Lucene search
K

13 matches found

OSV
OSV
added 3 days ago8 views

ROOT-OS-DEBIAN-11-CVE-2025-40194 CVE-2025-40194 in rootio-linux - Patched by Root

Root has patched CVE-2025-40194 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.4AI score0.00175EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/02/25 12:0 a.m.9 views

buildah security update

1.41.8-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.41.8-2 - Rebuild with golang 1.25.7 to fix CVE-2025-68121 - Resolves: RHEL-149617...

10CVSS5.5AI score0.01945EPSS
Exploits3
Vulnrichment
Vulnrichment
added 2026/01/07 6:14 p.m.6 views

CVE-2026-21854 Tarkov Data Manager Authentication Bypass vulnerability

The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, an authentication bypass vulnerability in the login endpoint allows any unauthenticated user to gain full admin access to the Tarkov Data Manager admin panel by exploiting a JavaScript prototype property...

9.8CVSS7AI score0.00399EPSS
Exploits0References2
CVE
CVE
added 2026/01/03 12:21 a.m.23 views

CVE-2025-64125

Observation: CVE-2025-64125 affects Nuvation Energy nCloud VPN Service and enables Network Boundary Bridging. The issue is confirmed in multiple feeds (NVD/Red Hat) and is fixed as of 2025-12-01; end users did not need to take mitigation action. The available metrics indicate a high-severity impa...

9.4CVSS6.1AI score0.0036EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 10:15 p.m.7 views

CVE-2025-13427

An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific AP...

6.9CVSS0.0034EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 9:57 p.m.19 views

CVE-2025-13427

CVE-2025-13427 concerns an authentication bypass in Google Cloud Dialogflow CX Messenger. The vulnerability allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents’ knowledge and the ability to trigger their intents by manipulating initialization parame...

6.9CVSS6.7AI score0.0034EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 8:2 a.m.11 views

CVE-2025-12952

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS7.1AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/10 7:11 a.m.28 views

CVE-2025-12952 Privilege Escalation in Dialogflow CX via Webhook Admin Role

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS0.00295EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.5 views

PT-2025-50307

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS7.2AI score0.00295EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/11/03 12:38 p.m.161 views

Exploit for Missing Authentication for Critical Function in Oracle Marketing

🧠 CVE-2025-53072 – Oracle Marketing Critical Remote Exploit...

9.8CVSS7.7AI score0.00652EPSS
Exploits3
CVE
CVE
added 2025/09/09 3:12 p.m.34 views

CVE-2025-8712

Ivanti reports a missing authorization flaw (CVE-2025-8712) affecting Ivanti Connect Secure before 22.7R2.9/22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723, and Ivanti Neurons for Secure Access before 22.8R1.4. The issue allows a remote authenticated attacker ...

5.4CVSS6.3AI score0.00412EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2025/05/05 12:0 a.m.8 views

openSUSE Security Advisory (SUSE-SU-2025:1430-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.6AI score0.00527EPSS
Exploits0References4
OSV
OSV
added 2025/01/16 5:15 p.m.2 views

UBUNTU-CVE-2025-0518

Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/afpan.C . This issue affects FFmpeg: 7.1. Issue was fixed:...

5.3CVSS6.5AI score0.00372EPSS
Exploits0References4
Rows per page
Query Builder