Lucene search
K

417634 matches found

EUVD
EUVD
added 2026/06/28 1:32 a.m.8 views

EUVD-2026-39972

7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR5 STM record named ':Zone.Identifier:$DATA' is not matched...

4.8CVSS5.8AI score0.00119EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/28 1:32 a.m.7 views

EUVD-2026-39970

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/28 1:32 a.m.8 views

EUVD-2026-39969

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/28 12:30 a.m.9 views

EUVD-2026-39968

The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due to a case-sensitive bypass of the wpfmdirpath parameter sanitization in the wpfmfilemetaupdate AJAX handler, where supplying WPFMDIRPATH i...

8.1CVSS5.8AI score0.00417EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/27 10:59 p.m.8 views

EUVD-2026-39967

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS6AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 9:25 a.m.11 views

EUVD-2026-39960

The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An...

6AI score0.00107EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 9:22 a.m.9 views

EUVD-2026-39966

The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. An unprivileged local user ca...

5.8AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 9:8 a.m.8 views

EUVD-2026-39965

The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and set-group-ID executables. A...

5.8AI score0.00098EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/27 9:2 a.m.11 views

EUVD-2026-39964

The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed memory. An unprivileged...

5.8AI score0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 8:59 a.m.10 views

EUVD-2026-39963

sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. A process in capability mode can use sigqueue2 to send signa...

5.7AI score0.00092EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 8:50 a.m.9 views

EUVD-2026-39962

dspmmapsingle validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and length wrapped around and passed the check. The offset was then narrowed from 64 to 32 bits when converted to ...

6AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 8:48 a.m.12 views

EUVD-2026-39961

Second, the audio buffer backing a mapping could be freed when the device was closed even though the mapping remained valid. The freed memory could then be reused elsewhere while still accessible through the stale mapping. The /dev/dsp device nodes are world-accessible by default. On a system wit...

5.9AI score0.00125EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 6:50 a.m.7 views

EUVD-2026-39959

The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS5.9AI score0.00246EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/27 6:50 a.m.10 views

EUVD-2026-39957

The WP Full Stripe Free plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 8.4.3 via the wpfsupdatefailedpaymentstatus AJAX action. The handler is registered through both wpajax and wpajaxnopriv hooks and the underlying updatefailedpaymentstatus function...

5.3CVSS5.6AI score0.00323EPSS
Exploits2References10
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39958

The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'uploadcsv' and 'processbatch' functions in all versions up to, and including, 1.8.9. This makes it possible for authenticated attackers, with Subscriber-level access an...

6.5CVSS5.9AI score0.00276EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/27 6:50 a.m.8 views

EUVD-2026-39956

The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'infusionsoft-form' shortcode in versions up to, and including, 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied 'account' and 'id' shortcode...

6.4CVSS5.9AI score0.00193EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39955

The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via panelsdata Parameter in all versions up to, and including, 2.34.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6AI score0.00241EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39953

The Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39952

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39954

The Spexo theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the activateplugin function in all versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate a limited set o...

4.3CVSS5.8AI score0.00196EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/27 6:50 a.m.8 views

EUVD-2026-39951

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the invoke methods of the...

4.3CVSS5.9AI score0.00213EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/27 6:50 a.m.10 views

EUVD-2026-39950

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Product SKU in all versions up to, and including, 5.0.4 due to insufficient input sanitization and output escaping. This mak...

6.4CVSS5.8AI score0.0022EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39949

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data Authenticity in all versions up to and including 6.0.8.6. This is due to the PayPal IPN callback handler...

5.3CVSS5.8AI score0.00232EPSS
Exploits0References14
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39948

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.4 via the 'id' parameter due to missing validation on a user controlled key. This...

4.3CVSS5.7AI score0.00271EPSS
Exploits0References14
EUVD
EUVD
added 2026/06/27 6:0 a.m.7 views

EUVD-2026-39947

The Shariff for WordPress Shariff for WordPress plugin through 1.0.11 does not sanitize or escape the shariffinfourl setting before outputting it in the frontend HTML via the generateshariff function, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...

5.8AI score0.00142EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 6:0 a.m.9 views

EUVD-2026-39946

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.16.17 does not verify that the user performing a subscription action owns the targeted subscription, allowing any authenticated user Subscriber+ to cancel other...

