Lucene search
K

417735 matches found

EUVD
EUVD
added 2026/06/25 1:12 p.m.3 views

EUVD-2026-39386

Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host, exposing PAM provider credentials as a NTLMv2...

2.7CVSS5.8AI score0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39384

Unauthenticated Cross Site Scripting XSS in Forminator = 1.53.1 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39385

Contributor Broken Access Control in Slim SEO = 4.6.2 versions...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39383

Subscriber Arbitrary File Deletion in JS Help Desk = 3.1.1 versions...

7.7CVSS5.8AI score0.0045EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39382

Subscriber PHP Object Injection in EventPrime = 4.3.4.1 versions...

8.8CVSS5.8AI score0.00391EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39381

Unauthenticated Cross Site Scripting XSS in TablePress = 3.3.1 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39380

Contributor Remote Code Execution RCE in Post Snippets = 4.0.19 versions...

8.5CVSS5.9AI score0.00351EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39379

Customer Cross Site Scripting XSS in Advanced Order Export For WooCommerce = 4.0.9 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39378

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce = 1.6.2 versions...

5.4CVSS5.9AI score0.00203EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39377

Unauthenticated Cross Site Scripting XSS in Master Slider = 3.11.2 versions...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39376

Unauthenticated Insecure Direct Object References IDOR in License Manager for WooCommerce = 3.0.15 versions...

6.5CVSS5.8AI score0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39375

Unauthenticated Cross Site Scripting XSS in H5P = 1.17.6 versions...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39374

Subscriber Cross Site Scripting XSS in WP Activity Log = 5.6.3.1 versions...

7.1CVSS5.8AI score0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39373

Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce = 1.1.11 versions...

9.3CVSS5.9AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39372

Unauthenticated Local File Inclusion in MDTF = 1.3.8 versions...

8.1CVSS5.8AI score0.00274EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.8 views

EUVD-2026-39371

Unauthenticated Broken Access Control in CheckView Automated Testing = 2.1.0 versions...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39370

Unauthenticated SQL Injection in MDTF = 1.3.7 versions...

9.3CVSS5.9AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39369

Unauthenticated Sensitive Data Exposure in Vitepos = 3.4.2 versions...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.4 views

EUVD-2026-39368

Subscriber SQL Injection in WC Vendors Marketplace = 2.6.8 versions...

8.5CVSS5.9AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39367

Unauthenticated Broken Access Control in Five Star Restaurant Reservations = 2.7.19 versions...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39366

Unauthenticated Broken Access Control in Motors = 1.4.109 versions...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39365

Contributor Remote Code Execution RCE in Widget Options = 4.2.3 versions...

9.9CVSS5.9AI score0.00426EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.6 views

EUVD-2026-39363

Subscriber Sensitive Data Exposure in Visual Link Preview = 2.3.1 versions...

7.4CVSS5.8AI score0.00264EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39364

Subscriber SQL Injection in SALESmanago & Leadoo = 3.11.2 versions...

8.5CVSS5.9AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39362

Unauthenticated Broken Access Control in MainWP Child = 6.1.1 versions...

7.5CVSS5.8AI score0.00223EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39361

Contributor Sensitive Data Exposure in Elementor Website Builder = 4.1.3 versions...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:1 p.m.4 views

EUVD-2026-39360

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS5.8AI score0.00352EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:1 p.m.4 views

EUVD-2026-39359

An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation...

5.3CVSS5.8AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:59 p.m.5 views

EUVD-2026-39358

Incomplete validation of the SOA record present in a catalog zone might lead to a crash...

5.9CVSS5.8AI score0.004EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:59 p.m.6 views

EUVD-2026-39357

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation...

5.9CVSS5.8AI score0.004EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:58 p.m.5 views

EUVD-2026-39356

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:58 p.m.6 views

EUVD-2026-39352

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...

7.5CVSS5.8AI score0.00119EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:24 p.m.8 views

EUVD-2026-39351

An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS options that DNSdist did not filter...

3.7CVSS5.9AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39350

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memo...

5.3CVSS6.1AI score0.00413EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39349

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...

4.8CVSS5.9AI score0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39348

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:22 p.m.5 views

EUVD-2026-39347

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.9AI score0.00285EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:22 p.m.5 views

EUVD-2026-39346

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 11:57 a.m.4 views

EUVD-2026-39345

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

4.3CVSS5.9AI score0.00479EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39331

A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.6.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

6.4CVSS5.8AI score0.00349EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.4 views

EUVD-2026-39337

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...

5.7AI score0.0014EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39338

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

5.7AI score0.00129EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39340

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking for NULL. A connector can be connected but not bound to any CRTC e.g...

5.9AI score0.00176EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39343

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...

5.7AI score0.00176EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39336

In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...

5.7AI score0.00431EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39339

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftfib: fix stale stack leak via the OIFNAME register For NFTFIBRESULTOIFNAME the destination register is declared with len = IFNAMSIZ four 32-bit registers, but on the lookup-fail, RTNLOCAL and oif-mismatch paths...

5.8AI score0.00176EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39342

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...

6AI score0.00212EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.4 views

EUVD-2026-39341

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...

5.7AI score0.00172EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 9:31 a.m.4 views

EUVD-2026-39333

A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

5.5CVSS5.8AI score0.00324EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39332

Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

10CVSS5.9AI score0.00395EPSS
Exploits0References2
Total number of security vulnerabilities417735