Lucene search
K

418325 matches found

EUVD
EUVD
•added 2026/06/26 1:14 a.m.•9 views

EUVD-2026-39607

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.5AI score0.00656EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:14 a.m.•8 views

EUVD-2026-39608

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.3CVSS6.2AI score0.00154EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:14 a.m.•8 views

EUVD-2026-39613

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.4CVSS6.2AI score0.00256EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:14 a.m.•8 views

EUVD-2026-39606

A flaw in Node.js proxy tunnel error handling could expose proxy credentials in ERRPROXYTUNNEL error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through error handling paths and captured by logs, diagnostics, or other error consumers. This vulnerability...

7.5CVSS6.6AI score0.00437EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:14 a.m.•8 views

EUVD-2026-39610

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

7.7CVSS7.1AI score0.00674EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:14 a.m.•8 views

EUVD-2026-39612

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4.3CVSS6.3AI score0.00258EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:14 a.m.•7 views

EUVD-2026-39609

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS7.1AI score0.02806EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:11 a.m.•14 views

EUVD-2026-39601

A bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns and trackers through the tracker-campaigns.php script in Revive Adserver 6.0.7 and earlier. As a result, a low‑privileged user could link their trackers to...

4.3CVSS5.8AI score0.00287EPSS
Exploits1References1
EUVD
EUVD
•added 2026/06/26 1:11 a.m.•9 views

EUVD-2026-39603

A stored XSS vulnerabilities exists in the maintenance-acl-check.php and maintenance-banners-check.php tools of Revive Adserver 6.0.7. The issue was caused by entity names being displayed without proper escaping when inconsistencies were detected. Whether the XSS payload is executed when an...

4.4CVSS5.8AI score0.00199EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:11 a.m.•7 views

EUVD-2026-39602

Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by sending a disallowed but otherwise valid plugin identifier as type, or using the ox.setChannelTargeting XML-RPC API method...

8.8CVSS6.6AI score0.02734EPSS
Exploits1References2
EUVD
EUVD
•added 2026/06/26 1:11 a.m.•8 views

EUVD-2026-39604

A missing sanitisation vulnerability of user input in the zone-include.php script exists in Revive Adserver 6.0.7 and earlier. A low‑privileged user could exploit the refresh parameter of the iFrame invocation tag to perform reflected XSS attacks...

6.1CVSS6.3AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:11 a.m.•9 views

EUVD-2026-39600

A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID cookie in the HTTP headers, and although the method correctly returned an error, the associated session was not invalidated. As a result, the leaked...

4.3CVSS5.8AI score0.00173EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 1:11 a.m.•8 views

EUVD-2026-39605

A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...

4.7CVSS5.8AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39592

Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic...

8.7CVSS5.9AI score0.00232EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39598

Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior only require the password hash when authenticating with backend services from the client. This could allow an attacker, who knows the hash, to authenticate and gain full access...

9.2CVSS5.9AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•7 views

EUVD-2026-39597

The Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating communications between the mobile client and the backend REST API. Attackers could potentially reverse the signature to recover the session ID. With the...

8.7CVSS5.9AI score0.00161EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39594

A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.WriteFile and os.Chown without symlink protection. A user with access to the virt-launcher container can plant a symlink at the cache file path, causin...

4.2CVSS5.9AI score0.00107EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39591

Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment system lacks additional authentication before assignment. If an attacker is able to obtain the registration ID, they would be able to arbitrarily...

8.3CVSS5.9AI score0.00203EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2026-39595

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS6AI score0.00149EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2026-39593

A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE declarations or enable FEATURESECUREPROCESSING. An attacker with artifact-write permission can upload XML documents with internal entity-expansion payloa...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39596

A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting XSS payload into cluster objects such as ClusterVersion...

6.9CVSS5.7AI score0.00176EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•7 views

EUVD-2026-39570

The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...

6.3CVSS5.9AI score0.0013EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•10 views

EUVD-2026-39564

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

6.9CVSS5.8AI score0.00248EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•3 views

EUVD-2026-39568

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks or brute-force attacks to gain unauthorized access...

8.7CVSS5.9AI score0.00391EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2026-39569

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead t...

9.4CVSS5.9AI score0.00378EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•4 views

EUVD-2026-39573

When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...

2.1CVSS5.8AI score0.00209EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•4 views

EUVD-2026-39581

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

5.9CVSS5.8AI score0.00171EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•7 views

EUVD-2026-39563

Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

6.3AI score0.00229EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2026-39566

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers. This vulnerability may allow unauthorized users to authenticate as oth...

7.3CVSS5.9AI score0.00246EPSS
Exploits0References4
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2026-39571

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6CVSS5.9AI score0.0016EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39572

Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer...

2CVSS5.8AI score0.00175EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2026-39579

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

5.9CVSS5.9AI score0.00111EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39580

iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...

5.7CVSS5.8AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•4 views

EUVD-2026-39575

TLS 1.3 post-handshake authentication PHA issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, b...

6CVSS5.8AI score0.00143EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39582

vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability...

8.1CVSS6.1AI score0.0032EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39565

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

2.1CVSS5.8AI score0.00147EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39567

A flaw was found in Keycloak. This JWT algorithm confusion vulnerability in the JWT Authorization Grant flow allows an attacker with valid client credentials to bypass signature verification. By forging an assertion, the attacker can create unauthorized access tokens. This enables the attacker to...

8.1CVSS5.8AI score0.00181EPSS
Exploits0References5
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2025-210340

Flowise before 3.0.6 affected versions 2.2.8 and earlier contains an arbitrary file access vulnerability due to missing validation that the chatflowId and chatId parameters are UUIDs or numbers in file handling operations. By supplying a path-traversal value e.g., '../../../../../tmp' as the...

9.8CVSS6.3AI score0.00895EPSS
Exploits1References5
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2025-210344

picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when the file is loaded via pickle.load, enabling supply chain attacks o...

8.1CVSS6.1AI score0.003EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39578

OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•8 views

EUVD-2026-39584

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...

6.8CVSS5.9AI score0.00115EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2026-39583

Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

6AI score0.00177EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•7 views

EUVD-2026-39574

A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission or unauthenticated when the registry runs with default...

8.5CVSS5.8AI score0.00233EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2026-39577

A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role access can upload a WSDL document containing attacker-controlled import...

7.4CVSS6AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2026-39576

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

6CVSS5.9AI score0.0021EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•7 views

EUVD-2025-210343

Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write arbitrary files to the filesystem. Attackers can exploit unsanitized fileName parameters with ../ sequences to overwrite critical files like...

10CVSS6.7AI score0.00639EPSS
Exploits1References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2025-210342

Flowise before 3.0.6 affected versions 2.2.7-patch.1 and earlier contains an unsandboxed remote code execution vulnerability in the Custom MCP feature, which is designed to execute OS commands such as launching local MCP servers. Because Flowise's authentication and authorization model is minimal...

9.8CVSS6.8AI score0.00757EPSS
Exploits1References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2025-210341

Flowise before 3.0.10 affected versions 3.0.7 and earlier fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an active session, for example via a stolen session token or a device left logged in, remains authenticated as the...

8.6CVSS5.9AI score0.00266EPSS
Exploits1References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•5 views

EUVD-2020-31260

Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious scripts to execute arbitrary code and install malicious plugins for system access...

5.4CVSS6.1AI score0.00167EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/26 12:32 a.m.•6 views

EUVD-2025-210338

Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the account settings Security section without supplying the current password or any additional verification, as the application does not enforce a...

8.7CVSS6AI score0.00327EPSS
Exploits1References3
Total number of security vulnerabilities418325