Lucene search
K

5418 matches found

Nuclei
Nuclei
added 12 hours ago54 views

Intel Neural Compressor <2.5.0 - SQL Injection

Improper input validation in some IntelR Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access. id: CVE-2024-22476 info: name: Intel Neural Compressor 2.5.0 - SQL Injection author: ritikchaddha severity:...

10CVSS7.4AI score0.33357EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-56140

A flaw was found in the Apache Camel AWS SNS component camel-aws2-sns. An improper input validation vulnerability exists in the Sns2HeaderFilterStrategy due to a missing inbound filter rule. However, this component is producer-only, meaning it does not process external messages in a way that woul...

9.8CVSS5.9AI score0.00311EPSS
Exploits0References4
NVD
NVD
added 3 days ago11 views

CVE-2026-56140

Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it originally configured only an outbound filter...

9.8CVSS0.00311EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-56140

Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it originally configured only an outbound filter...

9.8CVSS6AI score0.00311EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-56140 Apache Camel AWS2 SNS: An inbound Camel-namespace filter was added to Sns2HeaderFilterStrategy to align it with sibling components

Improper Input Validation vulnerability in Apache Camel AWS SNS component. The camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it originally configured only an outbound filter...

0.00311EPSS
Exploits0References1
CVE
CVE
added 3 days ago12 views

CVE-2026-56140

CVE-2026-56140 describes an improper input validation in the Apache Camel AWS SNS component (camel-aws2-sns) due to a missing inbound filter in Sns2HeaderFilterStrategy. The Red Hat/NVD entries confirm the issue is a defense-in-depth hardening change with no known exploit path because camel-aws2-...

9.8CVSS6AI score0.00311EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago11 views

PT-2026-55912

Name of the Vulnerable Software and Affected Versions Apache Camel versions 4.0.0 through 4.14.7 Apache Camel versions 4.15.0 through 4.18.2 Apache Camel versions 4.19.0 through 4.20.9 Description Improper input validation exists in the camel-aws2-sns component. The Sns2HeaderFilterStrategy...

9.8CVSS5.9AI score0.00311EPSS
Exploits0References4
EUVD
EUVD
added last week14 views

EUVD-2026-37801

Steeltoe vulnerable to management-port isolation bypass via spoofed Host header...

8.2CVSS5.8AI score0.00238EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/02 12:50 p.m.7 views

EUVD-2026-41370

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in TR7 Cyber ​​Defense Inc. WAF-ASP allows Stored XSS. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 12:50 p.m.32 views

CVE-2026-4772 Stored XSS in TR7's WAF-ASP

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in TR7 Cyber ​​Defense Inc. WAF-ASP allows Stored XSS. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...

5.4CVSS0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 12:50 p.m.8 views

CVE-2026-4772

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in TR7 Cyber ​​Defense Inc. WAF-ASP allows Stored XSS. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/02 12:37 p.m.14 views

CVE-2026-4770

The CVE-2026-4770 entry concerns TR7 Cyber Defense Inc. Web Application Firewall (WAF). The affected component is the Web Application Firewall, with versions from 1.0.42.239 up to, but not including, 1.4.0.117. The vulnerability is a DOM-Based Cross-Site Scripting (XSS) issue arising from imprope...

4.6CVSS5.8AI score0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 12:37 p.m.32 views

CVE-2026-4770 DOM-Based XSS in TR7's WAF-ASP

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in TR7 Cyber ​​Defense Inc. Web Application Firewall allows DOM-Based XSS. This issue affects Web Application Firewall: from v1.0.42.239 before v1.4.0.117...

4.6CVSS0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 12:37 p.m.7 views

EUVD-2026-41369

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in TR7 Cyber ​​Defense Inc. Web Application Firewall allows DOM-Based XSS. This issue affects Web Application Firewall: from v1.0.42.239 before v1.4.0.117...

4.6CVSS5.8AI score0.00133EPSS
Exploits0References1
Opera Security Advisories
Opera Security Advisories
added 2026/07/02 12:0 a.m.5 views

Here’s how Opera’s Paste Protect guards you natively against clipboard attacks

News, Security Here’s how Opera’s Paste Protect guards you natively against clipboard attacks Share July 2nd, 2026 At Opera, user security is a top priority. That’s why today, we are excited to announce that Opera is the first browser to introduce Paste Protect: a native defense measure against...

8.8CVSS7.5AI score0.01654EPSS
Exploits4References1
ICS
ICS
added 2026/06/25 6:0 a.m.7 views

Delta Electronics DTM Soft

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control system...

8.4CVSS6.2AI score0.00388EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.36 views

PT-2026-50769

Name of the Vulnerable Software and Affected Versions pam usb versions 0.9.1 and earlier Description The xfree memory release helper calls free without zeroing buffer contents first. This results in heap-allocated buffers containing sensitive data, such as one-time pad bytes read from disk, being...

4.7CVSS6AI score0.00109EPSS
Exploits0References7
CVE
CVE
added 2026/06/17 9:3 p.m.33 views

CVE-2026-50194

Steeltoe CVE-2026-50194 affects management endpoints when configured to listen on an alternate port. Versions 3.2.2–3.3.0 and 4.1.0 use the Host header to gate access instead of the socket port, enabling port-isolation bypass. Patches are in 3.4.0 and 4.2.0. If upgrading isn’t possible, apply exp...

8.2CVSS5.4AI score0.00238EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.11 views

PT-2026-50604

Name of the Vulnerable Software and Affected Versions Capsule version 0.13.2 Description A typo in the webhook rules of the software causes a failure in the defense mechanism for the namespaces/finalize subresource. The configuration uses the singular namespace/finalize instead of the plural...

5.7CVSS5.9AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/16 2:34 p.m.19 views

Natural Language Toolkit (NLTK): URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read

Summary nltk.data.load in NLTK is vulnerable to path traversal via URL-encoded path separators and traversal segments when using the nltk: URL scheme. The unsafe-path regex check is performed before url2pathname decodes the %xx sequences a classic decode-after-check / TOCTOU-style flaw, allowing ...

7.5CVSS5.5AI score0.00378EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder