Lucene search
K

417709 matches found

EUVD
EUVD
added 2026/06/25 3:43 p.m.4 views

EUVD-2026-39455

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS6.2AI score0.00308EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 3:39 p.m.5 views

EUVD-2026-39454

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user or attacker with a stolen session even when 2FA is already fully enabled on the account. This endpoint overwrites the existi...

5.3CVSS6AI score0.00213EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/25 3:39 p.m.4 views

EUVD-2026-39453

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1...

6.7CVSS5.9AI score0.00123EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:34 p.m.5 views

EUVD-2026-39452

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS5.8AI score0.00126EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:32 p.m.7 views

EUVD-2026-39451

Vim is an open source, command line text editor. Prior to 9.2.0662, the dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded only by the trie structure itself; it is never check...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:31 p.m.5 views

EUVD-2026-39450

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when deleting a local file from the browser. A filename derived from the buffer's directory...

8.4CVSS6.2AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:28 p.m.6 views

EUVD-2026-39449

Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...

5.3CVSS5.9AI score0.00113EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:27 p.m.6 views

EUVD-2026-39448

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:26 p.m.7 views

EUVD-2026-39447

The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:26 p.m.5 views

EUVD-2026-39446

Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds the PowerShell command by inserting archive entry names that are quot...

6.5CVSS6.2AI score0.00137EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:26 p.m.4 views

EUVD-2026-39445

A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...

3.4CVSS5.9AI score0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:26 p.m.6 views

EUVD-2026-39444

List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...

7.5CVSS6.2AI score0.00419EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 3:25 p.m.4 views

EUVD-2026-39443

The K2 frontend item.checkin task accepts an unauthenticated sigProFolder query parameter and uses it directly to address a JFolder::delete call under /media/k2/galleries/...

6.5CVSS5.8AI score0.00159EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:25 p.m.5 views

EUVD-2026-39442

The K2 frontend article-attachment upload path accepts files whose extension is .php, and Apache's standard modphp matches .php$ and executes them under the K2 web user. A K2 Author can upload a shell.php, then fetch /media/k2/attachments/shell.php and execute arbitrary PHP code in the web...

6.3CVSS6.1AI score0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:24 p.m.5 views

EUVD-2026-39441

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:24 p.m.5 views

EUVD-2026-39440

The K2 frontend article-save handler accepts an attachmentNexisting POST field that is concatenated with JPATHSITE/ and passed to JFile::copy. JPath::clean does NOT strip .., and there is no allow-list of source paths. An Author can therefore copy configuration.php or any other file readable by t...

6.5CVSS5.9AI score0.00295EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:23 p.m.16 views

EUVD-2026-39439

K2 ≤ 2.26 renders the k2users.image column directly into HTML src attributes via two distinct templates, in both cases without HTML escaping...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:22 p.m.4 views

EUVD-2026-39438

K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin plguserk2. A Registered Joomla user, by including the field K2UserForm=1 in a standard comusers profile.save POST, can write arbitrary values into the notes, image, and plugins columns of their own row in the k2users table —...

6.5CVSS6AI score0.00182EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:22 p.m.5 views

EUVD-2026-39437

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spell file's SOFO sound-folding byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound an...

7.1CVSS6.1AI score0.0012EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:16 p.m.8 views

EUVD-2026-39436

Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion...

8.4CVSS6.1AI score0.00144EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:7 p.m.5 views

EUVD-2026-39435

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS5.9AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:5 p.m.4 views

EUVD-2026-39434

CWE-78 Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could allow unauthorized execution of commands with elevated privileges, impacting system integrity, confidentiality, and availability when a privileged authenticated user interacts wi...

8.6CVSS6AI score0.01191EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:2 p.m.3 views

EUVD-2026-39433

CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service condition, rendering the device’s HMI and configuration functionality unavailable when malformed requests are received over exposed network interfaces...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:0 p.m.4 views

EUVD-2026-39432

3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by modifying Xray configuration values stored in the database. This can be leveraged to obtain code...

7.2CVSS6.4AI score0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:47 p.m.4 views

EUVD-2026-39431

CWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and potential account compromise when an attacker with privileged local access reads improperly protected system files...

6.7CVSS5.8AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:44 p.m.4 views

EUVD-2026-39430

CWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when unauthenticated attacker accesses credentials stored within firmware or system files. With this credential an attacker could subsequently compromise the devic...

