Lucene search
K

2293 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/27 6:9 a.m.20 views

Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center

Overview Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-23865,...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Cloud Foundry BOSH Director 安全漏洞

Cloud Foundry BOSH Director is a cloud infrastructure deployment and lifecycle management platform developed by the US Cloud Foundry company. There is a security vulnerability in Cloud Foundry BOSH Director. This vulnerability stems from the AgentClient failing to normalize the strings provided b...

5.8CVSS5.8AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Cloud Foundry BOSH Director 安全漏洞

Cloud Foundry BOSH Director is a cloud infrastructure deployment and lifecycle management platform developed by the US Cloud Foundry company. Versions of Cloud Foundry BOSH Director prior to v282.1.12 contained security vulnerabilities. These vulnerabilities stemmed from AgentClient not performin...

6.8CVSS5.8AI score0.00083EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43566

Name of the Vulnerable Software and Affected Versions BOSH Director versions prior to v282.1.12 Description When the director sends a long-running request, such as compile package, the agent's reply JSON is processed by AgentClient. The functions inject compile log and format exception read the...

5.8CVSS5.5AI score0.00099EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43567

Name of the Vulnerable Software and Affected Versions BOSH Director versions prior to 282.1.12 Description The AgentClienthandle method processes NATS replies and invokes inject compile log for every response, which reads the compile log id from response'value''result''compile log id' and passes ...

6.8CVSS5.5AI score0.00083EPSS
Exploits0References3
Cloud Foundry
Cloud Foundry
added 2026/05/26 12:0 a.m.11 views

CVE-2026-41009 - Local Blobstore may allow arbitrary reads/deletes | Cloud Foundry

MEDIUM CVSSv4: Medium 4.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:L CVSSv3: Medium 5.8 CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:L Vendor Cloud Foundry Foundation Versions Affected Severity is MEDIUM unless otherwise noted. BOSH Director – All versions prior to v282.1.12...

5.8CVSS6.2AI score0.00099EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2026/05/26 12:0 a.m.10 views

CVE-2026-41704 - Compromised VM can make arbitrary blobstore deletes | Cloud Foundry

MEDIUM CVSS 4.0 Score: 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:H CVSS 3.1 Score: 5.0 CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N Vendor Cloud Foundry Foundation Versions Affected Severity is MEDIUM unless otherwise noted. BOSH Director – All versions prior to v282.1.12...

6.8CVSS6AI score0.00083EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed queue reservation for XDP When XDP was configured on a system with a large number of CPUs and X722 NIC, there was a call trace involving a NULL pointer dereference. i40e 0000:87:00.0: Failed to obtain tracking for...

5.5CVSS6.5AI score0.0022EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Bacula

In Bareos Director versions 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow vulnerability allows a malicious client to corrupt the director’s memory by sending overly large digest strings during the initialization of a verify job. Disabling verify jobs can mitigate this problem. This issue h...

7.4CVSS7.2AI score0.0124EPSS
Exploits0References1
NVD
NVD
added 2026/05/07 8:16 p.m.38 views

CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

5.3CVSS0.0039EPSS
Exploits0References4
OSV
OSV
added 2026/05/07 8:16 p.m.6 views

UBUNTU-CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

5.3CVSS5.8AI score0.0039EPSS
Exploits0References8
OSV
OSV
added 2026/05/07 7:41 p.m.1 views

CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

5.3CVSS6.2AI score0.0039EPSS
Exploits0References7
Snyk
Snyk
added 2026/05/07 7:21 p.m.9 views

Information Exposure

Overview std/net/http/httputil is a Go standard library package std/net/http/httputil Affected versions of this package are vulnerable to Information Exposure. Go Vulnerability Report: ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrit...

6.9CVSS5.8AI score0.0039EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/06 6:30 p.m.16 views

EUVD-2026-27851

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to retrieve files that they do not have permission to access. This vulnerability is due to insufficient file access checks. An attacker could...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 6:30 p.m.17 views

EUVD-2026-27854

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of user-supplied data. An...

6.4CVSS5.9AI score0.0021EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 6:30 p.m.14 views

EUVD-2026-27850

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely managed router. This vulnerability is due to improper error handling. An attacker could exploit this...

7.7CVSS5.8AI score0.00272EPSS
Exploits0References2
NVD
NVD
added 2026/05/06 5:16 p.m.9 views

CVE-2026-20167

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely managed router. This vulnerability is due to improper error handling. An attacker could exploit this...

7.7CVSS0.00272EPSS
Exploits0References1
NVD
NVD
added 2026/05/06 5:16 p.m.11 views

CVE-2026-20168

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to retrieve files that they do not have permission to access. This vulnerability is due to insufficient file access checks. An attacker could...

6.5CVSS0.00272EPSS
Exploits0References1
NVD
NVD
added 2026/05/06 5:16 p.m.14 views

CVE-2026-20169

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of user-supplied data. An...

6.4CVSS0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 4:15 p.m.9 views

CVE-2026-20167 Cisco IoT Field Network Director Remote Device Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely managed router. This vulnerability is due to improper error handling. An attacker could exploit this...

7.7CVSS5.8AI score0.00272EPSS
Exploits0References1
Rows per page
Query Builder