Lucene search
K

418059 matches found

EUVD
EUVD
added 2026/06/24 12:30 a.m.9 views

EUVD-2026-38639

Anthropic Claude Desktop Cowork VM image handling confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0 validates only file presence and a version marker string before booting rootfs.img, but does not verify image content integrity at time-of-use. A local...

8.7CVSS6.5AI score0.00103EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/24 12:30 a.m.11 views

EUVD-2026-38631

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 12:30 a.m.9 views

EUVD-2026-38636

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission...

4.4CVSS5.9AI score0.00101EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 12:30 a.m.10 views

EUVD-2026-38630

When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, meaning an archive could be parsed in an infinite loop...

8.2CVSS5.8AI score0.00433EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 12:30 a.m.8 views

EUVD-2026-38634

FlatPress versions prior to commit 10be83c, contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and email fields are rendered without proper output encoding in Smarty templates. Attackers can inject arbitrary HTML and JavaScript through these fields ...

8.4CVSS5.9AI score0.00243EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 12:17 a.m.11 views

EUVD-2026-38640

Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to version 5.4.4. Impact users have: direct usage of convertTokenDatatokens, output: 'object' ;; indirect usage, via using Expand API; and/or indirect...

8.8CVSS5.8AI score0.00132EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/23 11:50 p.m.9 views

EUVD-2026-38638

Incorrect check of function return value in Caliptra Core Runtime Firmware ActivateFirmwareCmd::activatefw modules allows bypass of Caliptra Core's verification of the MCU FW during a hitless update. This issue affects Core Runtime Firmware: from 2.0.0 through 2.0.1, 2.1.0...

7.2CVSS5.8AI score0.00155EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 11:49 p.m.6 views

EUVD-2026-38637

Missing cryptographic step in Caliptra Core Firmware aes256gcmupdate module results in an incorrect GCM authentication tag. When the streaming AES-256-GCM API is used with empty AAD, the hardware GHASH accumulator state is not saved after the first update call, causing the final tag to exclude th...

5.1CVSS5.8AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 10:27 p.m.10 views

EUVD-2026-37954

phpMyFAQ: Missing userHasPermission in 4 API write endpoints CVE-2026-24421 Incomplete Fix...

6.5CVSS5.8AI score0.01734EPSS
Exploits3References3
EUVD
EUVD
added 2026/06/23 10:24 p.m.13 views

EUVD-2026-35140

Snipe-IT: Bulk editing users allowed ldapimport and activatedin bulk editing users...

7.1CVSS5.8AI score0.00194EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 10:16 p.m.8 views

EUVD-2026-38394

Filament: Unauthenticated temporary file upload on auth pages...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 10:11 p.m.9 views

EUVD-2026-38635

Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/theirownid and grant themselves any permission except admin and superuser — for example assets.view, assets.create, reports.view, import, etc. The issue is...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 10:9 p.m.8 views

EUVD-2026-38633

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled HTTPHOST request header as the authoritative source for building callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An...

9.6CVSS6AI score0.00312EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 10:7 p.m.7 views

EUVD-2026-38632

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection Formula Injection in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing...

6.9CVSS5.9AI score0.00229EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 10:2 p.m.13 views

EUVD-2026-35091

phpMyFAQ has Weak Cryptography - SHA1 for Password Hashing...

6.9CVSS5.8AI score0.00182EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 9:59 p.m.13 views

EUVD-2026-34311

OHttpVersionChunkDraft: Missing Final-Chunk Enforcement Leads to Undetected Stream Truncation...

8.7CVSS5.8AI score0.00167EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 9:57 p.m.8 views

EUVD-2026-38395

Filament: Unvalidated ImageColumn and ImageEntry values can be used for XSS...

6.4CVSS5.8AI score0.00148EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 9:54 p.m.10 views

EUVD-2026-38393

Filament: Timing-based user enumeration on login page...

5.3CVSS5.8AI score0.0021EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 9:54 p.m.10 views

EUVD-2026-37008

Slim has Reflected XSS in the HtmlErrorRenderer...

6.1CVSS5.8AI score0.00167EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 9:49 p.m.14 views

EUVD-2026-31881

Algernon: Host header path traversal in --domain mode reads files and runs Lua from parent dir...

8.2CVSS5.8AI score0.00335EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 9:2 p.m.7 views

EUVD-2026-38629

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, UnwrappedPropertyHandler.processUnwrappedCreatorProperties replays buffered JSON into creator parameters but never consults...

6.5CVSS5.9AI score0.00211EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/23 9:0 p.m.8 views

EUVD-2026-38597

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if and only if the service reads deeply nested 1000s of levels JSON as JsonNode...

6.3CVSS5.9AI score0.00616EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/23 8:59 p.m.6 views

EUVD-2026-38596

Spring Statemachine's Kryo-based persistence backends JPA, MongoDB, Redis and ZooKeeper deserialise persisted state-machine contexts without enforcing a class allowlist CWE-502, deserialisation of untrusted data, which can lead to remote code execution inside the application JVM. Affected version...

8.8CVSS6.5AI score0.00423EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:56 p.m.7 views

EUVD-2026-38595

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until 2.18.8, 2.21.4, and 3.1.4, jackson-databind's PolymorphicTypeValidator PTV is the primary safety mechanism guarding polymorphic deserialization. When polymorphic...

8.1CVSS5.8AI score0.00617EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/23 8:54 p.m.7 views

EUVD-2026-38594

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56784...

8.6CVSS5.7AI score0.00258EPSS
Exploits0
EUVD
EUVD
added 2026/06/23 8:53 p.m.7 views

EUVD-2026-38593

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until 2.18.8, 2.21.4, and 3.1.4, BasicPolymorphicTypeValidator.Builder.allowIfSubTypeIsArray allowlists any array type based only on clazz.isArray, without validating th...

