Lucene search
K

419016 matches found

EUVD
EUVD
•added 2026/06/10 3:4 a.m.•10 views

EUVD-2025-210099

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.01049EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/10 3:2 a.m.•11 views

EUVD-2025-210098

A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...

6.9CVSS5.4AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/10 2:34 a.m.•12 views

EUVD-2025-210097

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS5.5AI score0.00331EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/10 1:38 a.m.•12 views

EUVD-2025-210096

A cross-site request forgery CSRF vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: Notification Center 1.10.0.3291...

5.1CVSS5.4AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/10 1:38 a.m.•12 views

EUVD-2025-210095

QTS, QuTS hero, QuTScloud are not affected. We have already fixed the vulnerability in the following version:...

5.1CVSS5.5AI score0.00288EPSS
Exploits1References1
EUVD
EUVD
•added 2026/06/10 1:37 a.m.•12 views

EUVD-2025-210094

QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later...

9.2CVSS5.5AI score0.0029EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/10 12:35 a.m.•11 views

EUVD-2026-35919

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...

4.6CVSS5.4AI score0.00228EPSS
Exploits0References7
EUVD
EUVD
•added 2026/06/10 12:34 a.m.•12 views

EUVD-2026-35918

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...

7.1CVSS5.8AI score0.00325EPSS
Exploits0References7
EUVD
EUVD
•added 2026/06/10 12:34 a.m.•12 views

EUVD-2026-35917

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in espsecureservices.c and espsecureservicesiram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked...

7.1CVSS5.4AI score0.00117EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/10 12:33 a.m.•12 views

EUVD-2026-35916

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.3AI score0.00126EPSS
Exploits0References7
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•13 views

EUVD-2026-35878

BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names containing regex metacharacters. Attackers can submit...

7.1CVSS5.5AI score0.00288EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•14 views

EUVD-2026-35877

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a userid parameter in the request. Attackers can pass another user's identifier to the...

8.6CVSS5.6AI score0.00294EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•13 views

EUVD-2026-35911

SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. Affected versions: Spring Security 5.7....

6.8CVSS5.5AI score0.00116EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•14 views

EUVD-2026-35879

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary userid because the getitemspermissionscheck meth...

5.3CVSS5.6AI score0.00193EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35907

Spring Data REST serializes the full exception cause chain into HTTP error response bodies, potentially exposing persistence-layer internals to HTTP clients. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14; 4.5.0 through 4.5.11; 5.0.0 through...

5.3CVSS5.5AI score0.00197EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35901

A SpEL Injection vulnerability exists in the Spring Data KeyValue if unsanitized user input is passed as Sort into a repository query method that delegates evaluation to the SpelPropertyComparator. Affected versions: Spring Data KeyValue / Spring Data Redis 4.0.0 through 4.0.5; 3.5.0 through...

6.4CVSS5.5AI score0.00202EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35905

Spring Data REST's JSON Patch application/json-patch+json implementation does not apply the write-access filter to intermediate path segments when resolving a multi-segment JSON Pointer. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14; 4.5.0...

7.5CVSS5.5AI score0.00306EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•15 views

EUVD-2026-35906

Spring Data REST is vulnerable to SpEL expression injection through map-typed properties when processing JSON Patch application/json-patch+json requests. When a persistent entity exposes a Map-typed property, the JSON Pointer path segment used as the map key is embedded directly into a SpEL...

8.1CVSS5.5AI score0.00393EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35908

JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Combined with Jackson's default bean deserialization, a producer could supply crafted...

8.1CVSS5.6AI score0.00489EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•13 views

EUVD-2026-35909

JsonPulsarHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Additionally, an empty trusted-packages configuration fell back to trusting all packages rather than applying a safe default...

8.1CVSS5.5AI score0.00347EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•15 views

EUVD-2026-35903

When an application opts into DelegatingDeserializer, a producer can grow the consumer's heap without bound by sending records with unique random spring.kafka.serialization.selector header values, eventually causing GC thrash and OutOfMemoryError. Affected versions: Spring for Apache Kafka 4.0.0...

6.5CVSS5.5AI score0.00289EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•13 views

EUVD-2026-35910

Spring Data REST's Querydsl integration accepts arbitrary persistent property paths as request-parameter filter keys and does not consider Jackson customizations before handing them to Querydsl. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14;...

5.3CVSS5.6AI score0.00191EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•13 views

EUVD-2026-35902

Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...

