Lucene search
K

330 matches found

EUVD
EUVD
added 2026/01/16 7:9 p.m.5 views

EUVD-2026-2903

Sandboxie Plus 0.7.4 contains an unquoted service path vulnerability in the SbieSvc service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem...

8.5CVSS6.7AI score0.00011EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/16 7:9 p.m.5 views

EUVD-2026-2888

Acer Backup Manager 3.0.0.99 contains an unquoted service path vulnerability in the NTI IScheduleSvc service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\NTI\Acer Backup Manager\ to inject malicious executables that...

8.5CVSS6.6AI score0.0015EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/16 7:9 p.m.6 views

EUVD-2026-2881

Acer ePowerSvc 6.0.3008.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with LocalSystem...

8.5CVSS6.5AI score0.0015EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/16 5:6 p.m.5 views

EUVD-2026-2925

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to corrupt coprocessor memory...

7.8CVSS5.6AI score0.00143EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/16 3:46 p.m.5 views

EUVD-2026-2929

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...

4.6CVSS6.5AI score0.00202EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/16 6:43 a.m.6 views

EUVD-2026-2962

The LEAV Last Email Address Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions = 1.7.1. This is due to missing or incorrect nonce validation on the displaysettingspage function. This makes it possible for unauthenticated attackers to modify plugin settings via ...

4.3CVSS5.2AI score0.00131EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/16 4:44 a.m.5 views

EUVD-2026-2978

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /aioseo/v1/ai/credits REST route in all versions up to, and including, 4.9.2. This makes it possible for...

4.3CVSS4.6AI score0.00226EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/16 12:30 a.m.4 views

EUVD-2026-3024

EUVD-2026-3024...

9.8CVSS6.4AI score0.00765EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/16 12:0 a.m.3 views

EUVD-2026-2878

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

2.6CVSS6.7AI score0.00193EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/15 1:10 p.m.4 views

EUVD-2026-2824

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...

6.8CVSS6.2AI score0.00035EPSS
Exploits0References7
EUVD
EUVD
added 2026/01/14 6:58 p.m.4 views

EUVD-2026-2426

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to execute stored cross-site scripting through improper input validation in the Kubernetes proxy functionality...

7.7CVSS5.8AI score0.00313EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/14 6:40 p.m.5 views

EUVD-2026-2429

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

4.8CVSS5.5AI score0.00188EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/14 3:7 p.m.4 views

EUVD-2026-2472

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...

6AI score0.00102EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/14 3:5 p.m.4 views

EUVD-2026-2506

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlandelfailbmap is BITSTOLONGSVLANNVID. It may cause...

5.9AI score0.00126EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/14 12:19 p.m.7 views

EUVD-2026-2512

Y Soft SafeQ 6 renders the Workflow Connector password field in a way that allows an administrator with UI access to reveal the value using browser developer/inspection tools. The affected customers are only those with a password-protected scan workflow connector. This issue affects Y Soft SafeQ ...

5.1CVSS6.4AI score0.00286EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/14 6:40 a.m.5 views

EUVD-2026-2530

The WMF Mobile Redirector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level...

4.4CVSS4.7AI score0.00249EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/14 5:28 a.m.3 views

EUVD-2026-2546

The AJS Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'notelistclass' and 'popupdisplayeffectin' parameters in all versions up to, and including, 1.0 due to missing authorization and nonce verification on settings save, as well as insufficient input...

7.2CVSS4.8AI score0.00275EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/14 12:31 a.m.6 views

EUVD-2026-2589

EUVD-2026-2589...

9.8CVSS6.4AI score0.00499EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/14 12:31 a.m.5 views

EUVD-2026-2606

EUVD-2026-2606...

8.8CVSS6.4AI score0.021EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/14 12:31 a.m.8 views

EUVD-2026-2609

EUVD-2026-2609...

8.5CVSS6.4AI score0.00185EPSS
Exploits1References4
Rows per page
Query Builder