Lucene search
K

27 matches found

NVD
NVD
added 2026/06/17 2:17 p.m.9 views

CVE-2026-54816

Improper Control of Generation of Code 'Code Injection' vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21...

7.5CVSS0.00292EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/18 3:40 p.m.19 views

EUVD-2026-30777

Creating a "2dspherebucket" index on a non-timeseries bucket collection will succeed, but any subsequent attempt to insert a document which triggers updating that index will crash the server. A similar issue occurs when creating "queryableencryptedrange" indices. This issue affects MongoDB Server...

7.1CVSS5.8AI score0.00235EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017679)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017679 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...

4.9CVSS6.7AI score0.02336EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017739 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...

6.8CVSS5.8AI score0.02293EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-30958

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, an unauthenticated path traversal in the /workflow/docs/:componentName endpoint allows reading arbitrary files from the server filesystem. The componentName route parameter is concatenated directly into a file...

8.6CVSS7.4AI score0.01102EPSS
Exploits1References1
CVE
CVE
added 2026/03/10 5:1 p.m.14 views

CVE-2026-30958

OneUptime CVE-2026-30958 describes an unauthenticated path traversal vulnerability in the /workflow/docs/:componentName endpoint, where the componentName parameter is directly concatenated into the server file path used by res.sendFile(), enabling arbitrary file reads. Root cause: lack of sanitiz...

8.6CVSS5.9AI score0.01102EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000456 advisory. In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4putsuper in...

7.8CVSS6.9AI score0.03539EPSS
Exploits1References3
OSV
OSV
added 2025/12/16 10:15 p.m.3 views

UBUNTU-CVE-2025-64520

GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.21, an unauthorized user with an API access can read all knowledge base entries. Users should upgrade to 10.0.21 to receive a patch...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References4
Snyk
Snyk
added 2025/10/14 8:32 p.m.8 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunked HTTP requests. An attacker can bypass security restrictions and potentially access or manipulate sensitive data by sending specially crafted HTTP requests that exploit...

9.9CVSS9.2AI score0.66258EPSS
Exploits5References2
Snyk
Snyk
added 2025/10/14 8:32 p.m.5 views

HTTP Request Smuggling

Overview Microsoft.AspNetCore.App.Runtime.linux-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of...

9.9CVSS9.2AI score0.66258EPSS
Exploits5References2
Microsoft Security Update
Microsoft Security Update
added 2025/10/14 5:0 p.m.11 views

2025-10 .NET 8.0.21 Security Update for x86 Client (KB5068331)

2025-10 .NET 8.0.21 Security Update for x86 Client KB5068331...

7AI score
Exploits0
OSV
OSV
added 2025/06/26 2:15 p.m.5 views

UBUNTU-CVE-2025-6710

MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which coul...

7.5CVSS5.8AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.3 views

WordPress plugin Distance Based Shipping Calculator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

7.1CVSS7.4AI score0.0025EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/10/31 2:29 a.m.1 views

SUSE CVE-2020-14870

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS6.5AI score0.02231EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/10/12 2:17 p.m.3 views

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

6.5CVSS7.2AI score0.01414EPSS
Exploits0References5
OSV
OSV
added 2021/09/28 12:15 p.m.4 views

CVE-2021-41535

A vulnerability has been identified in NX 1953 Series All versions V1973.3700, NX 1980 Series All versions V1988, Solid Edge SE2021 All versions SE2021MP8. The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to...

7.8CVSS5.9AI score0.01517EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/09/21 10:13 a.m.4 views

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.8CVSS7.2AI score0.0202EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/01/19 12:0 a.m.5 views

Oracle MySQL 安全漏洞

Oracle MySQL is an open source relational database management system.MySQL Server mysqld is the MySQL server, the main program that performs most of the work in a MySQL installation. An unspecified vulnerability exists in the InnoDB component of Oracle MySQL Server 8.0.21 and earlier versions. An...

2.3CVSS6.7AI score0.00445EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2020/11/30 1:47 p.m.12 views

mysql: InnoDB unspecified vulnerability (CPU Oct 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS7.3AI score0.02621EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2020/11/02 8:0 a.m.2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).

...

4CVSS7AI score0.01259EPSS
Exploits0
Rows per page
Query Builder