Lucene search
K

330 matches found

EUVD
EUVD
added 2026/01/22 12:13 p.m.6 views

EUVD-2026-4158

Authorization Bypass Through User-Controlled Key vulnerability in Solvera Software Services Trade Inc. Teknoera allows Exploitation of Trusted Identifiers.This issue affects Teknoera: through 01102025...

7.5CVSS5.4AI score0.00379EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 12:0 a.m.5 views

EUVD-2026-4118

An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privileges via a crafted deauth frame...

7.4CVSS5.4AI score0.00337EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/21 6:42 a.m.3 views

EUVD-2026-3688

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

9.8CVSS5.5AI score0.98871EPSS
Exploits61References5
EUVD
EUVD
added 2026/01/20 8:41 p.m.5 views

EUVD-2026-3340

A memory leak in Node.js’s OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. When applications call socket.getPeerCertificatetrue, each certificate field leaks memory, allowing remote clients to trigger steady memory growth through...

6.5CVSS7.4AI score0.0023EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 3:39 p.m.6 views

EUVD-2026-3380

IBM ApplinX 11.1 could allow an authenticated user to perform unauthorized administrative actions on the server due to server-side enforcement of client-side security...

3.1CVSS5.5AI score0.00159EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 3:37 p.m.7 views

EUVD-2026-3361

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.1AI score0.00147EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 3:23 p.m.5 views

EUVD-2026-3352

IBM Application Gateway 23.10 through 25.09 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.4CVSS5.5AI score0.00162EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 2:56 p.m.5 views

EUVD-2026-3434

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS5.3AI score0.00287EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 11:35 a.m.7 views

EUVD-2026-3459

Stored Cross-Site Scripting XSS in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows: 'companyaddress', 'companyemail', 'companyname', 'country',...

5.1CVSS5.5AI score0.00162EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 6:30 a.m.8 views

EUVD-2026-3478

Not used...

5.3AI score
Exploits0References1
EUVD
EUVD
added 2026/01/20 6:0 a.m.5 views

EUVD-2026-3442

The Bookingor WordPress plugin through 1.0.12 exposes authenticated AJAX actions without capability or nonce checks, allowing low-privileged users to delete Bookingor WordPress plugin through 1.0.12 data...

6.5CVSS5.4AI score0.00174EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/20 5:32 a.m.6 views

EUVD-2026-3468

A vulnerability was detected in Bjskzy Zhiyou ERP up to 11.0. Impacted is the function initRCForm of the file RichClientService.class of the component com.artery.richclient.RichClientService. Performing a manipulation results in xml external entity reference. The attack is possible to be carried...

6.5CVSS6.2AI score0.00225EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/20 12:32 a.m.5 views

EUVD-2026-3484

A security vulnerability has been detected in MineAdmin 1.x/2.x. Affected is an unknown function of the file /system/getFileInfoById. Such manipulation of the argument ID leads to information disclosure. It is possible to launch the attack remotely. The attack requires a high level of complexity...

3.1CVSS4.3AI score0.00409EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/20 12:30 a.m.4 views

EUVD-2026-3345

EUVD-2026-3345...

7.1CVSS5.3AI score0.08843EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/20 12:30 a.m.9 views

EUVD-2026-3493

EUVD-2026-3493...

7.5CVSS5.3AI score0.00359EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/19 12:2 p.m.4 views

EUVD-2026-3220

A vulnerability was detected in technical-laohu mpay up to 1.2.4. This affects an unknown function. Performing a manipulation results in cross-site request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used...

5.3CVSS5.2AI score0.00212EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/19 7:32 a.m.11 views

EUVD-2026-3238

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is...

7.5CVSS5.2AI score0.00349EPSS
Exploits1References9
EUVD
EUVD
added 2026/01/19 1:2 a.m.5 views

EUVD-2026-3249

A vulnerability has been found in Yonyou KSOA 9.0. Impacted is an unknown function of the file /kmc/savecatalog.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument catalogid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS5.5AI score0.0051EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/18 3:2 p.m.5 views

EUVD-2026-3177

A vulnerability was identified in Yonyou KSOA 9.0. Affected is an unknown function of the file /worksheet/workmod.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available an...

7.5CVSS6.4AI score0.00414EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/18 7:32 a.m.7 views

EUVD-2026-3181

A security flaw has been discovered in nicbarker clay up to 0.14. This affects the function ClayMeasureTextCached in the library clay.h. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be used...

4.8CVSS5.9AI score0.0012EPSS
Exploits0References6
Rows per page
Query Builder