Lucene search
K

50 matches found

OSV
OSV
added 2026/05/29 6:9 a.m.8 views

BELL-CVE-2026-46184

Bulletin has no description...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References1
CVE
CVE
added 2026/04/21 8:35 p.m.56 views

CVE-2026-34282

Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition are affected (Networking component) with multiple supported versions listed. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to cause a hang or frequent crash (DOS) of the...

7.5CVSS5.8AI score0.00635EPSS
Exploits0References19Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/27 8:34 p.m.5 views

CVE-2026-22264

Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run...

9.1CVSS5.9AI score0.00344EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/23 4:47 p.m.6 views

EUVD-2026-4295

BloofoxCMS 0.5.2.1 contains a stored cross-site scripting vulnerability in the articles text parameter that allows authenticated attackers to inject malicious scripts. Attackers can insert malicious javascript payloads in the text field to execute scripts and potentially steal authenticated users...

6.4CVSS5.2AI score0.00197EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/23 2:28 p.m.5 views

EUVD-2026-4348

Missing Authorization vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Edwiser Bridge: from n/a through = 4.3.2...

5.4AI score0.00209EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/23 2:55 a.m.7 views

EUVD-2026-4434

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS6.5AI score0.01511EPSS
Exploits0References3
Circl
Circl
added 2026/01/22 7:10 p.m.6 views

CVE-2026-24361

creationtimestamp| type| source ---|---|--- 2026-01-22 19:10:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mczv7ra6ei2i...

6.5CVSS5AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/22 4:52 p.m.6 views

EUVD-2026-3855

Authorization Bypass Through User-Controlled Key vulnerability in Elated-Themes Sweet Jane sweetjane allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sweet Jane: from n/a through = 1.2...

5.4AI score0.00229EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 4:52 p.m.5 views

EUVD-2026-3993

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ichurakov Paid Downloads paid-downloads allows Blind SQL Injection.This issue affects Paid Downloads: from n/a through = 3.15...

5.6AI score0.00283EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/22 2:45 p.m.7 views

EUVD-2026-4154

MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS5.7AI score0.00146EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/22 12:0 a.m.7 views

EUVD-2026-3882

File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit...

10CVSS6.1AI score0.00486EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/20 9:56 p.m.20 views

CVE-2026-21988

...

8.2CVSS0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/20 3:39 p.m.6 views

EUVD-2026-3380

IBM ApplinX 11.1 could allow an authenticated user to perform unauthorized administrative actions on the server due to server-side enforcement of client-side security...

3.1CVSS5.5AI score0.00159EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 3:4 p.m.5 views

EUVD-2026-3360

IBM Concert 1.0.0 through 2.1.0 is vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface...

8.8CVSS5.4AI score0.0026EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/20 4:14 a.m.4 views

EUVD-2026-3454

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass dangerous file type protections via a malicious file. Chromium security severity: Medium...

5.4CVSS5.5AI score0.00178EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/19 7:2 a.m.9 views

EUVD-2026-3236

A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been made availab...

9CVSS6.2AI score0.00655EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/14 2:42 p.m.6 views

EUVD-2026-2469

The vulnerability exists in BLUVOYIX due to an improper password storage implementation and subsequent exposure via unauthenticated APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable users API to retrieve the...

10CVSS6.8AI score0.03001EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/14 11:55 a.m.6 views

EUVD-2026-2518

Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005...

8.5CVSS6.6AI score0.00222EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/13 3:29 p.m.8 views

EUVD-2026-2289

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix double unregister of HCAPORTS component Clear hcadevcomcomp in device's private data after unregistering it in LAG teardown. Otherwise a slightly lagging second pass through mlx5unloadone might try to unregister it...

5.9AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/13 3:28 p.m.5 views

EUVD-2026-2314

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

6AI score0.00173EPSS
Exploits0References6
Rows per page
Query Builder