Lucene search
K

364394 matches found

NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-49953

Discuz! X5.0 releases 20260320 through 20260610 contains a CAPTCHA bypass vulnerability that allows unauthenticated remote attackers to defeat challenge controls by exploiting limited complexity and predictable character sets in generated CAPTCHA images. Attackers can train a custom optical...

6.9CVSS0.00359EPSS
Exploits0References4
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2026-49952

Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to gain unauthorized access to database backup and restore functionality by exploiting a shared cryptographic key between UCenter integration and the databa...

9.3CVSS0.0135EPSS
Exploits3References5
NVD
NVD
•added 2026/06/15 8:16 p.m.•6 views

CVE-2026-45390

In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar1 rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file writes outside of the...

9.1CVSS0.00373EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•10 views

CVE-2026-45389

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client when doing client authentication, which allows impersonation with certificates that are not meant for client authentication because of KeyUsage and ExtendedKeyUsage...

7.4CVSS0.00191EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•10 views

CVE-2026-47835

In Spring AI Vector Stores, special characters could be used to force the execution of arbitrary queries in Elasticsearch, OpenSearch, and GemFire VectorDB. Affected components: spring-ai-elasticsearch-store, spring-ai-opensearch-store, spring-ai-gemfire-store. Affected versions: Spring AI 1.0.0...

8.6CVSS0.00254EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-45388

In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate provided by the server, which allows impersonation with certificates that are not meant for server authentication because of KeyUsage and ExtendedKeyUsage...

9.1CVSS0.00225EPSS
Exploits1References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-48114

Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert builds an INSERT against HARVESTSITESCHEDULE via string...

9.8CVSS0.0037EPSS
Exploits0References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•33 views

CVE-2026-39196

Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...

9.8CVSS0.00321EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•12 views

CVE-2026-38812

RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generation module and may allow an authenticated attacker with administrative privileges to access sensitive database information...

9.8CVSS0.00393EPSS
Exploits1References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2026-39006

An issue in SNMP4J-Agent 3.8.3 allows a remote attacker to execute arbitrary code via the snmp4jCfgStoragePath component...

9.8CVSS0.00515EPSS
Exploits1References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-39007

An issue in Observeinc's Observe v.2026-01-28 and before allows a remote attacker to obtain sensitive information via the CSV Log export component...

7.5CVSS0.00375EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2026-41708

In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service DoS condition. The application is vulnerable when it uses a vulnerable version of org.springframework.cloud:spring-cloud-sleuth-instrumentation and Spring TX instrumentation is...

7.5CVSS0.00278EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•23 views

CVE-2026-38329

Bludit CMS before version 3.18.4 allows Remote Code Execution RCE via the API Plugin. The POST /api/files/key endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and...

9.8CVSS0.00627EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•22 views

CVE-2026-39118

An issue in Iru, Inc Kandji Agent before v.4.7.55374 allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality...

8.4CVSS0.00118EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-39197

An issue in the /util/http/prelude.rs endpoint of Datadog, Inc Vector v0.54.0 allows attackers to cause a Denial of Service DoS via a crafted request or payload...

6.5CVSS0.00289EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2026-36670

A Time-Based Blind SQL Injection vulnerability in the aliasmanagement module of OpenSIPS Control Panel opensips-cp prior to version 9.3.3 allows authenticated attackers to execute arbitrary SQL commands via the 'table' GET parameter in aliasmanagement.php...

8.8CVSS0.00361EPSS
Exploits1References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2026-38064

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actiondialcall via the dialNumber parameter...

9.8CVSS0.01046EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2026-38060

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionunlocksim via the pin parameter...

9.8CVSS0.01046EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2026-38062

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetratmode via the ratMode parameter...

9.8CVSS0.01046EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-38061

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionsetvolume via the volume parameter...

9.8CVSS0.01046EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-38063

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionradioonwithiaapn via the ia parameter...

