Lucene search
K

418955 matches found

EUVD
EUVD
added 2026/06/12 5:33 p.m.14 views

EUVD-2026-36516

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS5.2AI score0.00135EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 5:31 p.m.12 views

EUVD-2026-36515

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been...

4.3CVSS5.2AI score0.00161EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 5:31 p.m.12 views

EUVD-2026-36514

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

8CVSS5.8AI score0.00567EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 5:30 p.m.11 views

EUVD-2026-36513

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB on WIndows with installed CONNECT engine and enabled REST support interpolated table HTTP...

6.3CVSS5.5AI score0.00797EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 5:12 p.m.13 views

EUVD-2026-36512

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is an unauthenticated denial-of-service vulnerability in the /multisearch endpoint. A specially crafted request can trigger an unhandled exception during request processing, causing the server process to...

8.7CVSS5.3AI score0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 5:12 p.m.11 views

EUVD-2026-36511

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

6CVSS5.3AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 5:8 p.m.14 views

EUVD-2026-36510

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6AI score0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 5:7 p.m.46 views

EUVD-2026-36509

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a...

10CVSS5.5AI score0.0116EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/12 5:6 p.m.12 views

EUVD-2026-36508

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap out-of-bounds read exists in the Android Verified Boot AVB vbmeta image parser in NanaZip via the upstream 7-Zip AvbHandler. A 32-bit unsigned integer overflow ...

5.4CVSS5.4AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 4:57 p.m.12 views

EUVD-2026-36507

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...

4.3CVSS5.3AI score0.00187EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 4:56 p.m.11 views

EUVD-2026-36506

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap out-of-bounds read exists in the Android Verified Boot AVB vbmeta image parser in NanaZip via the upstream 7-Zip AvbHandler. An unsigned integer underflow in a...

5.4CVSS5.3AI score0.0017EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 4:25 p.m.10 views

EUVD-2026-36505

Capgo Console prior to 12.28.2 contains a denial-of-service vulnerability in its account deletion flow that allows an attacker to block authentication and onboarding functions by triggering account deletion while a device identifier is linked to the active session. The platform incorrectly...

7.1CVSS5.2AI score0.00329EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 3:56 p.m.14 views

EUVD-2026-36504

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 Mattermost fails to sanitize FileInfo.Name received from federated peers during shared channel file sync, which allows an attacker who controls a federated server to write files to arbitrary locations...

7.6CVSS5.4AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:54 p.m.11 views

EUVD-2026-36503

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 Mattermost fails to require role-management authorization when setting the schemeadmin flag on group syncable link and patch endpoints, which allows a user with group-link permissions to escalate themselv...

8.8CVSS5.3AI score0.00298EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:52 p.m.11 views

EUVD-2026-36502

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to validate that a username returned during bot registration belongs to a bot account, which allows an unprivileged attacker to intercept private messages sent by plugins via direct message channels ...

5.3CVSS5.2AI score0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:51 p.m.12 views

EUVD-2026-36501

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 Fail to enforce PermissionInviteUser when setting AllowOpenInvite or AllowedDomains during team creation the check was only applied on update/patch, which allows an authenticated user holding...

4.3CVSS5.3AI score0.00152EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:49 p.m.9 views

EUVD-2026-36500

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15 fail to sanitize the Remote Cluster API response on PATCH operations, which allows authenticated users with the managesecureconnections permission to obtain remote cluster authentication tokens via a PATCH request to the...

6.5CVSS5.4AI score0.00255EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:49 p.m.11 views

EUVD-2026-36499

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to require system-level permission when patching protected default system roles, which allows authenticated users with delegated user-management permissions to escalate privileges by altering built-i...

6.7CVSS5.2AI score0.00257EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:46 p.m.9 views

EUVD-2026-36498

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to restrict roleupdated websocket event broadcasts to members of the affected team or channel which allows an authenticated attacker with guest-level access to observe permission scheme change...

