Aggregator

CVE-2026-23885 | AlchemyCMS alchemy_cms up to 7.4.11/8.0.2 resources_helper.rb eval eval injection (GHSA-2762-657x-v979 / EUVD-2026-3281)

3 months ago

A vulnerability was found in AlchemyCMS alchemy_cms up to 7.4.11/8.0.2. It has been classified as problematic. Affected is the function eval of the file app/helpers/alchemy/resources_helper.rb. This manipulation causes improper neutralization of directives in dynamically evaluated code. This vulnerability is tracked as CVE-2026-23885. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

vuldb.com

The Gentleman

Dark Feed IO

3 months ago

You must login to view this content

cohenido

CVE-2026-23843 | sibercii6-crypto teklifolustur_app offer_id authorization (GHSA-6h9r-mmg3-cg7m / EUVD-2026-3298)

VulDB Recent Entries

3 months ago

A vulnerability was found in sibercii6-crypto teklifolustur_app and classified as critical. This impacts an unknown function. The manipulation of the argument offer_id results in authorization bypass. This vulnerability is identified as CVE-2026-23843. The attack can be executed remotely. There is not any exploit available. Applying a patch is advised to resolve this issue.

vuldb.com

Fake ad blocker extension crashes the browser for ClickFix attacks

Bleeping Computer.

3 months ago

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the browser in preparation for ClickFix attacks. [...]

Bill Toulas

CVE-2023-38667 | NASM 2.16 disasm stack-based overflow (EUVD-2023-42465)

Vuldb Updates

3 months ago

A vulnerability identified as critical has been detected in NASM 2.16. The impacted element is the function disasm. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2023-38667. The attack can only be initiated within the local network. No exploit exists.

vuldb.com

CVE-2023-38668 | NASM 2.16 stack-based overflow (EUVD-2023-42466)

Vuldb Updates

3 months ago

A vulnerability labeled as critical has been found in NASM 2.16. This affects an unknown function. The manipulation results in stack-based buffer overflow. This vulnerability was named CVE-2023-38668. The attack needs to be approached within the local network. There is no available exploit.

vuldb.com

CVE-2023-38710 | Libreswan up to 4.11 IKEv2 REKEY Proposal denial of service (EUVD-2023-42485 / Nessus ID 211987)

Vuldb Updates

3 months ago

A vulnerability has been found in Libreswan up to 4.11 and classified as problematic. This affects an unknown part of the component IKEv2 REKEY Proposal Handler. The manipulation leads to denial of service. This vulnerability is referenced as CVE-2023-38710. The attack needs to be initiated within the local network. No exploit is available. The affected component should be upgraded.

vuldb.com

CVE-2023-38617 | Office Suite Premium 10.9.1.42602 /api?path=files filter cross site scripting (ID 173143 / EUVD-2023-42416)

Vuldb Updates

3 months ago

A vulnerability described as problematic has been identified in Office Suite Premium 10.9.1.42602. Affected by this vulnerability is an unknown functionality of the file /api?path=files. Executing a manipulation of the argument filter can lead to cross site scripting. The identification of this vulnerability is CVE-2023-38617. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2023-38591 | Netgear DG834Gv5 1.6.01.34 bsw_ssid.cgi wla_ssid/wla_temp_ssid buffer overflow (EUVD-2023-42390)

Vuldb Updates

3 months ago

A vulnerability was found in Netgear DG834Gv5 1.6.01.34 and classified as critical. The affected element is an unknown function of the file bsw_ssid.cgi. The manipulation of the argument wla_ssid/wla_temp_ssid results in buffer overflow. This vulnerability is reported as CVE-2023-38591. The attacker must have access to the local network to execute the attack. No exploit exists.

vuldb.com

CVE-2023-38665 | NASM 2.16rc0 ieee_write_file null pointer dereference (EUVD-2023-42463 / Nessus ID 270033)

Vuldb Updates

3 months ago

A vulnerability categorized as problematic has been discovered in NASM 2.16rc0. The affected element is the function ieee_write_file. Executing a manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2023-38665. The attack can only be done within the local network. There is not any exploit available.

vuldb.com

CVE-2023-38666 | Axiomatic Bento4 1.6.0-639 mp4encrypt ProcessFragments memory corruption (Issue 784 / EUVD-2023-42464)

Vuldb Updates

3 months ago

A vulnerability labeled as critical has been found in Axiomatic Bento4 1.6.0-639. This affects the function AP4_Processor::ProcessFragments of the component mp4encrypt. Such manipulation leads to memory corruption. This vulnerability is referenced as CVE-2023-38666. The attack needs to be initiated within the local network. No exploit is available.

