Lucene search
K

11407 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-40164)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-40164 advisory. - jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, j...

7.5CVSS5.4AI score0.00366EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/23 6:0 a.m.30 views

CVE-2026-4512 WP reCaptcha by WebDesignBy < 2.0 – Admin+ Stored XSS

The reCaptcha by WebDesignBy WordPress plugin before 2.0 does not sanitize or escape the Site Key setting before outputting it in a JavaScript string context via the grecaptchajs function. This allows administrators on multisite installations who do not have the unfilteredhtml capability to injec...

0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

@node-oauth/oauth2-server 安全漏洞

@node-oauth/oauth2-server is an open-source Node.js OAuth2 server implementation that adheres to RFC standards. @node-oauth/oauth2-server has a security vulnerability; this vulnerability stems from the token exchange path accepting an invalid codeverifier value according to RFC7636, which may lea...

5.9CVSS5.8AI score0.00259EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/17 6:31 a.m.7 views

Allocation of Resources Without Limits or Throttling

Overview github.com/hashicorp/vault/vault is a tool for securely accessing secrets. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the HandlerFunc and ReKey related operations in http/handler.go and vault/core.go. An attacker can start...

8.7CVSS5.7AI score0.00718EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

Cloud Foundry cf-deployment和Cloud Foundry UUA 安全漏洞

Cloud Foundry cf-deployment and Cloud Foundry UUA are both products of the American Cloud Foundry Foundation. Cloud Foundry cf-deployment is a Cloud Foundry deployment tool. Cloud Foundry UUA is an identity authentication and authorization management service. There are security vulnerabilities in...

8.6CVSS5.9AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.7 views

CVE-2025-66447

Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...

4.7CVSS5.8AI score0.00165EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.6 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-34743)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-34743 advisory. - XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to...

6.3CVSS6AI score0.00351EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/10 5:22 p.m.5 views

CVE-2025-66447 Chamilo LMS has validation-less redirect on login page

Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...

5.8AI score0.00165EPSS
Exploits0References2
CVE
CVE
added 2026/04/10 5:22 p.m.23 views

CVE-2025-66447

CVE-2025-66447 affects Chamilo LMS versions 1.11.0 through 2.0-beta.1, where an attacker can trigger a malicious redirect on the login page via the redirect parameter. The issue is addressed in 2.0-beta.2. Public sources (NVD/Red Hat/others) describe a login-page redirect vulnerability with a fix...

4.7CVSS5.8AI score0.00165EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/10 5:22 p.m.29 views

CVE-2025-66447 Chamilo LMS has validation-less redirect on login page

Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...

0.00165EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.8 views

PT-2026-31998

Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...

5.8AI score0.00165EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.12 views

Chamilo LMS 输入验证错误漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS from 1.11.0 to 2.0-beta.1 contain a vulnerability related to input validation errors. Th...

4.7CVSS5.8AI score0.00165EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2026/04/09 11:35 p.m.18 views

K000160700: Log4J vulnerability CVE-2025-68161

Security Advisory Description The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https:// logging.apache . org/log4j/2.x/manual/appenders/network...

6.3CVSS6.5AI score0.00743EPSS
Exploits1
Cloud Foundry
Cloud Foundry
added 2026/04/06 12:0 a.m.10 views

CVE-2026-22734 - UAA SAML 2.0 Signature Bypass | Cloud Foundry

Severity 8.8 / High CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N 8.6 / HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Vendor CloudFoundry Foundation Description Cloud Foundry UAA versions v77.21.0 through v78.8.0 are vulnerable to a bypass that allows an attacker to obtain a...

8.6CVSS5.3AI score0.00364EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/02 9:55 p.m.3 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by server-side request forgery (CVE-2026-1561)

Summary IBM WebSphere Application Server Liberty is affected by server-side request forgery with the samlWeb-2.0 feature enabled. Vulnerability Details CVEID:CVE-2026-1561 DESCRIPTION: IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remot...

5.4CVSS5.9AI score0.00284EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 8:53 p.m.6 views

Security Bulletin:IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-14917)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security when administering security settings with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0 or...

9.8CVSS5.9AI score0.00355EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 8:50 p.m.4 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a server-side request forgery vulnerability (CVE-2026-1561)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a server-side request forgery vulnerability with the samlWeb-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes secti...

5.4CVSS5.9AI score0.00284EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2026/04/01 12:23 a.m.8 views

@tinacms/app (>=0.0.0-0a1049d-20260309051347 <=2.4.0), @tinacms/cli (>=0.0.0-0a1049d-20260309051347 <=2.2.0) +4 more potentially affected by CVE-2026-34603 via @tinacms/graphql (>=2.0.0 <=2.2.1)

@tinacms/graphql NPM version =2.0.0, =0.0.0-0a1049d-20260309051347, =0.0.0-0a1049d-20260309051347, =2.0.0, =0.0.0-0b7103c-20251216023146, =0.0.0-0a1049d-20260309051347, =0.0.0-0a1049d-20260309051347, =3.7.0 Source cves: CVE-2026-34603 Source advisory: SNYK:JS-TINACMSGRAPHQL-15870346...

8.3CVSS5.8AI score0.00408EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.3 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-33343)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-33343 advisory. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions...

6.5CVSS6AI score0.0021EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.9 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-33413)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-33413 advisory. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions...

8.8CVSS6AI score0.00249EPSS
Exploits0References1
Rows per page
Query Builder