4.3CVSS5.3AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:45 p.m.11 views

EUVD-2026-36497

A vulnerability in Kedro version 1.2.0 allows an attacker to exploit path traversal by providing a crafted version string. The getversionedpath method in kedro/io/core.py directly interpolates user-supplied version strings into filesystem paths without sanitization. This enables an attacker to...

7.1CVSS7.2AI score0.00186EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/12 3:42 p.m.13 views

EUVD-2026-36496

Cap-go prior to 12.128.2 contains an account takeover vulnerability in its email change mechanism that allows an attacker with temporary authenticated session access to change the registered email address without re-authentication such as password or MFA verification. Attackers can redirect...

7.6CVSS5.3AI score0.00267EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 3:16 p.m.23 views

EUVD-2026-36484

A code injection vulnerability in version 0.4.17 or later of the ChromaDB Python project allows an authenticated attacker to run arbitrary code on the server by sending a malicious model repository and trustremotecode set to true in...

9.4CVSS5.8AI score0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:11 p.m.13 views

EUVD-2026-36483

All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the authorization layer, allowing attackers to bypass authorization controls by using the V1 endpoints...

8.8CVSS5.3AI score0.00284EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:8 p.m.14 views

EUVD-2026-32593

Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection...

7.7CVSS5.2AI score0.00217EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 3:8 p.m.10 views

EUVD-2026-32594

Budibase: SSRF via User-Controlled queryId in Automation Execute Query Step...

5.1CVSS5.2AI score0.00329EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 3:3 p.m.10 views

EUVD-2026-36482

The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, database, or collection that permission applies to allowing users to perform cross tenant actions...

8.8CVSS5.1AI score0.00237EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 3:2 p.m.9 views

EUVD-2026-36481

Aqara Home Android com.lumiunited.aqarahome 6.0.0 and white-label clients embedding the same liblumidevsdk.so uses hard-coded cryptographic keys, which is an instance of "CWE-321: Use of Hard-coded Cryptographic Key" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 9.1...

9.1CVSS5.2AI score0.00246EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/12 3:2 p.m.12 views

EUVD-2026-36480

The Aqara Cloud OAuth Authorization Endpoint open-cn.aqara.com/oauth/authorize is vulnerable to a redirect bypass due to lax controls on domain matching, which is an instance of "CWE-1289: Improper Validation of Unsafe Equivalence in Input" and has an estimated CVSS of...

9.3CVSS5.2AI score0.00253EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/12 3:2 p.m.11 views

EUVD-2026-36479

The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...

6.1CVSS5.2AI score0.00147EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/12 3:1 p.m.8 views

EUVD-2026-36478

The Aqara Developer Portal developer.aqara.com and shared test environments developer-test.aqara.com, aiot-test.aqara.com exhibit cross-origin request sharing, which is an instance of "CWE-942: Permissive Cross-domain Policy with Untrusted Domains," and has an estimated CVSS of...

8.2CVSS5.3AI score0.00182EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/12 3:1 p.m.8 views

EUVD-2026-36477

The Aqara IAM/SSO gateway gw-builder.aqara.com exhibits a cross-origin request sharing vulnerability, which is an instance of "CWE-942: Permissive Cross-domain Policy with Untrusted Domains," and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N 8.2 High...

8.2CVSS5.2AI score0.00192EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/12 3:1 p.m.9 views

EUVD-2026-36476

The Aqara IAM/SSO gateway gw-builder.aqara.com exposes bidirectional AES round-trups against the platform's signing key without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and "CWE-327: Use of a Broken or Risky Cryptographic Algorithm," and has a...

10CVSS5.2AI score0.00222EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/12 3:1 p.m.11 views

EUVD-2026-36475

The Aqara Board service op-test.aqara.com accepts arbitrary MQTT command payloads, and forwards them to the platfom's HiveMQ broker without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and has an estimated CVSS...

8.6CVSS5.5AI score0.00278EPSS
Exploits2References2
EUVD
EUVD
added 2026/06/12 3:1 p.m.12 views

EUVD-2026-36474

The Aqara Cloud Production API open-cn.aqara.com/v3.0/open/api would authorize any valid developer token for access to any account. This is an instance of "CWE-862: Missing Authorization" with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N 9.6 Critical. When combined with...

