Lucene search
K

330 matches found

EUVD
EUVD
added 2026/01/13 3:29 p.m.4 views

EUVD-2026-2284

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating zero-sized extent in extent cache As syzbot reported: F2FS-fs loop0: updateextenttreerange: extent len is zero, type: 0, extent 0, 0, 0, age 0, 0 ------------ cut here ------------ kernel BUG at...

5.9AI score0.00173EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/13 3:28 p.m.5 views

EUVD-2026-2317

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 16bits "mode" field loaded from disk are corrupted. According to 1, the permissions...

6AI score0.00173EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/13 3:5 p.m.6 views

EUVD-2026-2347

A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges...

8.8CVSS6.5AI score0.00109EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/13 1:30 p.m.6 views

EUVD-2026-2087

Sandbox escape in the Messaging System component. This vulnerability affects Firefox 147...

10CVSS5.9AI score0.00306EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/13 12:30 a.m.5 views

EUVD-2026-2397

EUVD-2026-2397...

8.7CVSS6.4AI score0.00568EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/13 12:30 a.m.5 views

EUVD-2026-2398

EUVD-2026-2398...

4.8CVSS6.4AI score0.00127EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/13 12:0 a.m.5 views

EUVD-2026-2276

phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication...

9.8CVSS6.5AI score0.00508EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/11 7:32 a.m.7 views

EUVD-2026-1901

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may...

9CVSS8.9AI score0.03409EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/11 6:32 a.m.5 views

EUVD-2026-1903

A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploi...

9CVSS8.9AI score0.03707EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/09 3:48 p.m.5 views

EUVD-2026-1718

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Exposure of Sensitive...

2.7CVSS6AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/09 3:32 p.m.5 views

EUVD-2026-1708

A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/session/department/level/course/sem results in sql injection. The attack may be launched remotely. The...

6.5CVSS6.5AI score0.00368EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/09 11:54 a.m.5 views

EUVD-2026-1748

Vivotek IP7137 camera with firmware version 0200a is vulnerable to command injection. Parameter "systemntpIt" used by "/cgi-bin/admin/setparam.cgi" endpoint is not sanitized properly, allowing a user with administrative privileges to perform an attack. Due to CVE-2025-66050, administrative access...

9.3CVSS6.5AI score0.01329EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/09 11:53 a.m.5 views

EUVD-2026-1747

Vivotek IP7137 camera with firmware version 0200a by default dos not require to provide any password when logging in as an administrator. While it is possible to set up such a password, a user is not informed about such a need. The vendor has not replied to the CNA. Possibly all firmware versions...

9.3CVSS6.4AI score0.00366EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/09 11:15 a.m.5 views

EUVD-2026-1744

The Contact Form vCard Generator plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wpgvccfcheckdownloadrequest' function in all versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to export sensitive...

5.3CVSS4.9AI score0.00321EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/09 11:5 a.m.4 views

EUVD-2026-1755

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network could exploit this vulnerabilit...

8.7CVSS6.3AI score0.00106EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/09 10:4 a.m.3 views

EUVD-2026-1756

Remote Code Execution vulnerability that allows unauthenticated attackers to inject arbitrary commands into the hostname of the device...

10CVSS7.2AI score0.00712EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/09 10:3 a.m.5 views

EUVD-2026-1761

This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database...

7.5CVSS7.1AI score0.00372EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/09 6:34 a.m.9 views

EUVD-2026-1800

The IndieWeb plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Telephone' parameter in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author level access and...

6.4CVSS4.7AI score0.00205EPSS
Exploits2References4
EUVD
EUVD
added 2026/01/09 6:34 a.m.6 views

EUVD-2026-1785

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'notes' and 'resource' parameters in all versions up to, and including, 5.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS4.8AI score0.00247EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/09 6:34 a.m.6 views

EUVD-2026-1803

The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.9.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated...

5.4CVSS5.4AI score0.00296EPSS
Exploits0References3
Rows per page
Query Builder