.1.1 <=6.5.2)

@keystone-6/core NPM version =1.1.1, =2.0.0, =0.3.0-20250618-02, =1.0.17, =1.0.19, =0.0.1, =2.1.0, =2.1.0-beta.0, =0.0.1-alpha.1, =1.0.0, =6.0.21, =1.0.0, =1.0.3, =1.0.12 and more Source cves: CVE-2026-10802 Source advisory: SNYK:JS-KEYSTONE6CORE-17179719...

5.3CVSS5.5AI score0.0031EPSS
Exploits0
OSV
OSV
added 2026/06/03 6:16 p.m.7 views

UBUNTU-CVE-2026-46270

In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

8.4CVSS5.3AI score0.00129EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2026/06/03 2:16 p.m.4 views

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.5.32) +47 more potentially affected by CVE-2026-48587 via django (>=6.0.0 <=6.0.5)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 and more Source cves: CVE-2026-48587 Source advisory: OSV:PYSEC-2026-198...

5.3CVSS5.7AI score0.00354EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-71313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may le...

5.5CVSS5.5AI score0.00107EPSS
Exploits0References4
Circl
Circl
added 2026/05/29 12:23 a.m.11 views

CVE-2026-44881

creationtimestamp| type| source ---|---|--- 2026-05-29 00:23:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmxbhnzpaf2w 2026-06-11 19:22:45+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnzx6hyanz2x 2026-06-11 19:27:32+00:00| seen|...

9.9CVSS7.1AI score0.00416EPSS
Exploits2References5
Rows per page
Query Builder