Lucene search
K

10463 matches found

OSV
OSV
added 2026/02/25 2:16 p.m.5 views

CVE-2026-3185

A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploi...

5.3CVSS5.6AI score
Exploits0References7
OSV
OSV
added 2026/02/25 2:16 p.m.5 views

CVE-2026-3186

A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...

4.3CVSS6.3AI score
Exploits0References7
CVE
CVE
added 2026/02/25 1:32 p.m.10 views

CVE-2026-3186

The CVE affects feiyuchuixue sz-boot-parent up to 1.3.2-beta, specifically the Password Reset Handler at /api/admin/sys-user/reset/password/. A flaw in handling the userId argument allows use of the default password, with remote exploit possible. Public exploit details exist; mitigation is upgrad...

6.5CVSS5.1AI score0.00222EPSS
Exploits1References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/25 1:32 p.m.2 views

CVE-2026-3186

A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...

6.5CVSS6.2AI score0.00222EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/02/25 1:32 p.m.7 views

CVE-2026-3186 feiyuchuixue sz-boot-parent Password Reset password default password

A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...

6.5CVSS5.1AI score0.00222EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/02/25 1:32 p.m.31 views

CVE-2026-3186 feiyuchuixue sz-boot-parent Password Reset password default password

A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...

6.5CVSS0.00222EPSS
Exploits1References7
CVE
CVE
added 2026/02/25 1:32 p.m.15 views

CVE-2026-3185

Technical details are not publicly available in the provided connected documents. Monitor for updates on CVE-2026-3185 for new information, including affected versions, affected components, impact, and remediation.

6.9CVSS5.1AI score0.0044EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.9 views

PT-2026-21908

A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...

6.5CVSS5.1AI score0.00222EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.4 views

PT-2026-21937

Name of the Vulnerable Software and Affected Versions feiyuchuixue sz-boot-parent versions through 1.3.2-beta Description A security issue exists in feiyuchuixue sz-boot-parent. The issue affects an unknown part of the file /api/admin/common/download/templates within the API component. Manipulati...

5.3CVSS5.8AI score0.00325EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.7 views

PT-2026-21912

A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this issue is some unknown functionality of the file /api/admin/sys-file/upload of the component API Endpoint. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The explo...

6.5CVSS5AI score0.00307EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.9 views

PT-2026-21907

A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploi...

6.9CVSS5.1AI score0.0044EPSS
Exploits1References8
Oracle linux
Oracle linux
added 2026/02/25 12:0 a.m.10 views

kernel security update

6.12.0-124.39.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

7.8CVSS6.2AI score0.00183EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.5 views

PT-2026-21741

Name of the Vulnerable Software and Affected Versions CPSD CryptoPro Secure Disk affected versions not specified Description The CPSD CryptoPro Secure Disk application utilizes a small Linux operating system for user authentication prior to BitLocker decryption of the Windows partition. The Linux...

6.8CVSS5.8AI score0.00254EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2026/02/24 12:0 a.m.5 views

Ubuntu: Security Advisory (USN-8056-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS5.4AI score0.00598EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2026/02/24 12:0 a.m.32 views

February 24, 2026—KB5077241 (OS Builds 26200.7922 and 26100.7922) Preview

February 24, 2026—KB5077241 OS Builds 26200.7922 and 26100.7922 Preview ​​​​​This non-security update for Windows 11, version 25H2 and 24H2 KB5077241, improves functionality, performance, and reliability. To learn more about differences between security updates, optional non-security preview...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/23 9:31 a.m.6 views

org.apache.camel.karaf:camel-leveldb (>=4.10.3 <=4.10.7), org.apache.camel.karaf:camel-leveldb-test (>=4.10.3 <=4.10.7) +4 more potentially affected by CVE-2026-25747 via org.apache.camel:camel-leveldb (>=3.0.0 <=4.10.8)

org.apache.camel:camel-leveldb MAVEN version =3.0.0, =4.10.3, =4.10.3, =1.2.0, =1.2.0, =1.2.0, =3.0.0, =4.10.8 Source cves: CVE-2026-25747 Source advisory: OSV:GHSA-429Q-MRC4-38FR...

8.8CVSS5.8AI score0.00903EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/02/23 9:31 a.m.10 views

org.apache.camel.karaf:camel-leveldb (>=4.10.3 <=4.10.7), org.apache.camel.karaf:camel-leveldb-test (>=4.10.3 <=4.10.7) +4 more potentially affected by CVE-2026-25747 via org.apache.camel:camel-leveldb (>=3.0.0 <=4.10.8)

org.apache.camel:camel-leveldb MAVEN version =3.0.0, =4.10.3, =4.10.3, =1.2.0, =1.2.0, =1.2.0, =3.0.0, =4.10.8 Source cves: CVE-2026-25747 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-15353482...

8.8CVSS5.8AI score0.00903EPSS
Exploits2
CNNVD
CNNVD
added 2026/02/22 12:0 a.m.10 views

forest 代码注入漏洞

Forest is a modern knowledge community backend project developed by RYMCU. It is implemented using SpringBoot, Shiro, MyBatis, JWT, and Redis. Versions of Forest 0.0.5 and earlier have a code injection vulnerability. This vulnerability stems from incorrect operations in the updateUserInfo functio...

5.4CVSS5.7AI score0.00276EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/21 5:36 a.m.6 views

CVE-2026-27211

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS5.6AI score0.005EPSS
Exploits1References8Affected Software1
Fedora
Fedora
added 2026/02/20 1:17 a.m.6 views

[SECURITY] Fedora 42 Update: microcode_ctl-2.1-70.1.fc42

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

5.9AI score
Exploits0
Rows per page
Query Builder