Lucene search
K
EuvdMost viewed

417631 matches found

EUVD
EUVD
added 2026/05/07 12:31 p.m.20 views

EUVD-2026-28347

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal...

8.1CVSS5.8AI score0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 12:30 p.m.20 views

EUVD-2026-27592

In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...

5.8AI score0.00128EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/05 6:33 p.m.20 views

EUVD-2026-27378

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...

5.7AI score0.00117EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/05 9:31 a.m.20 views

EUVD-2026-27243

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

5.3CVSS5.8AI score0.00665EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/05 12:30 a.m.20 views

EUVD-2026-27161

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function updatedocument/continuedocument/deletedocument/getcontent of the file app/routes/document.py. Performing a manipulation of the argument DOCSDIR/pa...

7.5CVSS6.8AI score0.0041EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/04 6:45 a.m.20 views

EUVD-2026-26927

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 2:15 a.m.20 views

EUVD-2026-26875

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

6.9CVSS5.7AI score0.00453EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/03 4:15 a.m.20 views

EUVD-2026-26814

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This impacts the function getAccessToken of the file yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/service/impl/OAuth2TokenServiceImpl.java. Performing a manipulation results in improper authentication...

7.5CVSS6.8AI score0.00414EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/29 11:35 a.m.20 views

EUVD-2026-26207

Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is serving static resources from...

5.3CVSS5.4AI score0.00341EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/28 11:46 p.m.20 views

EUVD-2026-26189

Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...

5.2AI score0.00487EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 5:46 p.m.20 views

EUVD-2026-26079

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

8.6CVSS5.4AI score0.00395EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/24 2:42 p.m.20 views

EUVD-2026-25513

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 A malicious USB device with the TASCAM US-144MKII device id can have a configuration containing bInterfaceNumber=1 but no interface 0. USB configuration descriptors ar...

5.3AI score0.00196EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/16 10:4 p.m.20 views

EUVD-2026-23318

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...

6.8CVSS6.1AI score0.0016EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/10 3:34 p.m.20 views

EUVD-2026-21427

Vikunja has HTML Injection via Task Titles in Overdue Email Notifications...

5.4CVSS5.8AI score0.00195EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/09 12:32 a.m.20 views

EUVD-2026-20700

Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.9AI score0.00218EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/07 12:30 a.m.20 views

EUVD-2026-19549

Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio RES prior to version 2026.03 could allow an authenticated remote user to escalate privileges, assume the virtual desktop host instance profile permissions, and interact with...

8.8CVSS5.9AI score0.00841EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/23 8:31 p.m.20 views

EUVD-2026-14538

Blinko is an AI-powered card note-taking project. In versions from 1.8.3 and prior, the fileName parameter is not filtered, allowing path traversal to write files anywhere on the file system. Moreover, this interface only requires authProcedure normal user, not superAdminAuthMiddleware. At time o...

5.3CVSS5.8AI score0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/08 1:9 a.m.20 views

EUVD-2026-5823

A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...

8.8CVSS6.1AI score0.00239EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/23 12:26 p.m.20 views

EUVD-2026-4408

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lwcontentblock' shortcode in all versions up to, and including, 3.1.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.0025EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/21 12:31 a.m.20 views

EUVD-2026-3519

SummaryA command injection vulnerability CWE-78 has been found to exist in the wrangler pages deploy command. The issue occurs because the --commit-hash parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of --commit-hash to...

7.7CVSS6.1AI score0.01393EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/19 5:54 p.m.20 views

EUVD-2026-3209

HCL AION version 2 is affected by a Cacheable HTTP Response vulnerability. This may lead to unintended storage of sensitive or dynamic content, potentially resulting in unauthorized access or information disclosure...

2.8CVSS5.4AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/08 2:49 p.m.20 views

EUVD-2026-1676

Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...

9.2CVSS6.5AI score0.00657EPSS
Exploits1References8
EUVD
EUVD
added 2026/01/07 12:0 a.m.20 views

EUVD-2026-1209

A stored Cross-Site Scripting XSS vulnerability exists in Perch CMS version 3.2. An authenticated attacker with administrative privileges can inject malicious JavaScript code into the “Help button url” setting within the admin panel. The injected payload is stored and executed when any...

6.1CVSS5.2AI score0.00187EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/22 12:30 a.m.20 views

EUVD-2025-204676

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HappyDevs TempTool allows Stored XSS.This issue affects TempTool: from n/a through 1.3.1...

6.5CVSS5.5AI score0.00127EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/18 5:29 a.m.20 views

EUVD-2025-204024

Memory corruption while loading an invalid firmware in boot loader...

7.8CVSS6.6AI score0.00076EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/05 4:33 p.m.20 views

EUVD-2025-37882

Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

5.4CVSS6.3AI score0.00193EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 7:38 p.m.20 views

EUVD-2025-35364

Vert.x-Web vulnerable to Stored Cross-site Scripting in directory listings via file names...

2.3CVSS5.9AI score0.00265EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:31 a.m.20 views

EUVD-2025-32592

The Profile widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, and older unsupported versions uses a user’s name in the “Content-Disposition” header, which allows...

4.8CVSS6.3AI score0.00217EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2014-0227

Malware in sbrugna...

4.3CVSS6.2AI score0.01585EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2017-12020

Malware in sbrugna...

7.5CVSS6.4AI score0.00818EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2005-1013

Malware in sbrugna...

4.3CVSS6.4AI score0.01177EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2017-11111

Malware in sbrugna...

7.5CVSS7.5AI score0.01019EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2019-4111

Malware in sbrugna...

8.8CVSS8.7AI score0.02347EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2021-11564

Malware in sbrugna...

6.5CVSS6.5AI score0.00693EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2015-3333

Malware in sbrugna...

4.6CVSS6.4AI score0.00401EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2018-7589

Malware in sbrugna...

9.8CVSS9.5AI score0.01082EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2019-14741

Malware in sbrugna...

9CVSS8.7AI score0.02479EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2015-7944

Malware in sbrugna...

10CVSS6.1AI score0.0415EPSS
Exploits7References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2015-8684

Malware in sbrugna...

5.5CVSS6.6AI score0.00407EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2021-24341

Malware in sbrugna...

5.7CVSS5.6AI score0.00835EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2021-13805

Malware in sbrugna...

7.8CVSS7.4AI score0.02208EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2020-11856

Malware in sbrugna...

7.5CVSS7.6AI score0.01468EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2021-21627

Malware in sbrugna...

8.8CVSS8.8AI score0.01372EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2021-0373

Malware in sbrugna...

7.7CVSS5.2AI score0.0016EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2019-12655

Malware in sbrugna...

6.2CVSS6.8AI score0.00619EPSS
Exploits0References20
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2007-1975

Malware in sbrugna...

7.8CVSS6.4AI score0.01619EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2020-12717

Malware in sbrugna...

9.8CVSS9.2AI score0.01488EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2021-14193

Malware in sbrugna...

9.8CVSS9.2AI score0.01422EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2017-8763

Malware in sbrugna...

9.8CVSS9.5AI score0.0305EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.20 views

EUVD-2020-2637

Malware in sbrugna...

7CVSS6.6AI score0.0028EPSS
Exploits0References10
Total number of security vulnerabilities5000