vuldb.com

CVE-2023-38523 | Samsung Harman AMX N-Series /tmp/ information disclosure (EUVD-2023-42322)

Vuldb Updates

3 months ago

A vulnerability has been found in Samsung Harman AMX N-Series and classified as problematic. This affects an unknown part of the file /tmp/. This manipulation causes information disclosure. This vulnerability is registered as CVE-2023-38523. The attack requires access to the local network. No exploit is available. The affected component should be upgraded.

vuldb.com

CVE-2026-1171 | birkir prime up to 0.4.0.beta.0 GraphQL Field /graphql denial of service (Issue 542 / EUVD-2026-3198)

Vuldb Updates

3 months ago

A vulnerability labeled as problematic has been found in birkir prime up to 0.4.0.beta.0. Impacted is an unknown function of the file /graphql of the component GraphQL Field Handler. Executing a manipulation can lead to denial of service. The identification of this vulnerability is CVE-2026-1171. The attack may be launched remotely. Furthermore, there is an exploit available. The project was informed of the problem early through an issue report but has not responded yet.

vuldb.com

CVE-2026-1172 | birkir prime up to 0.4.0.beta.0 GraphQL Directive /graphql denial of service (Issue 543 / EUVD-2026-3201)

Vuldb Updates

3 months ago

A vulnerability marked as problematic has been reported in birkir prime up to 0.4.0.beta.0. The affected element is an unknown function of the file /graphql of the component GraphQL Directive Handler. The manipulation leads to denial of service. This vulnerability is referenced as CVE-2026-1172. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.

vuldb.com

CVE-2026-23838 | NixOS nixpkgs up to 26.4 /var/lib/tandoor-recipes file information disclosure (EUVD-2026-3303)

Vuldb Updates

3 months ago

A vulnerability, which was classified as problematic, has been found in NixOS nixpkgs up to 26.4. This affects an unknown function in the library /var/lib/tandoor-recipes of the component NixOS Module. Performing a manipulation results in file and directory information exposure. This vulnerability is identified as CVE-2026-23838. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

vuldb.com

CVE-2026-1173 | birkir prime up to 0.4.0.beta.0 GraphQL Array Based Query Batch /graphql denial of service (Issue 544 / EUVD-2026-3200)

Vuldb Updates

3 months ago

A vulnerability described as problematic has been identified in birkir prime up to 0.4.0.beta.0. The impacted element is an unknown function of the file /graphql of the component GraphQL Array Based Query Batch Handler. The manipulation results in denial of service. This vulnerability is identified as CVE-2026-1173. The attack can be executed remotely. Additionally, an exploit exists. The project was informed of the problem early through an issue report but has not responded yet.

vuldb.com

CVE-2026-1174 | birkir prime up to 0.4.0.beta.0 GraphQL Alias /graphql resource consumption (Issue 545 / EUVD-2026-3196)

Vuldb Updates

3 months ago

A vulnerability classified as problematic has been found in birkir prime up to 0.4.0.beta.0. This affects an unknown function of the file /graphql of the component GraphQL Alias Handler. This manipulation causes resource consumption. This vulnerability is tracked as CVE-2026-1174. The attack is possible to be carried out remotely. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.

vuldb.com

CVE-2026-1175 | birkir prime up to 0.4.0.beta.0 GraphQL Directive /graphql information exposure (Issue 546 / EUVD-2026-3194)

Vuldb Updates

3 months ago

A vulnerability classified as problematic was found in birkir prime up to 0.4.0.beta.0. This impacts an unknown function of the file /graphql of the component GraphQL Directive Handler. Such manipulation leads to information exposure through error message. This vulnerability is listed as CVE-2026-1175. The attack may be performed from remote. In addition, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.

vuldb.com

What capabilities does AI add to cloud-native security

Security Boulevard

3 months ago

Are You Maximizing the Potential of AI in Cloud-Native Security? The intersection of artificial intelligence (AI) and cloud-native security is transforming how organizations safeguard their digital. With AI capabilities advancing rapidly, security is witnessing unprecedented changes that promise more robust protection mechanisms. But are businesses leveraging AI to its fullest potential in their cloud environments? […]

The post What capabilities does AI add to cloud-native security appeared first on Entro.

The post What capabilities does AI add to cloud-native security appeared first on Security Boulevard.

Alison Mack

Aggregator

Managed ad