Lucene search
K

884 matches found

EUVD
EUVD
added 2026/04/28 6:42 a.m.5 views

EUVD-2026-26002

In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...

5.9CVSS5.3AI score0.00233EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2026/04/27 12:0 a.m.8 views

VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration

In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId . Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input ...

5.9CVSS5.8AI score0.00233EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 3:15 p.m.4 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial...

8.7CVSS5.8AI score0.00663EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/16 3:10 p.m.7 views

Critical: Red Hat Security Advisory: General availability of the satellite/iop-advisor-frontend-rhel9 container image

A new satellite/iop-advisor-frontend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services...

9CVSS6.9AI score0.02591EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2026/03/31 4:56 p.m.7 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-advisor-backend-rhel9 container image

A new satellite/iop-advisor-backend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services,...

8.5CVSS7.2AI score0.09436EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2026/03/31 4:45 p.m.9 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-advisor-frontend-rhel9 container image

A new satellite/iop-advisor-frontend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services...

8.9CVSS6.8AI score0.02667EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/27 9:18 a.m.10 views

Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer

Overview Vulnerability exists in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...

8.2CVSS5.9AI score0.00174EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.4 views

CVE-2026-2072

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Analytics probe component, Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00...

8.2CVSS5.8AI score0.00174EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 3:31 a.m.5 views

EUVD-2026-15186

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Analytics probe component, Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00...

8.2CVSS5.8AI score0.00174EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 3:16 a.m.5 views

CVE-2026-2072

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Analytics probe component, Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00...

8.2CVSS0.00174EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 2:15 a.m.3 views

CVE-2026-2072

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Analytics probe component, Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00...

8.2CVSS5.8AI score0.00174EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/25 2:15 a.m.21 views

CVE-2026-2072 Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Analytics probe component, Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00...

8.2CVSS0.00174EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 2:15 a.m.12 views

CVE-2026-2072

CVE-2026-2072 is a Cross-Site Scripting vulnerability affecting Hitachi Infrastructure Analytics Advisor (Analytics probe component) and Hitachi Ops Center Analyzer. Affected versions are 10.0.0-00 ≤ before 11.0.5-00. The CVSSv3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L with base s...

8.2CVSS5.8AI score0.00174EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 2:15 a.m.3 views

CVE-2026-2072 Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor Analytics probe component, Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00...

8.2CVSS5.8AI score0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.7 views

PT-2026-27638

Name of the Vulnerable Software and Affected Versions Hitachi Infrastructure Analytics Advisor versions prior to 11.0.5-00 Hitachi Ops Center Analyzer versions prior to 11.0.5-00 Description A Cross-Site Scripting issue exists in the Analytics probe component of Hitachi Infrastructure Analytics...

8.2CVSS7.5AI score0.00174EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

Hitachi Ops Center Analyzer和Hitachi Infrastructure Analytics Advisor 安全漏洞

Hitachi Ops Center Analyzer and Hitachi Infrastructure Analytics Advisor are both products of Hitachi, Ltd., a Japanese company. Hitachi Ops Center Analyzer is a data center management software that allows for monitoring, reporting, and correlation of end-to-end performance from servers to storag...

8.2CVSS7.1AI score0.00174EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/02/17 11:46 a.m.8 views

Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center

Overview Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945 Impact Regarding the impact of th...

7.5CVSS5.6AI score0.00864EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/24 3:17 p.m.6 views

CVE-2025-46699

Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...

6.5CVSS5.5AI score0.00293EPSS
Exploits0References1
OSV
OSV
added 2026/01/23 10:15 a.m.10 views

CVE-2025-46699

Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...

6.5CVSS5.8AI score0.00293EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 9:53 a.m.2 views

CVE-2025-46699

Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...

6.5CVSS5.5AI score0.00293EPSS
Exploits0References2
Rows per page
Query Builder