Lucene search
+L

620 matches found

opensuse
opensuse
added yesterday3 views

Security update for nasm (low)

openSUSE security update: security update for nasm ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21333-1 Rating: low References: bsc1261985 bsc1261986 Cross-References: CVE-2026-6067 CVE-2026-6068 CVSS scores: CVE-2026-6067 SUSE : 3.3...

4.6CVSS6.3AI score0.00414EPSS
Exploits2References2
nvd
nvd
added 2 days ago3 views

CVE-2026-47736

Puma is a Ruby/Rack web server built for parallelism. From 5.5.0 until 7.2.1 and 8.0.2, when PROXY protocol v1 support is enabled, Puma reads incoming bytes into an internal buffer while waiting for CRLF to determine whether a PROXY v1 line is present, allowing an attacker that continuously sends...

7.5CVSS0.0035EPSS
Exploits0References5
nvd
nvd
added 2 days ago8 views

CVE-2026-15668

A vulnerability has been found in louisho5 picobot up to 0.2.0. This vulnerability affects the function WebTool.Execute of the file internal/agent/tools/web.go of the component web Tool. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotel...

6.5CVSS0.00228EPSS
Exploits0References6
nvd
nvd
added 3 days ago3 views

CVE-2026-57410

Incorrect Privilege Assignment vulnerability in MailerPress Team MailerPress mailerpress allows Privilege Escalation.This issue affects MailerPress: from n/a through = 2.0.2...

8.8CVSS0.00286EPSS
Exploits0References1
cvelist
cvelist
added 6 days ago30 views

CVE-2026-12535 Formatter Field - Critical - PHP object injection - SA-CONTRIB-2026-048

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Formatter Field allows Object Injection. This issue affects Formatter Field versions: from 0.0.0 to 2.0.0...

0.00386EPSS
Exploits0References1
osv
osv
added 2026/07/08 1:30 p.m.3 views

CVE-2026-15034 flask-dashboard Flask-MonitoringDashboard cross-site request forgery

A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected by this issue is some unknown functionality. Such manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS5.5AI score0.00222EPSS
Exploits0References11
ossf
ossf
added 2026/07/03 11:50 p.m.10 views

Malicious code in bytekit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bbaea22b635a4a8425964572b733b806f45714a9090492d1c39d545088fe336 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/30 11:36 a.m.8 views

CVE-2026-8402 SQLi in Exagate's SYSGUARD 6001

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. SYSGUARD 6001 allows Blind SQL Injection. This issue affects SYSGUARD 6001: from 2.0.2 before 6.1.16.0. NOTE: The vendor was...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References1
nvd
nvd
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56030

Unauthenticated Privilege Escalation in Paytium = 5.0.2 versions...

9.8CVSS0.00331EPSS
Exploits0References1
nvd
nvd
added 2026/06/25 2:16 p.m.9 views

CVE-2026-47153

In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 1:49 p.m.4 views

CVE-2026-6432

Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage...

5.3CVSS5.8AI score0.00308EPSS
Exploits0References3
osv
osv
added 2026/06/25 1:49 p.m.3 views

CVE-2026-6432 Improper bounds validation in EmberZNet SDK

Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage...

5.3CVSS5.9AI score0.00308EPSS
Exploits0References5
cve
cve
added 2026/06/25 1:49 p.m.20 views

CVE-2026-6432

The CVE-2026-6432 entry concerns EmberZNet SDK versions 9.0.2 and earlier, with a root cause of improper bounds validation. This can lead to crashes or dynamic memory leakage. The available documents do not specify additional details such as affected products beyond EmberZNet SDK, release version...

5.3CVSS5.8AI score0.00308EPSS
Exploits0References2
euvd
euvd
added 2026/06/25 1:49 p.m.7 views

EUVD-2026-39411

Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage...

5.3CVSS5.8AI score0.00308EPSS
Exploits0References2
cve
cve
added 2026/06/25 1:39 p.m.30 views

CVE-2026-47150

The advisory concerns EmberZNet v9.0.2 and earlier where malformed IAS Zone enrollment messages can trigger an out-of-bounds write to a state-table, terminating the process. The write’s size/location are bounded, and only messages from devices that have already joined the network affect devices s...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/24 12:0 a.m.11 views

CVE-2025-60474

GPAC MP4Box up to version 26.01.x has a buffer overflow in the gf_media_import() function (in /media_tools/av_parsers.c). The underlining issue allows DoS via crafted input, affecting MP4Box before 26.02.0. Public sources consistently cite GPAC MP4Box versions prior to 26.02.0 as vulnerable, with...

7.5CVSS6.1AI score0.00579EPSS
Exploits1References6Affected Software1
nvd
nvd
added 2026/06/15 9:17 p.m.12 views

CVE-2026-52700

Subscriber SQL Injection in WCMultiShipping = 3.0.2 versions...

8.5CVSS0.0037EPSS
Exploits0References1
nvd
nvd
added 2026/06/15 9:17 p.m.13 views

CVE-2026-49780

Customer Privilege Escalation in Dokan = 5.0.2 versions...

8.8CVSS0.00283EPSS
Exploits0References1
euvd
euvd
added 2026/06/15 8:19 p.m.12 views

EUVD-2026-36897

Customer Privilege Escalation in Dokan = 5.0.2 versions...

8.8CVSS5.2AI score0.00283EPSS
Exploits0References1
ibm
ibm
added 2026/06/15 6:17 a.m.5 views

Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-11143

Summary IBM Engineering Systems Design Rhapsody was affected by CVE-2025-11143. Although the vulnerability is generally rated low to medium severity due to the specific conditions required for exploitation, it can become more impactful in complex multi-layered architectures where consistent URL...

6.5CVSS6.8AI score0.00159EPSS
Exploits0Affected Software1
Rows per page
Query Builder