9.6CVSS5.3AI score0.00219EPSS
Exploits2References2
EUVD
EUVD
added 2026/06/12 3:0 p.m.14 views

EUVD-2026-36473

The Aqara IAM/SSO Gateway gw-builder.aqara.com used a hardcoded OAuth client credential, which is an instance of "CWE-798: Use of Hard-coded Credentials." This issue has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 9.1 Critical. When combined with CVE-2026-50082, CVE-50084, a...

9.1CVSS5.3AI score0.00246EPSS
Exploits2References2
EUVD
EUVD
added 2026/06/12 3:0 p.m.10 views

EUVD-2026-36472

The Aqara Cloud Developer Portal developer.aqara.com issued a developer token to any email address supplied by the attacker. This is an instance of "CWE-306: Missing Authentication for Critical Function" with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 6.5 Medium. When...

6.5CVSS5.4AI score0.00219EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/12 2:57 p.m.11 views

EUVD-2026-36470

Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems. These versions default to using 1000 iterations. Depending on the chosen algorithm, 220,000 to 1,400,000...

5.3CVSS5.3AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 2:56 p.m.10 views

EUVD-2026-36469

unboundedspsc is an "unbounded" extension of boundedspscqueue. In versions 0.2.0 and prior, sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race. At time of publication, there are no publicly available patches...

5.8CVSS5.2AI score0.0013EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/12 2:52 p.m.13 views

EUVD-2026-36466

OpenTelemetry-cpp is the C++ implementation of OpenTelemetry. Prior to release 1.27.0, the OTLP HTTP exporters traces/metrics/logs read the full HTTP response into an in-memory vector of bytes without a size cap. This is exploitable for memory exhaustion when the configured collector endpoint is...

5.3CVSS5.3AI score0.00206EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/12 2:50 p.m.14 views

EUVD-2026-36464

A lack of authorization validation in version 1.0.0 or later of the ChromaDB Rust project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.2AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:49 p.m.14 views

EUVD-2026-36463

IPAM is the IP address Manager for Cluster API Provider Metal3. Prior to versions 1.11.7, 1.12.4, and 1.13.0, the IPAM controller's ClusterRole granted full CRUD permissions create, delete, get, list, patch, update, watch on core/v1 Secrets. The controller never accesses Secrets during normal...

4.4CVSS5.3AI score0.00333EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/12 2:46 p.m.11 views

EUVD-2026-36461

A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS5.2AI score0.00345EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:45 p.m.10 views

EUVD-2026-36460

Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, there is a stored XSS vulnerablity in Frappe Report/List View. This issue has been patched in versions 15.107.2 and 16.17.4...

6.9CVSS5.1AI score0.00258EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:43 p.m.11 views

EUVD-2026-36458

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, a lack of permission checks in these endpoints allowed unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...

6.9CVSS5.2AI score0.0026EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:42 p.m.11 views

EUVD-2026-36457

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

8.7CVSS5.5AI score0.00606EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 2:41 p.m.11 views

EUVD-2026-36456

Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

7.5CVSS5.3AI score0.00305EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 2:39 p.m.13 views

EUVD-2026-36495

Frappe is a full-stack web application framework. Prior to version 16.17.4, any authenticated user can access private files by guessing the file path. This issue has been patched in version 16.17.4...

5.3CVSS5.2AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:39 p.m.10 views

EUVD-2026-36494

Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the DelegatingDecompressorFrameListener class orchestrates HTTP/2 decompression by embedding a per-stream EmbeddedChannel that runs the...

5.3CVSS5.2AI score0.00594EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 2:38 p.m.10 views

EUVD-2026-36493

Frappe is a full-stack web application framework. Prior to version 16.17.4, any user can modify any field in any Onboarding Step record. This issue has been patched in version 16.17.4...

5.3CVSS5.2AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:36 p.m.16 views

EUVD-2026-36492

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate...

8.7CVSS5.3AI score0.00489EPSS
Exploits0References3
Total number of security vulnerabilities418955