Lucene search
K

2856011 matches found

Packet Storm News
Packet Storm News
added 2026/09/10 12:0 a.m.220 views

IServ Schoolserver User Enumeration

IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...

5.8AI score
Exploits0
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-43574

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...

6.2AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-43567

OpenClaw versions before 2026.6.9 contain a symlink following vulnerability in the mirror sync feature that allows lower-trust callers to perform actions requiring stronger authorization. Attackers can exploit remote symlink parents to bypass policy checks and authorization boundaries when the...

7.6CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago4 views

EUVD-2026-43571

OpenClaw versions 2026.6.5 before 2026.6.9 contain a vulnerability in the plugin install wrappers that could skip the install policy authorization check. When the affected feature is enabled and reachable, a lower-trust caller or a configured input path could execute or persist actions beyond the...

6.9CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-43561

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /subject.php. Such manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. The exploit is...

5.3CVSS4.7AI score
Exploits0References7
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-43553

A weakness has been identified in antv layout 2.0.0. This impacts the function setNestedValue in the library lib/util/object.js. Executing a manipulation of the argument path can lead to improperly controlled modification of object prototype attributes. The attack can be launched remotely. The...

6.5CVSS6.5AI score
Exploits0References6
BDU FSTEC
BDU FSTEC
added yesterday25 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00385EPSS
Exploits0References11Affected Software9
BDU FSTEC
BDU FSTEC
added yesterday16 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00456EPSS
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-15605

A security vulnerability has been detected in wandb 0.25.2.dev1. Affected is the function ArtifactManifestEntry.download in the library wandb/sdk/lib/hashutil.py of the component Artifact Integrity Validation. The manipulation leads to use of weak hash. The attack may be initiated remotely. A hig...

3.1CVSS5.5AI score
Exploits0References7
CVE
CVE
added yesterday8 views

CVE-2026-58489

HedgeDoc is an open source, real-time collaborative markdown notes application. Prior to 1.11.0, the GitHub Gist export flow created an OAuth2 state value but only checked that it was present rather than validating it against the value expected for the user's session. Because the state was not...

6.8CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2026-58486

CVE-2026-58486: HedgeDoc prior to 1.11.0 is vulnerable to a YAML alias bomb in note frontmatter. HedgeDoc parses frontmatter with js-yaml.load (js-yaml v3) via @hedgedoc/meta-marked, resolving YAML anchors and potentially expanding a malicious payload into a huge object, consuming CPU on each req...

8.3CVSS6.1AI score
Exploits0References2
Circl
Circl
added yesterday3 views

CVE-2026-55773

creationtimestamp| type| source ---|---|--- 2026-07-13 21:01:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqkllwplkm2l 2026-07-13 21:57:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqkoqqunqx2l...

8.8CVSS6.1AI score
Exploits0References2
Circl
Circl
added yesterday3 views

CVE-2026-55771

creationtimestamp| type| source ---|---|--- 2026-07-13 21:01:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqkllprtr22c 2026-07-13 22:25:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqkqcx5wqd2e...

8.8CVSS6.1AI score
Exploits0References2
Circl
Circl
added yesterday2 views

CVE-2026-58409

creationtimestamp| type| source ---|---|--- 2026-07-13 20:52:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqkl3nckeb2q 2026-07-13 21:43:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqknxvjjbd2z 2026-07-13 22:01:11+00:00| seen|...

9.1CVSS6.1AI score
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: Vulnerability in bytes bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the bytes library, which is affected by an integer overflow vulnerability. CVE-2026-25541 Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 ...

7.5CVSS6AI score0.00559EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: Vulnerability in undici bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the undici library, which is affected by a denial of service vulnerability. CVE-2026-22036 Vulnerability Details CVEID:CVE-2026-22036 DESCRIPTION: Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0,...

7.5CVSS6.7AI score0.00433EPSS
Exploits0Affected Software2
NVD
NVD
added yesterday5 views

CVE-2026-60103

Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a crafted .blend file with a malicious signed short memberindex value in the SDNA block. The memberindex field is used as an array index into...

6.8CVSS
Exploits0References3
Circl
Circl
added yesterday2 views

CVE-2026-59245

creationtimestamp| type| source ---|---|--- 2026-07-13 17:53:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqkb4bifd22w 2026-07-13 18:20:14+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mqkcm5c5tr2t...

8.1CVSS6.1AI score
Exploits0References2
Circl
Circl
added yesterday3 views

CVE-2026-58065

creationtimestamp| type| source ---|---|--- 2026-07-13 17:48:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqkatd3dmc2x 2026-07-13 18:15:13+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mqkcd6u55r2f 2026-07-13 22:10:25+00:00| seen|...

8.1CVSS6.1AI score
Exploits0References3
CVE
CVE
added yesterday9 views

CVE-2026-60103

Blender 3.0.0–5.1.2 contains an out-of-bounds read via a crafted .blend SDNA block. The signed short member_index is used as an array index into sdna->members[] in sdna_expand_names() without bounds checking, producing an invalid pointer that is then passed to strlen(), causing a SIGSEGV or un...

6.8CVSS6.1AI score
Exploits0References3
Rows per page
Query Builder