Lucene search
K

526 matches found

NVD
NVD
added 2026/07/02 12:17 p.m.5 views

CVE-2026-57347

Subscriber Sensitive Data Exposure in Hotel Booking Lite = 6.0.3 versions...

6.5CVSS0.00371EPSS
Exploits0References1
Circl
Circl
added 2026/07/02 12:18 a.m.9 views

CVE-2026-14403

creationtimestamp| type| source ---|---|--- 2026-07-02 00:18:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpmqzc7uwk2k 2026-07-02 08:25:21+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-02 16:51:23+00:00| seen|...

8.8CVSS5.8AI score0.00257EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 2:52 p.m.5 views

EUVD-2026-39698

Unauthenticated Multiple Vulnerabilities in BitFire Security = 5.0.3 versions...

8.6CVSS5.8AI score0.00275EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/23 12:42 p.m.5 views

WordPress BitFire Security plugin <= 5.0.3 - Multiple Vulnerabilities vulnerability

Multiple Vulnerabilities vulnerability discovered by Aurélien BOURDOIS Elymaro in WordPress Plugin BitFire Security versions = 5.0.3...

8.6CVSS5.8AI score0.00275EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/22 2:16 p.m.13 views

CVE-2025-33128

IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...

5.4CVSS0.00139EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 1:20 p.m.9 views

EUVD-2025-210300

IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...

5.4CVSS5.5AI score0.00139EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 3:53 p.m.7 views

EUVD-2026-38040

Improper neutralization of input during web page generation XSS vulnerability in the GridTime 3000 password reset form allows XSS. This issue affects GridTime 3000: from 1.0r0.03 before 1.2r0.0...

5.3CVSS5.8AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.20 views

PT-2026-50508

Name of the Vulnerable Software and Affected Versions RTI Connext Micro versions 4.0.0 through 4.2.0 Description An integer underflow wrap or wraparound in the Core Libraries can lead to buffer overreads. An integer underflow occurs when an arithmetic operation results in a value smaller than the...

9.1CVSS6.2AI score0.00296EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/15 12:45 a.m.10 views

EUVD-2026-36677

A vulnerability has been found in Intelliants Subrion CMS up to 4.0.3. Affected by this issue is some unknown functionality of the component Blocks Endpoint. Such manipulation of the argument CSS class name leads to cross site scripting. The attack may be launched remotely. The exploit has been...

4.8CVSS3.3AI score0.00214EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 3:36 p.m.6 views

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities HTML / XSS Injection observed

Summary Vulnerabilities have been identified in HTML / XSS Injection, which is used in IBM Engineering Lifecycle Management -Engineering Workflow Management Vulnerability Details CVEID:CVE-2025-33128 DESCRIPTION: IBM Engineering Workflow Management is vulnerable to cross-site scripting. This...

5.4CVSS4.8AI score0.00139EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/07 12:43 a.m.15 views

CVE-2026-45779

OpenXDMoD is an open framework for collecting and analyzing HPC metrics. An SQL injection vulnerability exists in Open XDMoD versions prior to 10.0.3 that allows an unauthenticated remote attacker to execute arbitrary SQL statements. Exploitation requires no authentication or user interaction and...

9.8CVSS6AI score0.00479EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 7:30 p.m.10 views

EUVD-2026-34908

OpenXDMoD is an open framework for collecting and analyzing HPC metrics. An SQL injection vulnerability exists in Open XDMoD versions prior to 10.0.3 that allows an unauthenticated remote attacker to execute arbitrary SQL statements. Exploitation requires no authentication or user interaction and...

9.3CVSS6AI score0.00479EPSS
Exploits0References4
CVE
CVE
added 2026/06/05 7:29 p.m.36 views

CVE-2026-45778

Open XDMoD

8.6CVSS5.4AI score0.00147EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:27 p.m.7 views

CVE-2026-45777

OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Starting in version 9.5.0 and prior to version 11.0.3, an attacker can remotely execute arbitrary system commands on the web server hosting Open XDMoD with the privileges of the web server process. This could allow an attack...

9.3CVSS5.8AI score0.00388EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/06/05 7:27 p.m.13 views

EUVD-2026-34904

OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Starting in version 9.5.0 and prior to version 11.0.3, an attacker can remotely execute arbitrary system commands on the web server hosting Open XDMoD with the privileges of the web server process. This could allow an attack...

9.3CVSS5.8AI score0.00388EPSS
Exploits1References3
CVE
CVE
added 2026/06/05 7:27 p.m.39 views

CVE-2026-45777

Open XDMoD (OpenXDMoD): A remote command-injection vulnerability allows an attacker to execute arbitrary system commands on the web server process, affecting versions 9.5.0–11.0.2. Root cause: OS command injection that can compromise confidentiality, integrity, and availability. Impact includes r...

9.8CVSS5.8AI score0.00388EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.19 views

PT-2026-47052

Name of the Vulnerable Software and Affected Versions OpenXDMoD versions prior to 10.0.3 Description An SQL injection allows an unauthenticated remote attacker to execute arbitrary SQL statements. This can result in the complete compromise of the underlying database. The issue requires no...

9.8CVSS6AI score0.00479EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.19 views

Fedora 44 : perl-Crypt-Argon2 / perl-Dist-Build / perl-ExtUtils-Builder / etc (2026-dafdad8fd3)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-dafdad8fd3 advisory. Update to 0.031 2477035 2481131 fixes CVE-2026-8463 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

5.3CVSS5.5AI score0.00327EPSS
Exploits0References2
NVD
NVD
added 2026/06/03 2:16 p.m.16 views

CVE-2024-47263

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive informati...

4.1CVSS0.00297EPSS
Exploits0References1
OSV
OSV
added 2026/06/03 6:16 a.m.10 views

UBUNTU-CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

2.3CVSS5.4AI score0.00349EPSS
Exploits0References2
Rows per page
Query Builder