Lucene search
+L
AttackerkbRecent

75202 matches found

attackerkb
attackerkb
added 2026/07/02 2:17 a.m.7 views

CVE-2026-13132

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/02 2:14 a.m.7 views

CVE-2026-13131

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/02 2:14 a.m.7 views

CVE-2026-13125

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.8CVSS5.7AI score0.00227EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.6 views

CVE-2026-38972

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibraryL"MSFTEDIT.DLL" with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or...

6.4AI score0.00149EPSS
Exploits1References4
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.6 views

CVE-2026-38968

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding...

5.8AI score0.00379EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.7 views

CVE-2026-52192

An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub445C5C component...

5.8AI score0.00409EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.6 views

CVE-2026-52189

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub487330 component...

5.8AI score0.00452EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.6 views

CVE-2026-52187

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub483ba0 component...

5.8AI score0.00452EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.8 views

CVE-2026-52188

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead//sub497498 component...

5.8AI score0.00237EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.7 views

CVE-2026-38971

ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCSMAVLink/GCSserialcontrol.cpp in GCSMAVLINK::handleserialcontrol...

5.7AI score0.00482EPSS
Exploits1References4
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.5 views

CVE-2026-38970

pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext and parseArray without enforcing a maximum nesting depth...

5.8AI score0.00451EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.6 views

CVE-2026-38969

ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling...

5.8AI score0.00352EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/02 12:0 a.m.4 views

CVE-2026-52191

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub444C8C component...

5.8AI score0.00452EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/01 11:43 p.m.7 views

CVE-2026-50280

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 and above prior to 5.9.21, the EntriesController::actionMoveToSection endpoint gates the destination section only by viewEntries:$section-uid rather than requiring saveEntries permission the source entry is separately checked via...

6CVSS5.7AI score0.00273EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 11:31 p.m.7 views

CVE-2026-50279

Craft CMS is a content management system CMS. IN versions 5.0.0-RC1 and above prior to 5.9.21, theEntriesController::actionSaveEntry performs entry-edit permission checks before request-controlled author changes are applied to the model, allowing for authorship spoofing. The subsequent author...

7.6CVSS5.7AI score0.00245EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 11:26 p.m.6 views

CVE-2026-55794

Craft CMS is a content management system CMS. In versions 5.9.0 and above prior to 5.10.0, control panel users with the ability to edit entries can execute unsandboxed Twig code via the HTTP Referrer header, potentially leading to authenticated RCE. The issue happens when a user is saving entries...

8.7CVSS5.8AI score0.00293EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 11:20 p.m.5 views

CVE-2026-55792

Craft CMS is a content management system CMS. In versions starting from 4.0.0-RC1 and prior to 4.18.0, and 5.0.0-RC1 and above, prior to 5.10.0, the dataUrl Twig function is included in Craft’s Twig sandbox allowlist, allowing any control panel user granted the utility:system-messages permission ...

6CVSS5.8AI score0.00268EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 11:16 p.m.8 views

CVE-2026-11950

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits0References1
attackerkb
attackerkb
added 2026/07/01 11:13 p.m.5 views

CVE-2026-55791

Craft CMS is a content management system CMS. Versions 4.0.0-RC1 and above, prior to 4.18.0 and 5.0.0-RC1, and above, prior to 5.10.0, are vulnerable to Server-Side Request Forgery SSRF and Arbitrary JavaScript Injection through the /actions/app/resource-js endpoint. By exploiting the default...

6.9CVSS5.8AI score0.0033EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 11:5 p.m.6 views

CVE-2026-14439

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to...

9.4CVSS6.5AI score0.00601EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/07/01 10:57 p.m.6 views

CVE-2026-55790

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types...

7.4CVSS5.8AI score0.00311EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:37 p.m.5 views

CVE-2026-50284

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder only requires the deleteAssets: permission for the target folder. It never enforces deletePeerAssets:, even though Assets::deleteFoldersByIds...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:35 p.m.9 views

CVE-2026-14440

Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...

7.6CVSS5.7AI score0.00135EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.5 views

CVE-2026-14426

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00216EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.5 views

CVE-2026-14432

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00247EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.13 views

CVE-2026-14394

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00235EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.9 views

CVE-2026-14403

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.00257EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.7 views

CVE-2026-14393

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00281EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.7 views

CVE-2026-14417

Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00206EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.8 views

CVE-2026-14419

Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.7 views

CVE-2026-14424

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.8 views

CVE-2026-14425

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00218EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.6 views

CVE-2026-14390

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00235EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.6 views

CVE-2026-14398

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.8 views

CVE-2026-14405

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

9.6CVSS6.2AI score0.00307EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.7 views

CVE-2026-14399

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:22 p.m.6 views

CVE-2026-14408

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14413

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00202EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.8 views

CVE-2026-14421

Uninitialized Use in Dawn in Google Chrome on ChromeOS prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14418

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00185EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.8 views

CVE-2026-14402

Uninitialized Use in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.7 views

CVE-2026-14431

Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00275EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.5 views

CVE-2026-14395

Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.00275EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14423

Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.0022EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14400

Out of bounds write in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.10 views

CVE-2026-14392

Out of bounds write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00276EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.8 views

CVE-2026-14397

Out of bounds write in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.5 views

CVE-2026-14406

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.9CVSS5.8AI score0.00189EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.5 views

CVE-2026-14416

Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS5.8AI score0.00243EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14386

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities75202