Lucene search
K

3946 matches found

RedhatCVE
RedhatCVE
added 2026/03/24 9:31 a.m.3 views

CVE-2026-32942

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a heap use-after-free vulnerability in the Interactive Connectivity Establishment ICE session. This occurs due to race conditions between session destruction and callbacks, potentially allowing for...

9.3CVSS6.5AI score0.00319EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 8:25 a.m.5 views

CVE-2026-3550 RockPress <= 1.0.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via AJAX Actions

The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.17. This is due to missing capability checks on multiple AJAX actions rockpressimport, rockpressimportstatus, rockpresslastimport, rockpressresetimport, and rockpresscheckservices...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References16
CVE
CVE
added 2026/03/20 8:25 a.m.10 views

CVE-2026-3550

CVE-2026-3550 – RockPress (WordPress) vulnerability : RockPress

5.3CVSS5.8AI score0.00402EPSS
Exploits0References16
EUVD
EUVD
added 2026/03/20 3:43 a.m.4 views

EUVD-2026-13520

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.7AI score0.00319EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 3:27 a.m.3 views

CVE-2026-32939

DataEase is an open source data visualization analysis tool. Versions 2.10.19 and below have inconsistent Locale handling between the JDBC URL validation logic and the H2 JDBC engine's internal parsing. DataEase uses String.toUpperCase without specifying an explicit Locale, causing its security...

7.7CVSS5.8AI score0.00447EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.5 views

PT-2026-26591

The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.17. This is due to missing capability checks on multiple AJAX actions rockpress import, rockpress import status, rockpress last import, rockpress reset import, and rockpress check...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References18
Vulnrichment
Vulnrichment
added 2026/03/11 4:31 p.m.6 views

CVE-2026-20074 Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System IS-IS multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. This vulnerability is due to insufficient input validation of ingre...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2026/03/06 8:6 p.m.5 views

The Future of Iran’s Internet Is More Uncertain Than Ever

Iran’s internet shutdown has reduced connectivity by 99 percent, with air strikes likely causing additional outages, and few workarounds remaining...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.5 views

Amazon Linux 2 : freerdp, --advisory ALAS2-2026-3166 (ALAS-2026-3166)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3166 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a...

9.8CVSS6AI score0.00756EPSS
Exploits6References14
RedhatCVE
RedhatCVE
added 2026/02/18 1:40 a.m.8 views

CVE-2025-70828

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration...

8.8CVSS6AI score0.00478EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/02/17 12:0 a.m.5 views

CVE-2025-70828

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration...

6.1AI score0.00478EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/17 12:0 a.m.27 views

CVE-2025-70829

An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to access sensitive data via a custom H2 JDBC connection string...

0.00429EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.7 views

datart 安全漏洞

Datart is an open-source data visualization platform developed by running-elephant. Version datart v1.0.0-rc.3 contains a security vulnerability. This vulnerability stems from the unchecked URL parameter in the JDBC configuration, which may allow attackers to execute arbitrary code...

8.8CVSS6.1AI score0.00478EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/11 8:56 p.m.4 views

CVE-2026-25994 PJSIP has a heap buffer overflow in ICE with long username

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a buffer overflow vulnerability exists in PJNATH ICE Session when processing credentials with excessively long usernames...

9.3CVSS5.9AI score0.01927EPSS
Exploits3References2
Microsoft KB
Microsoft KB
added 2026/02/10 4:0 p.m.53 views

February 10, 2026—KB5077179 (OS Build 28000.1575)

February 10, 2026—KB5077179 OS Build 28000.1575 This cumulative update for Windows 11, version 26H1 KB5077179, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

8.8CVSS7AI score0.25835EPSS
Exploits12
CNVD
CNVD
added 2026/01/30 12:0 a.m.5 views

Rockwell Automation ArmorStart LT Denial of Service Vulnerability (CNVD-2026-10854)

Rockwell Automation ArmorStart LT is a distributed motor controller from Rockwell Automation. A denial of service vulnerability exists in the Rockwell Automation ArmorStart LT, which originates from a device losing ICMP connectivity while performing a Burp Suite active scan, and can be exploited ...

8.7CVSS5.7AI score0.00423EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 2:16 p.m.5 views

CVE-2025-9278

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible...

8.7CVSS0.00423EPSS
Exploits0References1
CVE
CVE
added 2026/01/20 1:55 p.m.14 views

CVE-2025-9278

ArmorStart® LT is affected by CVE-2025-9278, with a denial-of-service condition triggered by probes such as a Burp Suite active scan that causes the device to lose ICMP connectivity and render the web application inaccessible. The vulnerability is documented across multiple feeds (NVD, Red Hat, C...

8.7CVSS5.3AI score0.00423EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/20 1:55 p.m.3 views

CVE-2025-9278 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible...

8.7CVSS5.4AI score0.00423EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/01/20 12:0 a.m.4 views

A Survey of Security Challenges and Solutions for Advanced Air Mobility and EVTOL Aircraft

This survey reviews the existing and envisioned security vulnerabilities and defense mechanisms relevant to Advanced Air Mobility AAM systems, with a focus on electric vertical takeoff and landing eVTOL aircraft. Drawing from vulnerabilities in the avionics in commercial aviation and the automate...

5.6AI score
Exploits0
Rows per page
Query Builder