Lucene search
K

31530 matches found

NVD
NVD
added 5 days ago8 views

CVE-2026-12250

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation. This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4...

7.9CVSS0.00106EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago10 views

Malicious code in @adobesign/as-dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6752e4d30c584cb5ca6f67265c983257c1531aa306b47ec00b43ddae83fe2532 The package's package.json declares a postinstall lifecycle hook that pipes the output of whoami through curl to a hardcoded Burp Collaborator...

5.9AI score
Exploits0References2
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-41762

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation. This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4...

7.9CVSS5.9AI score0.00106EPSS
Exploits0References1
CVE
CVE
added 5 days ago14 views

CVE-2026-12250

The CVE-2026-12250 entry concerns Pardus Domain Joiner (TUBITAK BILGEM Software Technologies Research Institute). A vulnerability described as an Invocation of process using visible sensitive information could allow Excavation (data exposure). Affected version range: Pardus Domain Joiner 0.5.2 pr...

7.9CVSS5.9AI score0.00106EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-12250 Sensitive Data Exposure in TUBITAK BILGEM's Pardus Domain Joiner

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation. This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4...

7.9CVSS0.00106EPSS
Exploits0References1
OSV
OSV
added 5 days ago4 views

RLSA-2026:30845 Moderate: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...

7.5CVSS5.9AI score0.00628EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 5 days ago11 views

PT-2026-55801

Name of the Vulnerable Software and Affected Versions Pardus Domain Joiner versions 0.5.2 through 0.5.3 Description A flaw in the software allows the invocation of a process using visible sensitive information, which can lead to excavation of data. Recommendations Update Pardus Domain Joiner to...

7.9CVSS5.9AI score0.00106EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 5 days ago14 views

PT-2026-55805

Name of the Vulnerable Software and Affected Versions Pardus-Parental-Control versions prior to 0.7.0 Description Improper access control and incorrect permission assignment for a critical resource allow for DNS Spoofing, which enables attackers to manipulate DNS resolutions. Recommendations Upda...

8.8CVSS6AI score0.00101EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added last week7 views

Malicious code in bytekit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bbaea22b635a4a8425964572b733b806f45714a9090492d1c39d545088fe336 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added last week8 views

Malicious code in procwire (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42f7077b3fb95ad31689f096805811e51afe78e7f21c2123d5dcc25343a11ff2 setup.py auto-executes on pip install only guarded by an internal PWDIST env var check and, on Windows, reconstructs an attacker C2 URL and XOR key a...

6.2AI score
Exploits0References6
OSV
OSV
added last week11 views

MAL-2026-6748 Malicious code in haproxy-config-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f70d07844bca4fadfcedb195f5768c8a95318af4d62a4bcec94556b99b72c4ad During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added last week5 views

Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff9ad8188112d91f0ea673971f4421ca96dc7943ba12d65c7339c1aa75c2226e The package name debugcli shadows the popular debug package, and index.js is a thin re-export module.exports = require'debug' so callers observe...

6.1AI score
Exploits0References7
OSV
OSV
added last week3 views

MAL-2026-6790 Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b27bc49b2d8ef30848d427f7d6ec702eaed3b5bcc49f5fd4384183f228e2c50a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
Circl
Circl
added last week13 views

CVE-2026-38971

creationtimestamp| type| source ---|---|--- 2026-07-03 17:23:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpr2rgfqwy2c...

9.1CVSS5.9AI score0.00453EPSS
Exploits1References1
NVD
NVD
added 2026/07/03 3:16 p.m.10 views

CVE-2026-49813

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

6.7CVSS0.0046EPSS
Exploits0References1
NVD
NVD
added 2026/07/03 3:16 p.m.9 views

CVE-2026-49814

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command 'OS...

7.2CVSS0.01216EPSS
Exploits0References1
NVD
NVD
added 2026/07/03 3:16 p.m.8 views

CVE-2026-53478

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

7.2CVSS0.01216EPSS
Exploits0References1
NVD
NVD
added 2026/07/03 3:16 p.m.8 views

CVE-2026-49815

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command 'OS...

7.2CVSS0.01096EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/03 2:18 p.m.42 views

CVE-2026-49813

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command 'OS...

6.7CVSS0.0046EPSS
Exploits0References1
CVE
CVE
added 2026/07/03 2:18 p.m.21 views

CVE-2026-49813

Dell PowerProtect Data Domain is affected (versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) by an OS command injection vulnerability due to improper neutralization of special elements in commands. The issue can enable arbitrary command executio...

6.7CVSS6AI score0.0046EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder