Lucene search
K

418516 matches found

EUVD
EUVD
added 2026/06/16 9:32 p.m.12 views

EUVD-2026-37218

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

5.4CVSS5.1AI score0.00272EPSS
Exploits1References4
EUVD
EUVD
added 2026/06/16 9:32 p.m.13 views

EUVD-2026-37202

Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault member to enumerate social login entry metadata to which they are not authorized via a crafted API request...

5.2AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.14 views

EUVD-2026-37178

In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS5.6AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.11 views

EUVD-2026-37190

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.6AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.8 views

EUVD-2026-37211

In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.7AI score0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.10 views

EUVD-2026-37214

In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

5.6AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.12 views

EUVD-2026-37212

In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.6AI score0.00168EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.10 views

EUVD-2026-37174

In RtpPacket::decodePacket, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

4.3CVSS5.7AI score0.00178EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.8 views

EUVD-2026-37175

In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS5.6AI score0.002EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.12 views

EUVD-2026-37216

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00067EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.10 views

EUVD-2026-37169

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.00103EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.8 views

EUVD-2026-37173

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00277EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.8 views

EUVD-2026-37217

In PostWipeData of recoveryui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.7 views

EUVD-2026-37213

In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

6AI score0.00173EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.10 views

EUVD-2026-37209

In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.00277EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.8 views

EUVD-2026-37210

In NrmmMsgCodec::DecodeUPUTransparentContext of cnNrmmDecoder.cpp, there is a possible out-of-bounds read due to memory corruption. This could lead to remote denial of service causing a communication processor crash with no additional execution privileges needed. User interaction is not needed fo...

6.5CVSS5.6AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.9 views

EUVD-2026-37208

In multiple functions of vpuioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00067EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.13 views

EUVD-2026-37171

In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.5AI score0.00073EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.8 views

EUVD-2026-37215

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5AI score0.00285EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.10 views

EUVD-2026-37172

In lwisiobufferwrite of lwisiobuffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.5AI score0.00073EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.10 views

EUVD-2026-37176

In iavbparsekeydata of avbrsa.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00069EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.9 views

EUVD-2026-37170

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS5.6AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:31 p.m.11 views

EUVD-2026-37141

Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the...

7.8CVSS5.2AI score0.03391EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 9:31 p.m.4 views

EUVD-2026-37136

A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...

5.5CVSS5.2AI score0.00129EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/16 9:31 p.m.8 views

EUVD-2026-37135

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS5.2AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:31 p.m.8 views

EUVD-2024-55625

updatediskpsubaseline.sh requires password in plain text...

7.4CVSS5.2AI score0.00096EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:31 p.m.7 views

EUVD-2026-37134

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS5.2AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:31 p.m.9 views

EUVD-2026-37132

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS5.2AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:31 p.m.10 views

EUVD-2026-37133

DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6AI score0.00199EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 9:31 p.m.9 views

EUVD-2026-37139

An authenticated user with the nx-licensing-create privilege can upload a specially crafted license file to execute arbitrary operating system commands as the Nexus process user in Sonatype Nexus Repository 3 versions before 3.92.0...

8.6CVSS5.8AI score0.00296EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 9:31 p.m.9 views

EUVD-2026-37505

Postiz is an AI social media scheduling tool. In versions prior to 2.21.8, the Skool integration callback signed an attacker-controlled JSON blob into a session-shape JWT using the application's JWTSECRET, and the auth middleware trusted every claim in that JWT without re-resolving the user from...

9.9CVSS5.4AI score0.00209EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/16 9:26 p.m.8 views

EUVD-2026-37504

ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...

7.5CVSS5.2AI score0.00782EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/16 9:17 p.m.11 views

EUVD-2026-37500

Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and prior, a high-severity Zip Slip vulnerability was identified in Streambert's subtitle extraction logic. The application does not sanitize archive entry filenames during extraction,...

10CVSS5.5AI score0.00621EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 6:40 p.m.8 views

EUVD-2026-37207

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted...

9.3CVSS5.3AI score0.00523EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/16 6:32 p.m.7 views

EUVD-2026-37204

stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the BINUNICODE opcode...

7.8CVSS5.7AI score0.0018EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/16 6:17 p.m.10 views

EUVD-2026-37198

stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the GLOBAL opcode...

7.8CVSS5.7AI score0.0018EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/16 5:23 p.m.8 views

EUVD-2026-37138

stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. Versions prior to master-584-0a7ae07 are vulnerable to heap buffer overflow in SHORTBINUNICODE parsing for PyTorch checkpoint files. The pickle .ckpt pars...

7.8CVSS6.3AI score0.00203EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/16 5:11 p.m.8 views

EUVD-2026-37137

stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. Versions prior to master-584-0a7ae07 are vulnerable to an out-of-bounds reads error through PyTorch checkpoint pickle opcode parsing. The pickle .ckpt...

5.5CVSS5.5AI score0.00163EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/16 4:29 p.m.8 views

EUVD-2024-55624

api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions...

7CVSS5.2AI score0.00081EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 4:15 p.m.7 views

EUVD-2026-37131

Yeoman Environment provides an API to discover, create, and run generators, and to configure where and how a generator is resolved. Versions 2.9.0 through 6.0.0 install missing local generator packages from caller-supplied package names without user confirmation. In downstream consumers that pass...

8.6CVSS5.9AI score0.00139EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/16 4:9 p.m.17 views

EUVD-2026-37130

NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.5AI score0.00161EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 4:8 p.m.14 views

EUVD-2026-37129

NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS5.3AI score0.00193EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 4:4 p.m.12 views

EUVD-2024-55623

PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser...

5.4CVSS5.5AI score0.00199EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 3:57 p.m.11 views

EUVD-2026-37128

A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...

8.6CVSS5.4AI score0.0044EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 3:42 p.m.7 views

EUVD-2025-210170

An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere with the TLS handshake and abuse it to bypass TLS as a security control...

8.6CVSS5.2AI score0.00208EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 3:26 p.m.8 views

EUVD-2026-37127

Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine...

8.8CVSS5.5AI score0.00297EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/16 3:24 p.m.9 views

EUVD-2024-55622

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run arbitrary code...

8.8CVSS5.8AI score0.00448EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 3:18 p.m.7 views

EUVD-2026-37126

Perry before 0.5.1166 contains a JWT validation vulnerability that allows remote attackers to bypass token expiration by exploiting the unconditional setting of validateexp = false in the verifydecode helper within the stdlib JWT verification path. Attackers in possession of a previously issued...

9.3CVSS5.4AI score0.00357EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 3:18 p.m.7 views

EUVD-2026-37125

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.4AI score0.00136EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 3:16 p.m.7 views

EUVD-2024-55621

Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution...

6.7CVSS5.7AI score0.00099EPSS
Exploits0References1
Total number of security vulnerabilities418516