Lucene search
K

418443 matches found

EUVD
EUVD
•added 2026/06/16 10:19 p.m.•8 views

EUVD-2026-37510

Traccar Client is a GPS tracking mobile app for sending location updates to private servers using the open-source Traccar platform. In versions 9.7.19 and below, a single crafted deep link can silently hijack all GPS tracking parameters and redirect telemetry to an attacker-controlled server. The...

9.3CVSS5.3AI score0.00323EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:43 p.m.•12 views

EUVD-2026-37508

Runtipi is a personal homeserver orchestrator. In versions 4.9.1 through 4.9.3, Runtipi serves marketplace app logos from files inside cloned app-store repositories through an unauthenticated endpoint, which leads to arbitrary file read through app-store logo symlinks. The path guard checks only...

6.5CVSS5.4AI score0.00399EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:38 p.m.•10 views

EUVD-2026-37507

Postiz is an AI social media scheduling tool. Versions prior to 2.21.8 contained an unauthenticated endpoint that accepted a signed token and applied subscription-enforcement side effects to the organization referenced in that token's claims, without verifying the token's intended purpose. The...

4.8CVSS5.4AI score0.0017EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37182

In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00277EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37192

In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.5AI score0.0006EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37203

Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplication with inherited permissions...

5.2AI score0.00201EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•13 views

EUVD-2026-37183

In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.5AI score0.00285EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•15 views

EUVD-2026-37191

In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS5.6AI score0.00169EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37185

In IntfGraphCreate of intfgraph.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37189

In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS5.6AI score0.00169EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•20 views

EUVD-2026-37188

In Modem, there is a possible way to trigger a modem crash during a SIP REFER request due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•21 views

EUVD-2026-37193

In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37187

In Write of msgtohostbuffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00068EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37181

In mfccorenalqgetdecmetadataseinal of mfccorenalq.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00277EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•13 views

EUVD-2026-37195

In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.3AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37205

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting XSS. This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after the login URL and have it...

7.4CVSS5.5AI score0.00149EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•11 views

EUVD-2026-37177

In lwisdeviceexternaleventemit of lwisevent.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.6AI score0.00073EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•11 views

EUVD-2026-37186

In OSMMapPMRGeneric of pmros.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8CVSS5.5AI score0.00071EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•11 views

EUVD-2026-37197

In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.7CVSS5.6AI score0.00171EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37179

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.5AI score0.00068EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37200

Improper access control in PAM account discovery results in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve account discovery scan results...

5.2AI score0.00162EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•11 views

EUVD-2026-37180

In mfccoregetdecmetadataseinal of mfccoreregapi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00277EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37206

The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send arbitrary commands to the device that are executed with administrative permissions by the underlying...

9.1CVSS5.4AI score0.00921EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37201

In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being used in challenge-file handling, allowing a maliciously crafted token to influence local path/filename usage during validation. An attacker who can...

9.8CVSS8.1AI score0.00934EPSS
Exploits0References6
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37199

The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands e.g. system reboot...

8.6CVSS5.4AI score0.00232EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•11 views

EUVD-2026-37196

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•14 views

EUVD-2026-37194

In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS5.7AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•9 views

EUVD-2026-37184

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.3AI score0.00067EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37218

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

5.4CVSS5.1AI score0.00272EPSS
Exploits1References4
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•13 views

EUVD-2026-37202

Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault member to enumerate social login entry metadata to which they are not authorized via a crafted API request...

5.2AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•14 views

EUVD-2026-37178

In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS5.6AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•11 views

EUVD-2026-37190

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.6AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•8 views

EUVD-2026-37211

In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.7AI score0.00182EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37214

In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

5.6AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37212

In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.6AI score0.00168EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37174

In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

4.3CVSS5.7AI score0.00178EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•8 views

EUVD-2026-37175

In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS5.6AI score0.002EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•12 views

EUVD-2026-37216

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00067EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37169

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.00103EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•8 views

EUVD-2026-37173

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00277EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•8 views

EUVD-2026-37217

In PostWipeData of recoveryui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•7 views

EUVD-2026-37213

In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

6AI score0.00173EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37209

In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.00277EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•8 views

EUVD-2026-37210

In NrmmMsgCodec::DecodeUPUTransparentContext of cnNrmmDecoder.cpp, there is a possible out-of-bounds read due to memory corruption. This could lead to remote denial of service causing a communication processor crash with no additional execution privileges needed. User interaction is not needed fo...

6.5CVSS5.6AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•9 views

EUVD-2026-37208

In multiple functions of vpuioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00067EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•13 views

EUVD-2026-37171

In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.5AI score0.00073EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•8 views

EUVD-2026-37215

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5AI score0.00285EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37172

In lwisiobufferwrite of lwisiobuffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.5AI score0.00073EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•10 views

EUVD-2026-37176

In iavbparsekeydata of avbrsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00069EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/16 9:32 p.m.•9 views

EUVD-2026-37170

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS5.6AI score0.00253EPSS
Exploits0References2
Total number of security vulnerabilities418443