Lucene search
K

370197 matches found

CVE
CVE
added 2026/07/01 3:33 a.m.14 views

CVE-2026-44041

UltraVNC

6.5CVSS5.9AI score0.00316EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 3:33 a.m.12 views

CVE-2026-44042

UltraVNC repeater up to version 1.8.2.2 contains an off-by-one bug in the Base64 decode helper used for HTTP Basic authentication. In repeater/webgui/webutils.c:817, wi_uudecode() uses a strict > check to ensure output fits the buffer, but the correct condition is >=. When strlen(authdata) ...

3.7CVSS6AI score0.00388EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 3:14 a.m.16 views

CVE-2026-20463

Technical details for CVE-2026-20463 are not publicly provided in the supplied documents. Monitor for updates from vendors and security bulletins.

6.7CVSS5.8AI score0.0011EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:14 a.m.19 views

CVE-2026-20462

Technical details about CVE-2026-20462 are not publicly available in the provided documents. Monitor for updates from vendors and security bulletins to obtain affected components, impact, and remediation specifics.

6.7CVSS6.1AI score0.00111EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:14 a.m.21 views

CVE-2026-20461

CVE-2026-20461 : In the Modem component, an out-of-bounds write can occur due to a missing bounds check. This may allow a remote denial of service when a UE connects to a rogue base station controlled by an attacker; exploitation does not require user interaction or additional privileges. Public ...

5.3CVSS6AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:14 a.m.17 views

CVE-2026-20460

CVE-2026-20460 affects the Modem via information disclosure caused by improper input validation. The issue could enable remote information disclosure if a UE connects to a rogue base station controlled by an attacker, with no extra execution privileges and without user interaction. The available ...

5.3CVSS6AI score0.00174EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:14 a.m.19 views

CVE-2026-20459

In Modem, a vulnerability due to improper input validation can cause a system crash leading to remote denial of service when a UE connects to a rogue base station. No user interaction is required; exploitation is over the network with no privileges. A patch is available: MOLY01816800 (Issue MSV-6...

5.3CVSS6AI score0.00169EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:13 a.m.35 views

CVE-2026-20458

CVE-2026-20458 affects the Modem with a memory corruption via a missing bounds check. This could enable remote escalation of privilege if a UE connects to a rogue base station, with no extra execution privileges required and no user interaction. Exploitation is described as adjacent access under ...

7.5CVSS6AI score0.00204EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:13 a.m.19 views

CVE-2026-20457

CVE-2026-20457 affects Modem. It describes a system crash caused by improper input validation, potentially enabling remote denial of service when a UE connects to a rogue base station. Exploitation details are not provided in the sources; the CVE notes an adjacent attack vector with high complexi...

5.3CVSS6AI score0.00182EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 2:41 a.m.126 views

CVE-2026-14191

CVE-2026-14191 describes an out-of-bounds heap write in WinRAR/UnRAR’s RAR5 recovery-volume (.rev) parser (RecVolumes5::ReadHeader). The RecItems vector is sized based on the first .rev file; subsequent .rev files supply an independent RecNum that is validated against that file’s TotalCount but n...

7.8CVSS5.8AI score0.00306EPSS
Exploits1References3
CVE
CVE
added 2026/07/01 2:11 a.m.35 views

CVE-2026-12943

CVE-2026-12943 affects IBM Power environments (HMC and PowerVM Novalink). The IBM advisories state an unauthenticated attacker could gain elevated privileges and execute arbitrary commands due to improper validation of user input (OS command injection). Affects Power Hardware Management Console (...

Exploits0References2
CVE
CVE
added 2026/07/01 12:58 a.m.26 views

CVE-2026-57963

The CVE-2026-57963 issue affects chat UI in Thunderbird where an attacker able to send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. Underlying risk is manipulation of the chat interface and potential phishing wi...

6.5CVSS5.9AI score0.00181EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 12:58 a.m.21 views

CVE-2026-57962

CVE-2026-57962 affects Thunderbird’s LDAP address-book autocomplete. A malicious LDAP server can cause the Thunderbird LDAP client to stash attacker-supplied data, enabling memory exhaustion and a denial of service. Root cause is unbounded data processing by the LDAP client when queried by the Th...

5.3CVSS5.8AI score0.00203EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 12:11 a.m.85 views

CVE-2026-53488

CVE-2026-53488 affects containerd’s CRI plugin: image config LABELs are propagated to containers without validation, enabling potential host-command execution via a plugin that consumes labels. Concrete details across connected docs confirm this vulnerability in containerd versions prior to 1.7.3...

9.4CVSS5.9AI score0.00203EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/01 12:5 a.m.11 views

CVE-2026-57149

Technical details for CVE-2026-57149 are not publicly available in the provided documents. Monitor for updates.

Exploits0References4
CVE
CVE
added 2026/07/01 12:2 a.m.27 views

CVE-2026-41579

Technical details beyond the Initial Description are not provided in the connected documents; monitor for updates.

3.3CVSS5.9AI score0.00222EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 12:0 a.m.23 views

CVE-2026-51947

CVE-2026-51947 affects Pivotal CRM 6.6.4.08 and systems applying patch-ghi-15381-cwe-502-20251225.zip. The vulnerability arises from an incomplete fix for CVE-2026-39253 in the Pivotal.Engine.Client.Services.Conversion.dll, enabling remote code execution via network access. The issue is fixed in ...

9.8CVSS6.2AI score0.0113EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 12:0 a.m.14 views

CVE-2026-34007

Technical details for CVE-2026-34007 are not publicly available in the provided documents. No affected products, impacts, or remediation can be identified here. Monitor for updates.

Exploits0References2
CVE
CVE
added 2026/07/01 12:0 a.m.12 views

CVE-2026-36911

Summary of CVE-2026-36911 (MPC-BE) : A division-by-zero vulnerability exists in the file parsing/processing path: the function CStreamSwitcherOutputPin::DecideBufferSize in MPC-BE (before commit 4341cb3). This can be triggered by a crafted MP4 file, leading to a Denial of Service . Affected softw...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 12:0 a.m.11 views

CVE-2026-38891

The CVE-2026-38891 issue affects gazebo_plugins v3.9.0, specifically the gazebo_ros_diff_drive.cpp component. An improper input validation flaw can be triggered by a crafted geometry_msgs::Twist message, enabling a Denial of Service (DoS). The available connected sources consistently describe the...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References2
Rows per page
Query Builder