9.8CVSS0.01046EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2026-36933

An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature...

6.8CVSS0.00174EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•10 views

CVE-2026-38065

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionimsonwithapn via the imsapn parameter...

9.8CVSS0.01345EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2026-37216

Ruoyi 4.8.2 is vulnerable to Cross Site Scripting XSS at the interface /system/notice/add...

6.1CVSS0.00181EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-30120

remotion-dev remotion v4.0.409 was discovered to contain a remote code execution RCE vulnerability...

9.8CVSS0.0081EPSS
Exploits1References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2026-36521

PublicCMS V5.202506.d has a Cross Site Scripting XSS vulnerability in the site configuration management module...

6.1CVSS0.00181EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•11 views

CVE-2026-36213

An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component...

7.8CVSS0.00479EPSS
Exploits2References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•11 views

CVE-2026-36537

ThingsBoard v4.3.0.1 is vulnerable to an authentication bypass during the OAuth authorization code exchange. The application improperly trusts user-supplied identity data within the user parameter of the /login/oauth2/code/ endpoint. By manipulating the email address in this JSON object, a remote...

9.8CVSS0.00511EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•10 views

CVE-2026-11931

Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions 0644 instead of owner-restricted permissions 0600. To remediate this issue, users should upgrade t...

6.8CVSS0.00115EPSS
Exploits0References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•11 views

CVE-2026-30121

remotion-dev remotion v4.0.409 was discovered to contain an arbitrary file write vulnerability...

9.1CVSS0.00324EPSS
Exploits1References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2025-56814

A code injection vulnerability in the wxExecute function of OpenCPN v5.12.0 allows attackers to execute arbitrary code via embedding shell metacharacters...

7.8CVSS0.00165EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•11 views

CVE-2025-55650

A heap use-after-free in the gfnodegettag function scenegraph/basescenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2025-68713

An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...

8CVSS0.00284EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•10 views

CVE-2025-70102

A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parseoption src/if-options.c:1886, the code performs a member access on a NULL pointer of type 'struct dhcpopt' when an unexpected/invalid option token or parsing state caus...

6.3CVSS0.00169EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2025-55652

A heap buffer overflow in the gfisomvpconfignew function isomedia/avcext.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00202EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2025-55660

A stack overflow in the gfopusreadlength function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00202EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2025-55663

A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2025-55661

A heap buffer overflow in the Opus audio stream parser component of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00202EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•10 views

CVE-2025-55645

A heap buffer overflow in the gfcencsetpssh function isomedia/drmsample.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00235EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2025-55644

A heap use-after-free in the gfnodegettag function scenegraph/basescenegraph.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•10 views

CVE-2025-55643

A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2025-55647

An Out-of-Memory in the mp4muxcencinsertpssh function filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•11 views

CVE-2025-55648

A heap buffer overflow in the gfopusparsepacketheader function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00235EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•9 views

CVE-2025-55649

A NULL pointer dereference in the gfmediamapesd function mediatools/isomtools.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•8 views

CVE-2025-55642

GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmxprocess function isomedia/isomwrite.c...

6.5CVSS0.00363EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 8:16 p.m.•7 views

CVE-2025-55641

A NULL pointer dereference in the gfisomcopysampleinfo function isomedia/isomwrite.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
NVD
NVD
•added 2026/06/15 6:16 p.m.•17 views

CVE-2026-8356

LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...

6.9CVSS0.0012EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 6:16 p.m.•10 views

CVE-2026-8358

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS0.00171EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 6:16 p.m.•11 views

CVE-2026-6045

LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small...

6.9CVSS0.0012EPSS
Exploits0References1
NVD
NVD
•added 2026/06/15 6:16 p.m.•14 views

CVE-2026-6047

LibreOffice can import documents in the OOXML format DOCX. A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed...

6.9CVSS0.0012EPSS
Exploits0References1
Total number of security vulnerabilities364394