Lucene search
K

3946 matches found

Cvelist
Cvelist
added 2026/05/12 4:34 p.m.38 views

CVE-2026-20772

Uncontrolled search path for some IntelR Connectivity Performance Suite software installers before version 50.25.1121.193 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may...

5.4CVSS0.00089EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:34 p.m.9 views

CVE-2026-20772

Uncontrolled search path for some IntelR Connectivity Performance Suite software installers before version 50.25.1121.193 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may...

5.4CVSS5.7AI score0.00089EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 7:43 a.m.8 views

MAL-2026-3690 Malicious code in dlty (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 494f5fbab24a26771e84ce06eea5303b7d1b9135b505a6d93a01c417603f1902 Importing the dlty package triggers an active data-exfiltration channel from the installer to third-party-controlled infrastructure. dlty/init.py...

5.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/12 2:27 a.m.12 views

CVE-2026-27760

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the define string...

9.2CVSS6.2AI score0.22189EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Intel Connectivity Performance Suite 代码问题漏洞

Intel Connectivity Performance Suite is a software developed by Intel Corporation in the United States. It can automatically optimize a computer’s network connections, enhancing Wi-Fi performance and application response times. Versions of Intel Connectivity Performance Suite prior to...

5.4CVSS5.9AI score0.00089EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.9 views

PT-2026-40461

Name of the Vulnerable Software and Affected Versions Claris FileMaker Cloud versions prior to 2.22.0.5 Description A Remote Code Execution issue allows a user with Admin Console privileges to inject arbitrary operating system commands. This occurs due to unsanitized input within the External ODB...

7.2CVSS6AI score0.00457EPSS
Exploits0References4
Intel
Intel
added 2026/05/12 12:0 a.m.11 views

Intel® Connectivity Performance Suite Software Installer Advisory

Summary: A potential security vulnerability in some Intel® Connectivity Performance Suite software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2026-20772 Description: Uncontrolled...

5.4CVSS5.7AI score0.00089EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40090

Uncontrolled search path for some IntelR Connectivity Performance Suite software installers before version 50.25.1121.193 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may...

5.4CVSS5.7AI score0.00089EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.12 views

Secure (Multiple) Key-Cast over Networks: Multiple Eavesdropping Nodes

We study the secure multiple key-cast problem over noiseless networks under node-based eavesdroppers, where one or more source nodes participate in the generation of distinct secret keys to be shared among designated terminal subsets, while an eavesdropper observing up to $\ell$ nodes, including...

5.8AI score
Exploits0
Hewlett-Packard
Hewlett-Packard
added 2026/05/12 12:0 a.m.18 views

Intel Connectivity Performance Suite May 2026 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Connectivity Performance Suite software installers, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the...

5.4CVSS5.8AI score0.00089EPSS
Exploits0Affected Software63
NVD
NVD
added 2026/05/11 6:16 p.m.8 views

CVE-2026-3048

An authenticated administrator who configures or tests LDAP connectivity in Sonatype Nexus Repository Manager versions 3.0.0 through 3.91.1 may be able to initiate unintended server-side connections when interacting with a malicious LDAP server...

5.1CVSS0.00257EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/07 8:21 p.m.8 views

CVE-2026-43584

OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environment policy that allows operator-supplied overrides of high-risk interpreter startup variables including VIMINIT, EXINIT, LUAINIT, and HOSTALIASES. Attackers can exploit this by...

8.8CVSS5.9AI score0.00392EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/06 9:31 p.m.9 views

Duplicate Advisory: OpenClaw: Exec environment denylist missed high-risk interpreter startup variables

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vfp4-8x56-j7c5. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environmen...

8.8CVSS5.8AI score0.00392EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/06 7:49 p.m.50 views

CVE-2026-43584 OpenClaw < 2026.4.10 - Insufficient Environment Variable Denylist in Exec Policy

OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environment policy that allows operator-supplied overrides of high-risk interpreter startup variables including VIMINIT, EXINIT, LUAINIT, and HOSTALIASES. Attackers can exploit this by...

8.8CVSS0.00392EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/06 12:30 p.m.6 views

EUVD-2026-27789

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

5.8AI score0.00523EPSS
Exploits0References9
EUVD
EUVD
added 2026/04/28 1:43 p.m.5 views

EUVD-2026-26052

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the define string...

9.2CVSS6AI score0.22189EPSS
Exploits0References6
CVE
CVE
added 2026/04/28 1:43 p.m.22 views

CVE-2026-27760

OpenCATS before commit 3002a29 contains a PHP code injection in the installer AJAX endpoint (databaseConnectivity action) that allows unauthenticated attackers to inject PHP code and execute it. The exploit relies on breaking out of the define() context in config.php (via a single quote and state...

9.2CVSS5.9AI score0.22189EPSS
In wildExploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/28 1:43 p.m.5 views

CVE-2026-27760

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the define string...

9.2CVSS5.9AI score0.22189EPSS
Exploits0References7
Fedora
Fedora
added 2026/04/25 1:55 a.m.7 views

[SECURITY] Fedora 44 Update: qt6-qtconnectivity-6.10.3-1.fc44

Qt6 - Connectivity components...

5.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/14 3:55 p.m.4 views

Important: Red Hat Security Advisory: Submariner v0.22 security fixes and container updates

Submariner v0.22 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

10CVSS6.8AI score0.02667EPSS
Exploits6References12
Rows per page
Query Builder