8.1CVSS5.8AI score0.00677EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/23 8:51 p.m.9 views

EUVD-2026-38592

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 8:50 p.m.7 views

EUVD-2026-38591

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual, per-property @JsonIgnoreProperties exclusions are applied by handleByNameInclusion, producing a...

5.3CVSS5.8AI score0.00345EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/23 8:48 p.m.9 views

EUVD-2026-38590

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, POJOPropertiesCollector.renameProperties allows a property with @JsonProperty"renamed" on the getter and @JsonIgnore on the setter to be renamed...

5.3CVSS5.9AI score0.00282EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/23 8:47 p.m.9 views

EUVD-2026-38589

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, in BeanDeserializer.deserializeUsingPropertyBased, the active-view @JsonView filter was applied only to creator properties; the regular...

5.3CVSS5.9AI score0.00237EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/23 8:42 p.m.6 views

EUVD-2026-38588

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, a reflected XSS vulnerability exists in the Page Leaving Warning page. The ncRedirectUrl and ncBackUrl query parameters are used in window.location.href and tag bindings without validation, allowing javascript: URI...

6.1CVSS5.9AI score0.00156EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:41 p.m.5 views

EUVD-2026-38587

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the request-filtering-agent SSRF protection was non-functional in the four notification webhook plugins Slack, Discord, Mattermost, Teams because httpAgent / httpsAgent were passed as part of the request body rather th...

4.3CVSS6AI score0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:40 p.m.6 views

EUVD-2026-38586

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the OAuth token strategy attached oauthscope and oauthgrantedresources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited...

2CVSS5.9AI score0.00151EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:39 p.m.5 views

EUVD-2026-38585

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it t...

5.4CVSS5.8AI score0.00099EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:38 p.m.6 views

EUVD-2026-38584

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base UUID xc-shared-base-id, an attacker could enumerate base members and invite an arbitrary email in...

5.8CVSS6AI score0.00296EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:37 p.m.6 views

EUVD-2026-38583

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NCATTACHMENTFIELDSIZE against either the remote file's advertised Content-Length or the decoded length of a data: URI, allowing an authenticated user to bypass the configured...

5.3CVSS5.9AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:36 p.m.6 views

EUVD-2026-38628

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, an authenticated user with columnAdd permission on a Postgres-backed base can inject arbitrary SQL into the formula engine via the optional direction argument of ARRAYSORT.... The value is unrestricted by formula...

6CVSS6AI score0.00215EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:35 p.m.5 views

EUVD-2026-38627

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the password-reset page rendered the URL token directly into a JavaScript string literal in a server-rendered EJS template. EJS HTML-entity-encodes a fixed set of characters but does not escape single quotes or...

5.1CVSS5.9AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:35 p.m.9 views

EUVD-2026-38626

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the client-side hashRedirect plugin called window.location.replace on a path extracted from the URL hash fragment after only checking hashPath.startsWith'/'. Protocol-relative URLs //attacker.com/… also satisfy that...

5.1CVSS5.9AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:34 p.m.6 views

EUVD-2026-38625

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on...

6.9CVSS6AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:33 p.m.7 views

EUVD-2026-38624

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, sign-in response timing differed between known and unknown email addresses because the unknown-user branch returned without performing a password hash comparison. This vulnerability is fixed in 2026.04.1...

6.3CVSS5.8AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:31 p.m.5 views

EUVD-2026-38623

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, the uploadViaURL path in the v1/v2 attachment API did not enforce NCATTACHMENTFIELDSIZE against the remote content-length or against the response stream. An authenticated user Editor+ could direct the server to downloa...

6.5CVSS6AI score0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:30 p.m.9 views

EUVD-2026-38622

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. The API token deletion path removed the database row bu...

2.3CVSS5.8AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:19 p.m.8 views

EUVD-2026-38621

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the connection-test endpoint opened a raw TCP socket to the user-supplied database host without resolving and range-checking the destination, so private and link-local addresses including IPv4-mapped IPv6 forms and...

5.3CVSS5.9AI score0.00207EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:18 p.m.6 views

EUVD-2026-38620

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the public shared-view relation endpoints accepted a caller-supplied column ID without verifying that the column was visible in the shared view, so anyone holding a share UUID could read links from any LTAR column on t...

6.9CVSS5.9AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:17 p.m.6 views

EUVD-2026-38619

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared-view password check fell back to strict-equality === comparison for legacy plaintext passwords, leaking the password's length and per-character prefix through response timing. This vulnerability is fixed in...

6.9CVSS5.9AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:17 p.m.6 views

EUVD-2026-38618

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a user in one workspace could exercise another workspace's integration through the testConnection endpoint by supplying its ID, because the integration was fetched in a bypass scope and the caller's permission check...

6.9CVSS5.9AI score0.00313EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:15 p.m.5 views

EUVD-2026-38617

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated commenter could store HTML in row comments that executed as script when other users hovered over the comment in the expanded form view. The comment write paths persisted the raw comment body with no...

7.4CVSS5.9AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:15 p.m.5 views

EUVD-2026-38616

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. The bulk groupBy path in group-by.ts builds three database-specific...

5.3CVSS5.9AI score0.00306EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:13 p.m.4 views

EUVD-2026-38615

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with base-create permission can attach a SQLite source pointing at an arbitrary file on the NocoDB host, including NocoDB's own internal databases. The SQLite client and the base/integration creat...

5.3CVSS6AI score0.00324EPSS
Exploits0References1
Total number of security vulnerabilities418059