Lucene search
K

370189 matches found

CVE
CVE
added 2026/07/01 2:51 p.m.14 views

CVE-2026-58037

MediaWiki up to versions older than 1.46.0 (including 1.45.4, 1.44.6, 1.43.9) is affected by CVE-2026-58037, an XSS in log/locale-related rendering code (files such as includes/Language/Language.php and several LogFormatter classes) that allows improper neutralization of user input during web pag...

6.1CVSS5.8AI score0.00228EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:49 p.m.17 views

CVE-2026-24243

NVIDIA Megatron Bridge for Linux (CVE-2026-24243) is affected by a vulnerability in deserialization of untrusted data, potentially enabling code execution, privilege escalation, data tampering, and information disclosure. The issue arises in the Megatron Bridge software, with CVSSv3.1 base score ...

7.8CVSS5.9AI score0.00175EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:48 p.m.13 views

CVE-2026-24242

NVIDIA Megatron Bridge for Linux contains a vulnerability (CVE-2026-24242) that could allow a attacker to perform server-side request forgery, potentially leading to information disclosure. The NVIDIA security bulletin reassures that a software update to version 0.4.1 or later fixes this and othe...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:48 p.m.14 views

CVE-2026-58036

CVE-2026-58036 affects Wikimedia Foundation MediaWiki. The issue concerns leakage of sensitive information via the Users APIs, specifically in ApiQueryAllUsers.php, ApiQueryUsers.php, PermissionManager.php, and UserGroupManager.php. The vulnerability allows an unauthorized actor to access user-re...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:43 p.m.14 views

CVE-2026-24240

Summary (CVE-2026-24240): NVIDIA Megatron Bridge for Linux contains a vulnerability that allows deserialization of untrusted data, potentially enabling code execution, privilege escalation, data tampering, and information disclosure. Root cause: insecure deserialization in the bridge component. A...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 2:41 p.m.16 views

CVE-2026-58127

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 (PacsgearMediaServerEngine.dll) with ObjectURIs RemoteObj and UIRemoteObj and no authentication. An unauthenticated attacker can exploit MarshalByRefObject unmarshalling and implement .NET WebClient methods to read/write ...

9.8CVSS6.5AI score0.00985EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/07/01 2:39 p.m.29 views

CVE-2025-23351

NVIDIA advisory for CVE-2025-23351: A vulnerability in the command interface on NVIDIA Networking BlueField and ConnectX allows a local user with VF access to cause an out-of-bounds write, enabling potential arbitrary code execution on the device. Affected products include BlueField GA (BlueField...

9CVSS6.4AI score0.00269EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 2:39 p.m.18 views

CVE-2026-58126

PACSgear PACS Scan 5.2.1 is affected by an unauthenticated remote code execution through an exposed .NET Remoting TCP service (port 22222). The vulnerability chain starts with PGImageExchQueue.exe allowing arbitrary file read/write via the service, which can be leveraged with DLL hijacking in PGI...

9.8CVSS6.5AI score0.00963EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/07/01 2:38 p.m.29 views

CVE-2025-15646

HTML::Gumbo for Perl before 0.19 is vulnerable to heap memory disclosure via type confusion when parsing documents containing a element. The issue arises because libgumbo’s walk_tree was not updated to support , causing the element to be treated as a text node and enabling strlen() over-read of ...

9.8CVSS5.8AI score0.00663EPSS
Exploits0References4
CVE
CVE
added 2026/07/01 2:36 p.m.15 views

CVE-2025-23350

NVIDIA reports CVE-2025-23350 affecting ConnectX and BlueField through a vulnerability in the command interface that allows a local user with VF access to cause a write out of bounds via crafted input, potentially enabling arbitrary code execution on the device. The issue impacts devices with VF ...

9CVSS6.4AI score0.00269EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 2:34 p.m.19 views

CVE-2026-24260

Technical details about CVE-2026-24260 are not publicly available in the provided documents. Monitor for updates; no affected products, vulnerable components, impact, or remediation details are disclosed here.

8.5CVSS5.8AI score0.00489EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 2:34 p.m.11 views

CVE-2026-58024

CVE-2026-58024 affects MediaWiki prior to 1.46.0 and some earlier 1.45.x/1.44.x/1.43.x branches. The issue is tied to includes/Api/ApiUserrights.Php, enabling exposure of sensitive information to unauthorized actors via the API. Reported metrics show a CVSSv4 base score of 5.1 (Medium) with netwo...

5.7CVSS5.8AI score0.00334EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:32 p.m.12 views

CVE-2026-13707

CVE-2026-13707 describes a session fixation vulnerability in Wikimedia Foundation OAuth, associated with the file src/Backend/MWOAuthServer.Php. Affected versions include OAuth implementations up to 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The connected documents do not provide explicit root-cause det...

5.8AI score0.00255EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 2:29 p.m.12 views

CVE-2026-13706

The CVE-2026-13706 entry concerns Wikimedia Foundation UrlShortener with an improper input validation issue in the UrlShortenerUtils.Php component. According to the NVD entry, the flaw yields a HIGH-severity impact across confidentiality, integrity, and availability (C:H/I:H/A:H) with network att...

8.8CVSS5.8AI score0.00328EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:25 p.m.15 views

CVE-2026-58399

The CVE affects @acastellon/auth (authentication control for microservices). Versions

8.7CVSS5.8AI score0.00543EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 2:24 p.m.24 views

CVE-2026-58031

CVE-2026-58031 is an XSS in Wikimedia MediaWiki via ApiSandboxLayout.Js (Special:ApiSandbox). Root cause: improper input neutralization during web page generation. Affected software: MediaWiki versions from 1.46.0-rc.0 up to before 1.46.0. Exploitation details: network access with user interactio...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:21 p.m.18 views

CVE-2026-58034

The CVE describes a stored XSS in Wikimedia Foundation CheckUser, specifically in the file modules/ext.CheckUser.TempAccounts/components/blockConnectedTempAccountsField.Vue. Affected product: CheckUser; versions from 1.46.0-rc.0 before 1.46.0 are vulnerable. Root cause: improper neutralization of...

4.8CVSS5.8AI score0.00142EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:19 p.m.21 views

CVE-2026-6283

CVE-2026-6283 affects DivvyDrive Information Technologies Inc. DivvyDrive (versions 4.8.2.23 up to, but not including, 4.8.3.1) with a Stored XSS due to improper neutralization of input during web page generation. Risk is MEDIUM (CVSS 3.1: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N), requiring user inte...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 2:17 p.m.18 views

CVE-2026-58035

CVE-2026-58035 : In Wikimedia Foundation MediaWiki, the vulnerability is an improper neutralization of input during web page generation (XSS) tied to the file resources/src/mediawiki.Special.Block/SpecialBlock.Vue. The available sources confirm a cross-site scripting risk but do not provide concr...

4.8CVSS5.8AI score0.00142EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 2:12 p.m.14 views

CVE-2026-5220

DivvyDrive Information Technologies Inc. DivvyDrive contains a Stored XSS vulnerability caused by improper neutralization of input during web page generation. Affected versions are 4.8.2.23 up to, but not including, 4.8.3.1. CVSS v3.1 base score 6.4 (Medium) with network attack vector, low attack...

6.4CVSS5.8AI score0.00148EPSS
Exploits0References1
Rows per page
Query Builder