Lucene search
+L

3494 matches found

Packet Storm News
Packet Storm News
added 2026/12/29 12:0 a.m.364 views

GNUnet P2P Framework 0.26.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

6.8AI score
Exploits0
Nuclei
Nuclei
added yesterday29 views

Quest KACE System Management Appliance 8.0.318 - Remote Code Execution

The '/common/downloadagentinstaller.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system. id: CVE-2018-11138 info: name: Quest KACE System Management Appliance 8.0.318 - Remote Code Executi...

10CVSS7.2AI score0.91931EPSS
Exploits7References4
Nuclei
Nuclei
added yesterday1429 views

Microsoft FrontPage Extensions - Information Disclosure

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...

5CVSS6.1AI score0.47595EPSS
Exploits1References3
NVD
NVD
added 2 days ago6 views

CVE-2026-61836

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, when response caching is enabled, the cache-key derivation in api/src/utils/get-cache-key.ts includes version, path, query, and accountability.user but omits authorization context such as share, role...

8.6CVSS0.00277EPSS
Exploits0References4
OSV
OSV
added 2 days ago4 views

CVE-2026-61836 Directus: Authorization-dependent response served from unsegmented cache key

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, when response caching is enabled, the cache-key derivation in api/src/utils/get-cache-key.ts includes version, path, query, and accountability.user but omits authorization context such as share, role...

8.6CVSS6.1AI score0.00277EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44673

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, when response caching is enabled, the cache-key derivation in api/src/utils/get-cache-key.ts includes version, path, query, and accountability.user but omits authorization context such as share, role...

8.6CVSS6.1AI score0.00277EPSS
Exploits0References4
CVE
CVE
added 2 days ago8 views

CVE-2026-61836

CVE-2026-61836 affects Directus: prior to 12.0.0, the cache-key derivation in api/src/utils/get-cache-key.ts used version, path, query, and accountability.user but omitted authorization context (share, role, roles, admin, app, policies). This allows Directus share tokens and anonymous requests to...

8.6CVSS6.1AI score0.00277EPSS
Exploits0References4
OSV
OSV
added 2 days ago4 views

RLSA-2026:39302 Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 For more details about...

6.4CVSS7AI score0.00502EPSS
Exploits1References2
OSV
OSV
added 2 days ago4 views

RLSA-2026:39316 Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 For more details about...

6.4CVSS7AI score0.00502EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 3 days ago5 views

Moderate: Red Hat Security Advisory: cups security update

An update for cups is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.5CVSS7AI score0.00502EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 3 days ago4 views

cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network

A flaw was found in OpenPrinting CUPS. An unauthorized client can exploit this vulnerability by sending a specially crafted print job to a shared PostScript queue without authentication. The server improperly handles the page-border value, allowing an attacker to embed and reparse malicious text ...

7.5CVSS7AI score0.00502EPSS
Exploits1References5
CVE
CVE
added 3 days ago9 views

CVE-2026-14645

CVE-2026-14645 : Nexus Repository 3 is vulnerable to Server-Side Request Forgery (SSRF) via the Webhook: Global capability. The product does not validate the destination URL of the configured Webhook: Global before making an outbound HTTP request, enabling a user with the Capability Administratio...

5.1CVSS6.1AI score0.00397EPSS
Exploits0References2
OSV
OSV
added 3 days ago3 views

ALSA-2026:39316 Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 For more details about...

7.5CVSS6.4AI score0.00502EPSS
Exploits1References4
OSV
OSV
added 3 days ago4 views

ALSA-2026:39302 Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 For more details about...

7.5CVSS7AI score0.00502EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 3 days ago3 views

Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 For more details about...

7.5CVSS7AI score0.00502EPSS
Exploits1References4
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-61504 Rejetto HFS < 3.2.1 Stored XSS via File Names in Basic Web Listing

Rejetto HFS 3.0.0 through 3.2.0 does not escape file names in its fallback "basic" web listing, and this listing can be forced by any browser via the ?get=basic parameter. A user with upload permission - or an anonymous user on servers with an open upload folder - can store a file whose name...

5.4CVSS0.00173EPSS
Exploits0References2
Nuclei
Nuclei
added 4 days ago17 views

Drupal Core - Anonymous SQL Injection via PostgreSQL Entity Query

Drupal core from 8.9.0 before 10.4.10, 10.5.0 before 10.5.10, 10.6.0 before 10.6.9, 11.0.0 before 11.1.10, 11.2.0 before 11.2.12, and 11.3.0 before 11.3.10 contains an SQL injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL...

9.8CVSS7.1AI score0.84631EPSS
Exploits14References2
Tenable Nessus
Tenable Nessus
added 2026/07/10 12:0 a.m.6 views

MiracleLinux 8 : cups-2.2.6-68.el8_10 (AXSA:2026-1240:09)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-1240:09 advisory. cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 Tenable has...

7.5CVSS6.9AI score0.00502EPSS
Exploits1References2
OSV
OSV
added 2026/07/09 9:56 p.m.2 views

CVE-2026-49256 Discourse: Hidden tag names leaked via category serializers

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, restricted tag and tag-group names attached to publicly readable categories as allowedtags, allowedtaggroups, or required tag groups could leak to anonymous and unauthorized users through categor...

6.3CVSS6.1AI score0.00373EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/09 9:56 p.m.7 views

CVE-2026-49256

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, restricted tag and tag-group names attached to publicly readable categories as allowedtags, allowedtaggroups, or required tag groups could leak to anonymous and unauthorized users through categor...

6.3CVSS5.9AI score0.00373EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder