Posts of last 24 hours
欧盟委员会总部“分楼层开空调”引发争议在热浪席卷欧洲之际,位于比利时布鲁塞尔的欧盟委员会总部却因“只为欧盟委员会主席冯德莱恩等高层提供凉爽的办公环境”引发争议。欧盟委员会总部贝雷蒙大楼共13层,冯德莱
https://buaq.net/go-425761.html
A vulnerability identified as problematic has been detected in Knowage up to 6.x/7.4.21/8.0.8. The affected element is the function XSSRequestWrapper::stripXSS. The manipulation leads to improper neutralization of alternate xss syntax.
This vulnerability is documented as CVE-2022-39295. The attack can be initiated remotely. There is not any exploit available.
You should upgrade the affected component.
https://vuldb.com/vuln/210822
A vulnerability described as problematic has been identified in Ree6 up to 1.9.8. This impacts an unknown function of the component Log Handler. Such manipulation leads to incorrect authorization.
This vulnerability is traded as CVE-2022-39302. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/210825
A vulnerability has been found in sra-admin 1.1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Profile Picture Handler. Performing a manipulation results in basic cross site scripting.
This vulnerability was named CVE-2022-39301. The attack may be initiated remotely. There is no available exploit.
The affected component should be upgraded.
https://vuldb.com/vuln/211894
A vulnerability was found in ZoneMinder. It has been rated as critical. The affected element is an unknown function of the file /zm/index.php of the component HTTP POST Request Handler. Performing a manipulation results in injection.
This vulnerability is known as CVE-2022-39291. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
To fix this issue, it is recommended to deploy a patch.
https://vuldb.com/vuln/210316
A vulnerability was found in Azure RTOS USBX 6.1.12 and classified as critical. Affected by this issue is the function _ux_host_class_pima_read of the file ux_host_class_pima_read.c. The manipulation results in buffer overflow.
This vulnerability is identified as CVE-2022-39293. The attack can be executed remotely. There is not any exploit available.
It is suggested to upgrade the affected component.
https://vuldb.com/vuln/210817
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.93/6.18.35/7.0.12. This impacts the function fqdir_pre_exit of the component inet. The manipulation of the argument fragments_tail leads to use after free.
This vulnerability is referenced as CVE-2026-53175. The attack needs to be initiated within the local network. No exploit is available.
It is advisable to upgrade the affected component.
https://vuldb.com/vuln/373746
Currently trending CVE - Hype Score: 3 - Gogs is an open source self-hosted Git service. Prior to 0.14.3, organization names containing path traversal sequences (../) are accepted by Gogs, and repositories under them are written to paths following these path traversals. This allows storing/retrieving data for ...
https://cvemon.intruder.io/cves/CVE-2026-52813
Currently trending CVE - Hype Score: 7 - alexusmai laravel-file-manager 3.3.1 and before allows an authenticated attacker to achieve Remote Code Execution (RCE) through a crafted file upload. A file with a '.png` extension containing PHP code can be uploaded via the file manager interface. Although the upload appears ...
https://cvemon.intruder.io/cves/CVE-2025-56399
Currently trending CVE - Hype Score: 2 - In the Linux kernel, the following vulnerability has been resolved:
net: skbuff: propagate shared-frag marker through frag-transfer helpers
Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail
to propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()->flags ...
https://cvemon.intruder.io/cves/CVE-2026-43503