Lucene search
K

1989 matches found

Nuclei
Nuclei
added 2 days ago119 views

Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting

PAN-OS management web interface is vulnerable to reflected cross-site scripting. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute...

8.8CVSS7AI score0.2389EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/07 1:50 p.m.3 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895

Summary IBM Maximo Scheduler Optimizer uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in...

7.5CVSS6AI score0.00486EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/07/02 5:4 p.m.19 views

CVE-2022-50973

Summary: CVE-2022-50973 affects Yonyou KSOA 9.0. The issue is an unauthenticated arbitrary file upload vulnerability in the com.sksoft.bill.ImageUpload servlet. Exploitation requires no authentication and relies on attacker-controlled filepath and filename parameters, with no validation of file t...

9.8CVSS6.2AI score0.0086EPSS
In wildExploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/02 5:4 p.m.11 views

CVE-2022-50973

Yonyou KSOA 9.0 contains an unauthenticated arbitrary file upload vulnerability in the com.sksoft.bill.ImageUpload servlet that allows unauthenticated attackers to upload arbitrary files by submitting a POST request with attacker-controlled filepath and filename parameters without any...

9.8CVSS6.2AI score0.0086EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/07/01 12:34 a.m.5 views

EUVD-2026-40413

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability...

7.4CVSS5.8AI score0.00418EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 7:47 p.m.9 views

CVE-2026-11708

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system...

9.3CVSS5.6AI score0.00217EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/29 8:47 p.m.109 views

CVE-2026-55957

CVE-2026-55957 describes an authentication bypass in Apache Tomcat when JNDIRealm is configured to authenticate binds using GSSAPI, allowing attackers to authenticate without the correct password. Affected releases include Tomcat 11.0.0-M1–11.0.4, 10.1.0-M1–10.1.36, 9.0.0.M1–9.0.100, 8.5.0–8.5.10...

7.3CVSS5.7AI score0.00462EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 3:57 p.m.11 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server Liberty have been published in a security bulletin...

9.8CVSS5.8AI score0.00409EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 2:45 p.m.28 views

Security Bulletin: IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities (CVE-2026-11594, CVE-2026-11707, CVE-2026-11383)

Summary IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities in the administrative console. Vulnerability Details CVEID:CVE-2026-11594 DESCRIPTION: IBM WebSphere Application Server is affected by a cross-site scripting vulnerability in the administrative...

8.5CVSS5.7AI score0.00337EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/16 7:33 a.m.7 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/16 7:33 a.m.6 views

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/10 11:41 a.m.10 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

4.9CVSS7AI score0.00242EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 3:52 p.m.9 views

Security Bulletin: Multiple security vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Apr 2026 affects IBM OpenPages

Summary IBM® SDK, Java™ Technology Edition is shipped as a supporting program of IBM OpenPages. Information about a security vulnerability affecting IBM SDK, Java Technology Edition Quarterly CPU - Apr 2026 has been published in multiple security bulletins. These products have addressed the...

5.5AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/08 3:11 a.m.16 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/08 1:40 a.m.21 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/04 3:20 p.m.8 views

mysql: Information Schema unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with...

2.7CVSS5.8AI score0.00259EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 2:36 p.m.13 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2026-8644)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9.1CVSS5.8AI score0.0033EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 2:35 p.m.11 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2026-9319)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9CVSS6.4AI score0.00458EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 2:34 p.m.12 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9CVSS6.5AI score0.00508EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/01 5:46 p.m.18 views

EUVD-2026-33732

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing...

9.1CVSS5.8AI score0.0033EPSS
Exploits0References1
Rows per page
Query Builder