Lucene search
K

161494 matches found

Redos
Redos
•added 2026/05/29 12:0 a.m.•11 views

ROS-20260529-73-0009

The vulnerability in Portainer-Ce is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.5CVSS5.8AI score0.00257EPSS
Exploits1
Tenable Nessus
Tenable Nessus
•added 2026/05/29 12:0 a.m.•11 views

openSUSE 16 Security Update : cups (openSUSE-SU-2026:20812-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20812-1 advisory. This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. -...

7.8CVSS6.3AI score0.00502EPSS
Exploits8References24
Tenable Nessus
Tenable Nessus
•added 2026/05/29 12:0 a.m.•16 views

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2026:2076-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2076-1 advisory. This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on...

9.8CVSS5.8AI score0.12797EPSS
Exploits7References22
Tenable Nessus
Tenable Nessus
•added 2026/05/29 12:0 a.m.•9 views

Devolutions Server < 2025.3.22 / 2026.1.x < 2026.1.19 Multiple Vulnerabilities (DEVO-2026-0013)

The version of Devolutions Server installed on the remote host is prior to 2025.3.22 or 2026.1.x prior to 2026.1.19. It is, therefore, affected by multiple vulnerabilities, including: - Improper authorization in the Active Directory browsing feature allows a low-privileged authenticated user to...

7.1CVSS5.8AI score0.00178EPSS
Exploits0References11
Packet Storm
Packet Storm
•added 2026/05/29 12:0 a.m.•65 views

šŸ“„ WordPress Quick Playground 1.3.1 Shell Upload

Quick Playground for WordPress plugin versions 1.3.1 and below suffers from a remote shell upload vulnerability. Exploit Title: Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2026-05-22 Exploit Author: cardosource Vendor Homepage:...

9.8CVSS5.8AI score0.03092EPSS
Exploits3
Exploit DB
Exploit DB
•added 2026/05/29 12:0 a.m.•63 views

strongSwan 5.9.13 - DoS

Exploit Title: strongSwan 5.9.13 - DoS Date: 2026-05-13 Exploit Author: Lukas Johannes Moeller Vendor Homepage: https://www.strongswan.org/ Software Link: https://download.strongswan.org/strongswan-5.9.13.tar.bz2 Version: strongSwan next never advances and the per-attribute length computation...

5.8AI score
Exploits3
Exploit DB
Exploit DB
•added 2026/05/29 12:0 a.m.•76 views

Langflow 1.3.0 - Remote Code Execution

Exploit Title: Langflow 1.3.0 - Remote Code Execution Fofa-dork: title="Langflow" Shodan-dork: title:"Langflow" Date: 23-05-2026 Exploit Author: Diamorphine Venodor Homepage: https://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: 1.2.0 Tested on: Debian CVE :...

9.8CVSS7.3AI score0.10371EPSS
Exploits8
Exploit DB
Exploit DB
•added 2026/05/29 12:0 a.m.•59 views

strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow

Exploit Title: strongSwan 5.9.13 - heap buffer overflow Date: 2026-05-13 Exploit Author: Lukas Johannes Moeller Vendor Homepage: https://www.strongswan.org/ Software Link: https://download.strongswan.org/strongswan-5.9.13.tar.bz2 Version: strongSwan length 4 - 4 without guarding against hdr-lengt...

5.8AI score
Exploits3
Tenable Nessus
Tenable Nessus
•added 2026/05/29 12:0 a.m.•17 views

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-23 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-47 or 7.x prior to 7.1.2-22. It is, therefore, affected by multiple vulnerabilities: — An attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race...

5.7CVSS6AI score0.00109EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2026/05/29 12:0 a.m.•17 views

PT-2026-44843

Name of the Vulnerable Software and Affected Versions FreePBX versions prior to 16.0.50 FreePBX versions prior to 17.0.11 Description The CDR Reports module page allows SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution. This issue occurs throug...

8.5CVSS5.9AI score0.00289EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
•added 2026/05/29 12:0 a.m.•125 views

VulnCheck KEV: CVE-2026-0257

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OSĀ® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues...

9.1CVSS5.8AI score0.86678EPSS
In wildExploits9References10
Tenable Nessus
Tenable Nessus
•added 2026/05/29 12:0 a.m.•10 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 22.04 LTS / 24.04 LTS : tgt vulnerability (USN-8325-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8325-1 advisory. It was discovered that tgt incorrectly tried to achieve entropy by calling rand without srand. An attacker could...

5.9CVSS5.9AI score0.00547EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/05/29 12:0 a.m.•8 views

Devolutions Server 2026.1.x < 2026.1.19 Multiple Vulnerabilities (DEVO-2026-0013)

The version of Devolutions Server installed on the remote host is 2026.1.x prior to 2026.1.19. It is, therefore, affected by multiple vulnerabilities: - Improper handling of factor key state in the multi-factor authentication management feature allows an attacker with knowledge of a user's passwo...

7.6CVSS5.8AI score0.00215EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalog
•added 2026/05/29 12:0 a.m.•17 views

Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection...

9.1CVSS5.8AI score0.86678EPSS
In wildExploits9
Tenable Nessus
Tenable Nessus
•added 2026/05/29 12:0 a.m.•55 views

AlmaLinux 9 : httpd (ALSA-2026:21391)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21391 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due ...

9.8CVSS6.3AI score0.01325EPSS
Exploits0References7
Exploit DB
Exploit DB
•added 2026/05/29 12:0 a.m.•79 views

ZTE ZXHN H188A V6 - Authentication Bypass

Exploit Title: ZTE ZXHN H188A V6 - Authentication Bypass Date: 2026-05-20 Exploit Author: Mina Nageh Salalma Monx Research Vendor Homepage: https://www.zte.com.cn Software Link: https://github.com/minanagehsalalma/cve-2026-34472-auth-bypass-zte-h188a-router Version: ZXHN H188A V6.0.10P2TE,...

7.1CVSS5.8AI score0.08943EPSS
Exploits3
Cvelist
Cvelist
•added 2026/05/28 10:50 p.m.•34 views

CVE-2026-6816 TFA Basic Plugins - Access Bypass

An access bypass vulnerability in Drupal TFA Basic Plugins allows users with the administer users permission to view or generate recovery codes for other users. This issue affects TFA Basic Plugins: from 7.x-1.0 through 7.x-1.2...

5.1CVSS0.00321EPSS
Exploits1References2
Vulnrichment
Vulnrichment
•added 2026/05/28 10:48 p.m.•7 views

CVE-2026-5343 SAML SSO - Service Provider - Critical - Authentication bypass - SA-CONTRIB-2026-031

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service Provider allows Privilege Escalation. This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.4...

5.8AI score0.00257EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/28 10:48 p.m.•35 views

CVE-2026-5343 SAML SSO - Service Provider - Critical - Authentication bypass - SA-CONTRIB-2026-031

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service Provider allows Privilege Escalation. This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.4...

0.00257EPSS
Exploits0References1
NVD
NVD
•added 2026/05/28 10:17 p.m.•13 views

CVE-2026-45364

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

7.3CVSS0.00295EPSS
Exploits0References5
Rows per page
Query Builder