Lucene search
K

943 matches found

EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-43085

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0....

6.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allo...

7.8CVSS6AI score0.00577EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Palo Alto Networks PAN-OS 11.1.x < 11.1.16 / 11.2.x < 11.2.13 / 12.1.x < 12.1.8 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 11.1.x prior to 11.1.16, 11.2.x prior to 11.2.13, or 12.1.x prior to 12.1.8. It is, therefore, affected by a vulnerability. A file deletion vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacke...

6.9CVSS6.7AI score0.00357EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 3:49 p.m.10 views

EUVD-2025-209934

IBM webMethods Integration on prem -Integration Server 10.15 through IS10.15CoreFix2611.1 to IS11.1CoreFix10 IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to...

5.4CVSS5.8AI score0.00182EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.13 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN- OS software...

9.1CVSS6.1AI score0.86678EPSS
Exploits11References2
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.10 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN- OS software allo...

8.3CVSS5.8AI score0.00317EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.8 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A stored cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated...

6.9CVSS5.7AI score0.0028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.34 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS Software allows an...

9.2CVSS6.3AI score0.00408EPSS
Exploits0References2
OSV
OSV
added 2026/05/10 12:0 a.m.4 views

OPENSUSE-SU-2026:10740-1 busybox-1.37.0-11.1 on GA media

These are all security issues fixed in the busybox-1.37.0-11.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS5.8AI score0.00375EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/21 12:4 p.m.9 views

Security Bulletin: A security vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Standard.

Summary A security vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Standard CVE-2024-29371. IBM WebSphere Liberty has been updated within IBM CICS TX Standard to address this vulnerability. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before...

7.5CVSS5.6AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/21 12:1 p.m.4 views

Security Bulletin: A security vulnerability may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2024-29371).

Summary A security vulnerability may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2024-29371. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address this vulnerability. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In...

7.5CVSS5.6AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/27 6:6 p.m.3 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to JSON-Java

Summary IBM webMethods BPM uses JSON-Java for reading and parsing of JSON data. Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION: Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts...

7.5CVSS5.9AI score0.01449EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/09 2:42 p.m.6 views

Security Bulletin: Due to the use of JetBrains Kotlin, IBM webMethods BPM is vulnerable to the use of Java API for temporary file and folder creation

Summary IBM webMethods BPM uses JetBrains Kotlin which is vulnerable to the use of Java API for temporary file and folder creation. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An...

5.3CVSS5.8AI score0.02572EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/17 1:27 p.m.5 views

CVE-2025-13821

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID:...

5.7CVSS5.5AI score0.00198EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/17 4:38 a.m.8 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to bc-fips

Summary IBM webMethods BPM uses bc-fips which is pulled in by webMethods Integration Server core for FIPS-compliant cryptographic operations. The BPM Process Engine relies on IS infrastructure for security but doesn't directly use Bouncy Castle APIs. Vulnerability Details CVEID:CVE-2025-8885...

6.3CVSS5.5AI score0.00505EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/17 4:35 a.m.6 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to kotlin-stdlib

Summary IBM webMethods BPM uses kotlin-stdlib in all Kotlin-based modules to provide core Kotlin language support and runtime utilities. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation...

5.3CVSS8.4AI score0.02572EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/02/16 12:30 p.m.4 views

EUVD-2026-6102

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to properly validate login method restrictions which allows an authenticated user to bypass SSO-only login requirements via userID-based authentication. Mattermost Advisory ID: MMSA-2025-00548...

5.4CVSS5.5AI score0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/16 9:54 a.m.35 views

CVE-2026-0998 Mattermost Zoom Plugin allows unauthorized meeting creation and post modification via insufficient API access controls

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate user identity and post ownership in the /api/v1/askPMI endpoint which allows unauthorized users to start Zoom meetings as any user and overwrite arbitrary posts via...

4.3CVSS0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/16 12:0 a.m.9 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.1.2 and earlier 11.1.x series as well as 10.11.9 and earlier 10.11.x series have security vulnerabilities. These vulnerabilities stem from improper authentication of...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2026/02/05 2:16 p.m.4 views

CVE-2025-14150

IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...

6.5CVSS0.00323EPSS
Exploits0References1
Rows per page
Query Builder