Lucene search
K

13 matches found

NVD
NVD
added 2026/06/10 12:16 a.m.18 views

CVE-2026-40993

An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository saml2assertingpartymetadata may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials verificationcredentials and...

7.3CVSS0.00198EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 3:51 a.m.10 views

CVE-2026-41853 Spring Framework Multipart Request Smuggling in Spring MVC and WebFlux

Spring MVC and WebFlux applications are vulnerable to Multipart request smuggling attacks. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...

5.3CVSS5.5AI score0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/07 4:27 a.m.32 views

EUVD-2026-28321

The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.4AI score0.00815EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/02/26 10:10 p.m.14 views

@adobe-apimesh/mesh-builder (=1.4.0-beta.5), @akylas/nativescript-cli (>=8.7.2 <=8.8.2) +316 more potentially affected by CVE-2026-27903 via minimatch (>=7.0.0 <=7.4.6)

minimatch NPM version =7.0.0, =8.7.2, =5.5.0-682, =0.0.6, =3.6.0, =2.6.0, =2.5.0, =3.6.0, =4.6.0, =1.11.0, =4.0.0, =2.0.7, =2.0.4, =1.2.1, =1.3.1 - @digit-ui/digit-ui-module-common =1.3.0 and more Source cves: CVE-2026-27903 Source advisory: OSV:GHSA-7R86-CG39-JMMJ...

7.5CVSS7AI score0.00517EPSS
Exploits1
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.8 views

react-router 跨站脚本漏洞

react-router is a Remix open source declarative routing for React. A cross-site scripting vulnerability exists in react-router versions 7.0.0 through 7.8.2, which stems from a cross-site scripting vulnerability when generating script:ld+json tags in framework mode, which could lead to the executi...

7.6CVSS6AI score0.00448EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/01/08 8:54 p.m.9 views

@accounter/client (>=0.0.3 <=0.0.9-alpha-20260108115520-32a9af5faa8ef0a01fc31a81c85715be41f0f63f), @asamanvay/auth-service (>=0.0.2 <=0.0.4) +73 more potentially affected by CVE-2026-22029 via react-router (>=7.0.0 <=7.12.0-pre.0)

react-router NPM version =7.0.0, =0.0.3, =0.0.2, =1.1.0, =0.1.9, =2.0.1-alpha, =0.0.5, =1.8.1, =1.5.0, =16.0.12, =0.1.0, =12.81.0, =8.0.254, =12.72.0, =12.86.0 and more Source cves: CVE-2026-22029 Source advisory: OSV:GHSA-2W69-QVJG-HVJX...

8CVSS6.2AI score0.0077EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/05 9:30 a.m.11 views

biz.grundner.vaadin-in-spring:spring-vaadin (=1.0), cn.jhc:umeditor-vaadin-js (=0.0.1) +141 more potentially affected by CVE-2025-15022 via com.vaadin:vaadin-server (>=7.0.0 <=7.7.5)

com.vaadin:vaadin-server MAVEN version =7.0.0, =0.5, =1.1, =1.0, =1.3, =5.0.0, =5.0.0, =5.0.0, =5.2.4 and more Source cves: CVE-2025-15022 Source advisory: OSV:GHSA-7WWV-79XW-RVVG...

4.8CVSS5.8AI score0.00327EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/01 6:30 p.m.8 views

com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=6.0.0), com.jgeppert.struts2.bootstrap:struts2-bootstrap-showcase (=6.0.0) +53 more potentially affected by CVE-2025-64775 +1 more via org.apache.struts:struts2-core (>=7.0.0 <=7.0.3)

org.apache.struts:struts2-core MAVEN version =7.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.3 and more Source cves: CVE-2025-64775, CVE-2025-66675 Source advisory: SNYK:JAVA-ORGAPACHESTRUTS-14172798...

8.2CVSS7.5AI score0.01456EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/01/09 12:0 a.m.6 views

PT-2024-1070 · Fortinet · Fortiportal

Name of the Vulnerable Software and Affected Versions: Fortinet FortiPortal versions 7.0.0 through 7.0.6 Fortinet FortiPortal versions 7.2.0 through 7.2.1 Description: The issue is related to improper access control in Fortinet FortiPortal, which can be exploited by an attacker to escalate...

8.8CVSS8.8AI score0.00744EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.2 views

SUSE CVE-2022-38150

In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1...

7.5CVSS7.2AI score0.01147EPSS
Exploits0References4
OSV
OSV
added 2022/08/11 1:15 a.m.2 views

DEBIAN-CVE-2022-38150

In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1...

7.5CVSS7.2AI score0.01147EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/25 12:0 a.m.2 views

PiranhaCms 跨站脚本漏洞

PiranhaCms is a friendly editor-centric Cms for use with .Net5 for integrating Cms or headless Api. A cross-site scripting vulnerability exists in PiranhaCMS versions 7.0.0 through 9.1.1, which stems from page headers that are not properly cleaned and are vulnerable to stored XSS attacks, and can...

5.4CVSS5.5AI score0.0063EPSS
Exploits0References3
OSV
OSV
added 2019/09/17 12:15 p.m.3 views

CVE-2019-15131

In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. This vulnerability could allow an attacker to create directories and save files on Code42 servers, which could...

9.8CVSS7.4AI score0.01883EPSS
Exploits0References2
Rows per page
Query Builder