5.8AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 5:33 a.m.7 views

EUVD-2026-39945

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/27 5:33 a.m.8 views

EUVD-2026-39944

The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.9AI score0.00211EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/27 4:30 a.m.9 views

EUVD-2026-39943

The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravelinvoiceeditaccount AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wpajaxnoprivpravelinvoiceeditaccount, accepts an attacker-controlled...

9.8CVSS5.8AI score0.00662EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/27 1:43 a.m.10 views

EUVD-2025-210365

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 1:27 a.m.9 views

EUVD-2026-39932

The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdqvalidatenonce function. This makes it possible for unauthenticated attackers to delete or modify quizzes and questions, create ne...

4.3CVSS5.6AI score0.00179EPSS
Exploits0References16
EUVD
EUVD
added 2026/06/27 1:27 a.m.12 views

EUVD-2026-39931

The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menutitle' and 'menumagnifiercolor' Settings in all versions up to, and including, 5.5.15 due to insufficient input sanitization and output escaping. This makes it possible for...

4.4CVSS5.9AI score0.00251EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/27 1:27 a.m.7 views

EUVD-2026-39930

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via 'queryselect' Parameter in all versions up to, and including, 4.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS6AI score0.00344EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/27 1:27 a.m.7 views

EUVD-2026-39929

The CodePeople Post Map for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'cpmpoint' Post Meta in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.0021EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/27 1:27 a.m.9 views

EUVD-2026-39928

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'search' parameter in all versions up to, and including, 4.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS5.8AI score0.0028EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/27 1:19 a.m.8 views

EUVD-2023-60599

HCL Traveler for Microsoft Outlook HTMO is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerabl...

7.7CVSS5.8AI score0.00108EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 12:30 a.m.7 views

EUVD-2026-39926

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS5.9AI score0.00653EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/27 12:30 a.m.6 views

EUVD-2026-39924

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS5.9AI score0.00341EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/27 12:30 a.m.11 views

EUVD-2026-39925

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS5.8AI score0.0045EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/27 12:30 a.m.7 views

EUVD-2026-39923

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS6AI score0.00839EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/27 12:30 a.m.6 views

EUVD-2026-39927

A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to store arbitrary file content to fixed, persistent filesystem locations without validating file type, structure, or size. This design omission enables the placement of unexpected or...

8.6CVSS5.9AI score0.004EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/27 12:30 a.m.7 views

EUVD-2026-39934

A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.8AI score0.00125EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/27 12:30 a.m.6 views

EUVD-2026-39936

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

6AI score0.00113EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/27 12:30 a.m.7 views

EUVD-2026-39933

An issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServerApp.dll, TechnitiumLibrary.Net/Dns/DnsClient.cs components...

5.8AI score0.00386EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/27 12:30 a.m.7 views

EUVD-2026-39942

A stored cross-site scripting XSS vulnerability in the item type administration page of Koha Library Management System through 25.11 allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the item type check-in message field checkinmsg...

5.8AI score0.00196EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/27 12:30 a.m.6 views

EUVD-2026-39941

A stored cross-site scripting XSS vulnerability in the OPAC item detail page of Koha Library Management System through 25.11 allows an authenticated remote attacker with edititems permission to inject arbitrary web scripts via the item public notes field items.itemnotes...

5.8AI score0.00196EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/27 12:30 a.m.5 views

EUVD-2026-39940

Cross-Site Scripting XSS vulnerability in the patron restriction type administration page of Koha Library Management System through 25.11 allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label displaytext field...

6AI score0.0022EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/27 12:30 a.m.5 views

EUVD-2026-39935

A stack overflow in the AP4Array::EnsureCapacity component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.8AI score0.00142EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 11:54 p.m.9 views

EUVD-2026-39487

pnpm: stage download writes outside its destination directory via manifest name/version traversal...

7.1CVSS5.8AI score0.00267EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/26 11:46 p.m.12 views

EUVD-2026-39485

pnpm: Reserved bin name deletes PNPMHOME during global remove...

6.5CVSS5.8AI score0.00286EPSS
Exploits1References2
Total number of security vulnerabilities417634