Lucene search
K

67876 matches found

Cvelist
Cvelist
added 55 minutes ago4 views

CVE-2026-20298 Sensitive Information Disclosure through the storage/passwords REST Endpoint in Splunk Enterprise

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.3.2512.15, 10.2.2510.18, and 10.1.2507.24, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could view stored credential hashes...

5.3CVSS
Exploits0References1
Nuclei
Nuclei
added 13 hours ago53 views

GitLab Enterprise Edition - Server-Side Request Forgery

An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The Jira integration feature is vulnerable to an unauthenticated blind SSRF issue. id: CVE-2019-6793 info: name: GitLab Enterprise Edition - Server-Side Request Forgery author:...

7CVSS7AI score0.03506EPSS
Exploits1References2
Nuclei
Nuclei
added 13 hours ago27 views

CyberPower - Missing Authentication

An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. id: CVE-2024-32735 info: name: CyberPower - Missing Authentication author: DhiyaneshDK severity: critical description: | An issue regarding missing authentication for certai...

9.8CVSS7AI score0.06765EPSS
Exploits0References3
Nuclei
Nuclei
added 13 hours ago78 views

CyberPower - SQL Injection

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. id: CVE-2024-32738 info: name: CyberPower - SQL Injection author: DhiyaneshDk severity: high description: | A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3...

7.5CVSS7AI score0.04515EPSS
Exploits0References3
Nuclei
Nuclei
added 13 hours ago368 views

Qlik Sense Enterprise - HTTP Request Smuggling

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

9.9CVSS7.1AI score0.84967EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday80 views

Tarantella Enterprise <3.11 - Local File Inclusion

Tarantella Enterprise versions prior to 3.11 are susceptible to local file inclusion. id: CVE-2018-19753 info: name: Tarantella Enterprise 3.11 - Local File Inclusion author: 0xAkoko severity: high description: | Tarantella Enterprise versions prior to 3.11 are susceptible to local file inclusion...

7.5CVSS7AI score0.16564EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday33 views

TRUfusion Enterprise <= 7.10.4.0 - Admin Contact Portal

TRUfusion Enterprise versions 7.10.4.0 and earlier contained a vulnerability that allowed unauthenticated access to the Internal Admin Contact Page, resulting in the disclosure of PII including partner and contact names. id: CVE-2025-27225 info: name: TRUfusion Enterprise = 7.10.4.0 - Admin Conta...

7.5CVSS6.1AI score0.17464EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday293 views

Splunk Enterprise - Local File Inclusion

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. id: CVE-2024-36991 info: name: Splunk...

7.5CVSS7AI score0.1311EPSS
Exploits10References3
Nuclei
Nuclei
added yesterday95 views

WSO2 - Cross-Site Scripting

WSO2 contains a reflected cross-site scripting vulnerability in the Management Console of API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0,...

6.1CVSS6.4AI score0.41078EPSS
Exploits5References5
NVD
NVD
added yesterday5 views

CVE-2026-44771

SAP S/4HANA Draft operation does not perform necessary authorization checks for an authenticated user, a restricted user could access information within the entity resulting in escalation of privileges. This results in low impact on confidentiality, with no impact on integrity and availability of...

4.3CVSS0.00172EPSS
Exploits0References2
CVE
CVE
added yesterday14 views

CVE-2026-44759

CVE-2026-44759 affects SAP NetWeaver Enterprise Portal. An unauthenticated attacker can inject malicious scripts into a URL parameter, with scripts reflected in server responses and executed in the user’s browser when the crafted URL is visited. This leads to theft of session information, manipul...

6.1CVSS6.1AI score0.00172EPSS
Exploits0References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-43589

SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter. The scripts are reflected in the server response and executed in a user's browser when the crafted URL is visited, leading to theft of session information, manipulation of portal...

6.1CVSS6.1AI score0.00172EPSS
Exploits0References2
HPE Security Bulletins
HPE Security Bulletins
added yesterday7 views

HPESBHF05079 rev.1 - HPE Compute Scale-up Server 3200 and 3250 platforms, Multiple Vulnerabilities

Potential Security Impact: Remote: Arbitrary Code Execution, Compromise of System Integrity, Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Compute Scale-up Server 3200 - Prior to v1.76.44 HPE Compute Scale-up Server 3250 - Prior to v1.02.48 CVSS Scores:...

8.8CVSS7AI score0.02719EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2 days ago10 views

Important: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.6CVSS6.5AI score0.00939EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2 days ago7 views

Important: Red Hat Security Advisory: plexus-utils security update

An update for plexus-utils is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References2
CVE
CVE
added 2 days ago37 views

CVE-2026-14934

CVE-2026-14934 affects Google Cloud BigQuery, Dataform and Colab Enterprise repository creation functionality. A Missing Authorization flaw in versions from October 2025 through May 10, 2026 allows an authenticated attacker to escalate privileges and perform cross-tenant repository takeover. The ...

9.4CVSS6.1AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2 days ago4 views

RHSA-2026:38504 Red Hat Security Advisory: container-tools:rhel8 security update

Bulletin has no description...

7.5CVSS6.4AI score0.00813EPSS
Exploits0References25
RedHat Linux
RedHat Linux
added 2 days ago5 views

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.1CVSS6.4AI score0.00376EPSS
Exploits2References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43300

An Authorization Bypass Through User-Controlled Key vulnerability affecting Tuleap Enterprise Edition from 17.0 through 17.5 could allow an attacker to access data of other users without authorization...

7.5CVSS6.1AI score0.00246EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2 days ago5 views

Important: Red Hat Security Advisory: gegl04 security update

An update for gegl04 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS7.3AI score0.00552EPSS
Exploits0References2
Rows per page
Query Builder