5.9CVSS5.5AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•14 views

EUVD-2026-35904

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retrytopic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

6.5CVSS5.5AI score0.0024EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•16 views

EUVD-2026-35896

Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after a successful login. In affected versions, the full absolute URL is stored in the cookie and is us...

6.1CVSS5.5AI score0.00211EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35888

Spring Security Authorization Server's authorization endpoint performs insufficient validation of the requesturi parameter. An attacker can craft a malicious authorization request containing an invalid requesturi and an arbitrary, unvalidated redirecturi, which can lead to an Open Redirect...

6.1CVSS5.5AI score0.00172EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•15 views

EUVD-2026-35883

An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory. Affected versions: Spring Security 5.7.0 through 5.7.23;...

7.5CVSS5.5AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•10 views

EUVD-2026-35889

Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions: Spring Security 5.7.0...

3.7CVSS5.5AI score0.00137EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•11 views

EUVD-2026-35853

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

7.1CVSS5.5AI score0.00224EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35885

When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a malicious API can perform an XXE injection attack when the documentation-generating tests are next execute...

5.9CVSS5.5AI score0.00223EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•13 views

EUVD-2026-35893

Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher STARTING, ENDING, or CONTAINING in Query By Example QBE. An attacker can supply wildcard characters to perform boolean-based blind data inference. Affected versions: Spring Data...

4.8CVSS5.5AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•10 views

EUVD-2026-35892

Spring Data MongoDB repository query methods annotated with @Query that use regex parameter binding perform insufficient validation of the bound parameter. An attacker can supply a crafted string to break out of the intended regular expression quoting. Affected versions: Spring Data MongoDB 5.0.0...

5.9CVSS5.5AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•13 views

EUVD-2026-35897

Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...

5.9CVSS5.4AI score0.0028EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•11 views

EUVD-2026-35887

An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10;...

7.6CVSS5.8AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•14 views

EUVD-2026-35899

Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3.16; 3.4.0 through 3.4.14; 3.5.0 through 3.5.11;...

7.5CVSS5.5AI score0.00363EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•11 views

EUVD-2026-35900

Spring Data MongoDB contains a SpEL Spring Expression Language expression injection vulnerability. The issue occurs during parameter binding when a user-defined repository query method is annotated with @Query and utilizes a capture-all placeholder. Affected versions: Spring Data MongoDB 5.0.0...

8.1CVSS5.5AI score0.00328EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•11 views

EUVD-2026-35898

Applications that configure their broker connection via RabbitConnectionFactoryBean.setUri"amqps://..." without also calling setUseSSLtrue get TLS encryption with no certificate validation and no hostname verification. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1....

4CVSS5.5AI score0.00132EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35895

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS5.5AI score0.00173EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•11 views

EUVD-2026-35852

The $internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $internalApplyOplogUpdate can be executed by any authenticated user with access to the aggregate command...

8.1CVSS5.6AI score0.00298EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•10 views

EUVD-2026-35886

An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository saml2assertingpartymetadata may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials verificationcredentials and...

7.3CVSS5.5AI score0.00198EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•13 views

EUVD-2026-35861

In MongoDB Server 8.0, an aggregation stage can leave its subPipeline field null during processing of certain pipelines. If a getMore is subsequently issued on the same cursor, the server may dereference this null sub-pipeline when reattaching to the operation context, accessing an invalid addres...

7.1CVSS5.5AI score0.00307EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•19 views

EUVD-2026-35862

When using $changestreams and $requestReshardingResumeToken with the exchange option the server hits an invariant which causes the server to crash. There are no special privileges needed. The user must be logged in to issue the statement...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•11 views

EUVD-2026-35867

The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text...

6.8CVSS5.5AI score0.00109EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35864

The $internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines...

7.1CVSS5.4AI score0.00323EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•11 views

EUVD-2026-35856

MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction...

6.8CVSS5.5AI score0.00119EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•11 views

EUVD-2026-35851

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35863

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35845

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this iss...

6.2CVSS5.5AI score0.00153EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•10 views

EUVD-2026-35866

An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain...

7.1CVSS5.7AI score0.00368EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/10 12:31 a.m.•12 views

EUVD-2026-35857

A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain nested binary data structures permits uncontrolled mutual recursion between validation functions,...

8.7CVSS5.5AI score0.00345EPSS
Exploits0References2
Total number of security vulnerabilities419016