8.7CVSS5.9AI score0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:39 p.m.5 views

EUVD-2026-39429

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...

5.9CVSS5.9AI score0.00093EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:34 p.m.5 views

EUVD-2026-39428

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression...

6.3CVSS5.9AI score0.00312EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:33 p.m.5 views

EUVD-2026-39427

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new root was a Nokogiri::XML::Node, allowing a DTD node to be set as the document root. The result is a heap use-after-free during garbage...

6.3CVSS5.8AI score0.00312EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:32 p.m.6 views

EUVD-2026-39426

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri’s CRuby native extension could leave a Ruby wrapper pointing to freed memory when replacing the value of an XML attribute. If Ruby code had already accessed an attribute child node,...

6.3CVSS5.9AI score0.00357EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:32 p.m.4 views

EUVD-2026-39425

Malicious HTML content contained in the layout specification of a PDF ticket or badge layout was executed when the PDF editor is opened in the browser. This could allow one backend user to inject JavaScript into the browser context of another backend user. Due to requirements of the PDF rendering...

8.8CVSS5.9AI score0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:32 p.m.5 views

EUVD-2026-39424

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This caused a NULL pointer dereference that could...

6.3CVSS5.9AI score0.00357EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:31 p.m.6 views

EUVD-2026-39423

Malicious HTML content could be injected into the page pretix shows when redirection to an untrusted page occurs. Since this page has a Content-Security-Policy, this can mainly be used for phishing purposes...

2.1CVSS5.8AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:31 p.m.5 views

EUVD-2026-39422

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet and its alias slice checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then...

6.3CVSS5.9AI score0.00331EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:30 p.m.5 views

EUVD-2026-39421

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, the NONET parse option, which Nokogiri turns on by default for Nokogiri::XML::Schema see CVE-2020-26247, was not correctly enforced on the JRuby implementation. As a result, a schema parsed with...

4.3CVSS6.6AI score0.01109EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:29 p.m.6 views

EUVD-2026-39420

Content injected to PDF rendering contexts could, in many places, include HTML content including tags. If the src attribute of these images pointed to an URL, the PDF rendering engine would download the image from that place and display it, thereby leaking information about the rendering server a...

2.1CVSS5.9AI score0.00308EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:29 p.m.5 views

EUVD-2026-39419

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, calling Documentencoding= with an invalid encoding e.g., a non-string, or a string containing a null byte raises an exception, but only after freeing the document's current encoding string without...

6.3CVSS5.9AI score0.00331EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:26 p.m.5 views

EUVD-2026-39418

Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page for individual tickets in that order...

5.3CVSS5.9AI score0.00345EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:11 p.m.7 views

EUVD-2026-39417

Remote Keyless Entry System RKES, using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a...

6.9CVSS5.9AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:11 p.m.6 views

EUVD-2026-39416

Malicious HTML content could be injected into the content of a page in the pretix-pages plugin...

2.1CVSS5.8AI score0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:8 p.m.5 views

EUVD-2026-39415

Our payment integration with Mollie did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one payment...

6.3CVSS5.9AI score0.00257EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:7 p.m.4 views

EUVD-2026-39414

Our payment integration with Oppwa-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one...

6.3CVSS5.9AI score0.00257EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 2:3 p.m.3 views

EUVD-2026-39413

Our payment integration with Computop-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one...

6.3CVSS5.9AI score0.00257EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:53 p.m.5 views

EUVD-2026-39412

Malicious HTML content could be injected into the content rendered by the pretix-digital plugin...

2CVSS5.8AI score0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:49 p.m.5 views

EUVD-2026-39411

Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage...

5.3CVSS5.8AI score0.00308EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:48 p.m.4 views

EUVD-2026-39410

Dell Display and Peripheral Manager DDPM Mac, versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command...

7.8CVSS5.9AI score0.00693EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:47 p.m.4 views

EUVD-2026-39408

A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls reverse DNS records for a scanned host to inject malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data...

6.3CVSS5.9AI score0.00339EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:47 p.m.5 views

EUVD-2026-39409

A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user, injects malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data...

4.6CVSS5.9AI score0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:43 p.m.8 views

EUVD-2026-39355

Dell Display and Peripheral Manager DDPM Mac, versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass...

7.3CVSS5.9AI score0.00064EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:43 p.m.4 views

EUVD-2026-39354

In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observe...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2
Total number of security vulnerabilities417709