Lucene search
K

417642 matches found

EUVD
EUVD
added 5 days ago6 views

EUVD-2025-210389

picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserializatio...

8.1CVSS6.5AI score0.00585EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40415

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the removevideo action of the playlist endpoint...

7.1CVSS5.9AI score0.00225EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago5 views

EUVD-2025-210391

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS6.1AI score0.00499EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago5 views

EUVD-2025-210386

picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collectenv.run function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...

8.1CVSS5.9AI score0.00395EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago6 views

EUVD-2025-210385

picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using trace.Trace.run in the reduce method to achieve arbitrary code execution when...

8.1CVSS6.4AI score0.00562EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40414

Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication AUTHUSERNAME/AUTHPASSWORD, is reachable unauthenticated at /mcp because the nginx front-end does not apply the authrequest gate to that path and the MCP server auto-mints a...

6.9CVSS5.8AI score0.00437EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40419

Invoice Ninja through 5.13.26 contains an open redirect vulnerability in the client portal login that allows unauthenticated attackers to redirect authenticated victims to attacker-controlled external URLs by injecting a malicious value into the intended query parameter. Attackers can craft a...

5.3CVSS5.8AI score0.00176EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-40421

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it...

8.7CVSS5.9AI score0.00379EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago10 views

EUVD-2026-40866

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub416f28 component...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-40417

An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation...

8.8CVSS5.7AI score0.00374EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-40422

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40420

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS5.8AI score0.00379EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-40413

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability...

7.4CVSS5.8AI score0.00418EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40863

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to execute arbitrary code via the register function in inc/auth.php...

9.8CVSS6.2AI score0.0051EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40424

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40860

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via ...

9.4CVSS5.9AI score0.00203EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40859

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions prior to 1.3.6, 1.4.0-rc.1, 1.4.0-rc.12, 1.5.0-rc.1, and 1.5.0-rc.1, when setting up the container rootfs, setupPtmx and setupDevSymlinks call os.Remove and os.Symlink with a filepath.Join strin...

3.3CVSS5.9AI score0.00222EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago10 views

EUVD-2026-40858

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40857

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, is vulnerable to Use-After-Free when in SAJ mode. The Oj::Parser does not protect cached object keys ≥ 35 bytes from garbage collection, and a Ruby callback that triggers GC inside hashend ca...

6.3CVSS5.7AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40856

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj::Parser in usual mode does not mark arrayclass and hashclass references during garbage collection, leading to Use-After-Free. If GC runs after the class is assigned but before a parse,...

6.3CVSS5.7AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40855

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...

6.3CVSS5.7AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40854

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...

2.1CVSS5.9AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40853

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...

2.1CVSS5.7AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40852

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...

2.1CVSS6AI score0.00119EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-40851

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in...

7.5CVSS5.9AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40850

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without...

6.3CVSS6.1AI score0.00257EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40849

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory and, for long keys, reads out of bounds when parsing a JSON object whose key is 254 bytes or longer. The interned bytes can surfac...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40848

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbolkeys on a reused Oj::Parser instance triggers a heap use-after-free. When symbolkeys is toggled from true to false, optsymbolkeysset frees the internal key cache cachefree but...

6.3CVSS5.7AI score0.00428EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40847

c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0, c3p0 in combination with other libraries, can compose to a "sink" for deserialization gadgets. The JDBC spec's DataSource.getConnection and ConnectionPoolDataSource.getPooledConnection match the getXXX form, so JavaBean...

6.3CVSS5.7AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40456

electron-updater allows for automatic updates for Electron apps. Prior to 26.15.0, AppImage targets built by app-builder-lib could use an empty path component when setting the LDLIBRARYPATH environment variable at runtime. This causes the current working directory to be added to the dynamic linke...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40455

electron-updater allows for automatic updates for Electron apps. Prior to 9.7.0, the HTTP redirect handler HttpExecutor.prepareRedirectUrlOptions only stripped a credential header whose key string matched exactly lowercase "authorization", exposing credentials. Other credential-bearing headers —...

8.2CVSS5.7AI score0.00235EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-40626

Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dumpobj, io and JSON::Stategenerateobj, io can write past the internal JSON generat...

3.7CVSS6AI score0.00301EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-40425

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAXDECLAREDSTREAMLENGTH is sometimes ignored. This requires parsing a content stream...

6.9CVSS5.7AI score0.00263EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40423

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...

7.5CVSS5.7AI score0.00278EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago5 views

EUVD-2025-31198

Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles...

7.8CVSS6.6AI score0.00224EPSS
Exploits1References9
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-31199

Open Babel has out-of-bounds write overlapping memcpy in zipstream basicunzipstreambuf::underflow...

7.8CVSS6.3AI score0.00202EPSS
Exploits1References9
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40412

An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...

8.7CVSS5.8AI score0.00395EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40411

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console...

8.5CVSS5.6AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-40410

An unauthenticated URL redirection vulnerability has been identified in Archer AX20 V2 due to improper validation of user-supplied URL input within the web interface. An unauthenticated attacker can craft URLs containing URL-encoded path traversal sequences. When processed by the embedded web...

5.9CVSS5.8AI score0.00296EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-210384

IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...

5.9CVSS5.8AI score0.00203EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40409

FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by...

8.7CVSS5.8AI score0.00352EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40408

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range an...

6CVSS5.9AI score0.00257EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago5 views

EUVD-2025-210383

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to cause a temporary denial using a specially crafted HTTP request due to improper allocation of resource throttling...

4.3CVSS5.8AI score0.00422EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2025-210382

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

6.4CVSS5.5AI score0.00251EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-40407

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. An attacker could exploit this by creating an OAuth application requesting the managerunners:org scope and directing ...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References5
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-210381

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.7CVSS5.8AI score0.00398EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-210380

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.5AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-210379

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

4.3CVSS5.8AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-210378

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security...

6.5CVSS5.8AI score0.00375EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2025-210377

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4.3CVSS5.8AI score0.00359EPSS
Exploits0References1
Total number of security vulnerabilities417642