Lucene search
K

967 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 2:57 p.m.4 views

CVE-2019-25637

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...

8.6CVSS6.5AI score0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/24 12:30 p.m.5 views

EUVD-2019-20014

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...

8.6CVSS6.5AI score0.00183EPSS
Exploits0References4
NVD
NVD
added 2026/03/24 12:16 p.m.5 views

CVE-2019-25637

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...

8.6CVSS0.00183EPSS
Exploits0References3
CVE
CVE
added 2026/03/24 11:27 a.m.8 views

CVE-2019-25637

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows a local attacker to execute arbitrary code by overwriting the EIP register via a 264-byte overflow. The attacker can inject shellcode into memory and use an egg hunter technique to locate and execute the payload when th...

8.6CVSS6.5AI score0.00183EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.2 views

CVE-2019-25637 X-NetStat Pro 5.63 Local Buffer Overflow via EggHunter

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...

8.6CVSS6.5AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.7 views

Flowise 安全漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.0.13 contained security vulnerabilities. These vulnerabilities stemmed from using an HTTP client that allowed arbitrary x-request-from headers, which could enable...

8.8CVSS5.9AI score0.00477EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.6 views

CVE-2026-30791

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

8.7CVSS5.8AI score0.0024EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.6 views

CVE-2026-30792

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Strategy sync, HTTP API client, config options engine modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...

9.1CVSS5.8AI score0.00265EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.7 views

CVE-2026-30783

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Client signaling, API sync loop, config management modules allows Privilege Abuse. This vulnerability is associated with program files src/rendezvousmediator.Rs, src/hbbshttp/sync....

9.8CVSS5.8AI score0.00376EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 3:52 p.m.6 views

CVE-2026-30783

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Client signaling, API sync loop, config management modules allows Privilege Abuse. This vulnerability is associated with program files src/rendezvousmediator.Rs, src/hbbshttp/sync....

9.8CVSS5.8AI score0.00376EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/05 3:52 p.m.6 views

CVE-2026-30783 RustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL Policies

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Client signaling, API sync loop, config management modules allows Privilege Abuse. This vulnerability is associated with program files src/rendezvousmediator.Rs, src/hbbshttp/sync....

4.8CVSS5.8AI score0.00376EPSS
Exploits1References3
NVD
NVD
added 2026/03/03 11:15 p.m.5 views

CVE-2026-26266

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS0.00239EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/03 10:16 p.m.5 views

CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS5.8AI score0.00239EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/03 10:16 p.m.21 views

CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS0.00239EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/03 10:16 p.m.5 views

CVE-2026-26266

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS5.8AI score0.00239EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/03 10:16 p.m.3 views

CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS5.8AI score0.00239EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.6 views

PT-2026-22839

Name of the Vulnerable Software and Affected Versions AliasVault versions 0.25.3 and lower Description AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS issue exists in the email rendering feature of the AliasVault Web Client. When...

9.3CVSS5.8AI score0.00239EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/02/25 1:9 a.m.22 views

CVE-2025-67752 OpenEMR Has Disabled SSL Certificate Verification in HTTP Client

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper oeHttp/oeHttpRequest disables SSL/TLS certificate verification by default verify: false, making all external HTTPS connections vulnerable ...

8.1CVSS0.00233EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2026/02/10 12:0 a.m.8 views

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.3AI score0.01525EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.3 views

RHEL 8 : python3.12 (RHSA-2026:2419)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2419 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7.5CVSS7.3AI score0.01525EPSS
Exploits0References5
Rows per page
Query Builder