Lucene search
K

520 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.14 views

Tridium Niagara Use of Password Hash With Insufficient Computational Effort (CVE-2025-3937)

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niaga...

9.8CVSS7.6AI score0.00316EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.14 views

Tridium Niagara Incorrect Permission Assignment for Critical Resource (CVE-2025-3936)

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Niagara Framework: before 4.14.2, before 4.15.1,...

9.8CVSS7.6AI score0.00366EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Tridium Niagara Use of GET Request Method With Sensitive Query Strings (CVE-2025-3943)

Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Parameter Injection. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11;...

7.5CVSS7.4AI score0.07416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

Tridium Niagara Improper Encoding or Escaping of Output (CVE-2025-3942)

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara...

7.5CVSS5.8AI score0.00239EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Tridium Niagara Argument Injection (CVE-2025-3945)

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows Command Delimiters. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara...

9.8CVSS7.3AI score0.00593EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 4:58 p.m.42 views

CVE-2026-40379 Azure Entra ID Spoofing Vulnerability

...

9.3CVSS0.0091EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:58 p.m.10 views

CVE-2026-40379 Azure Entra ID Spoofing Vulnerability

...

9.3CVSS6AI score0.0091EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:58 p.m.43 views

CVE-2026-40379

CVE-2026-40379 is a Microsoft ESTS (Enterprise Security Token Service) spoofing vulnerability impacting Azure services. The connected sources confirm exposure of sensitive information to an unauthorized actor in Azure Entra ID and describe exploitation as network-based spoofing. The CVSS 3.1 scor...

9.3CVSS5.8AI score0.0091EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.10 views

Azure Entra ID Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network...

9.3CVSS6AI score0.0091EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/05/06 10:57 a.m.18 views

Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?

Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of AI agents is accelerating, outpacing maturity of...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ESAPI vulnerabilities (USN-8181-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8181-1 advisory. Jaroslav Lobaevski discovered that ESAPI incorrectly validated directory paths during path verification. ...

9.8CVSS5.8AI score0.02829EPSS
Exploits4References4
ATTACKERKB
ATTACKERKB
added 2026/04/14 12:8 a.m.4 views

CVE-2026-39418

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSGFASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by the...

5CVSS5.7AI score0.00198EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.10 views

PT-2026-32573

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSG FASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by th...

5CVSS5.7AI score0.00198EPSS
Exploits0References4
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/04/13 12:0 a.m.6 views

Identity Protection in the AI Era

Enterprises aiming to predict and mitigate human, machine, and AI‑agent risks at scale demand AI‑powered identity‑first security without compromise...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/10 11:0 a.m.13 views

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI...

6.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/09 1:0 p.m.8 views

Secure agentic AI for your Frontier Transformation

Today we shared the next step to make Frontier Transformation real for customers across every industry with Wave 3 of Microsoft 365 Copilot, Microsoft Agent 365, and Microsoft 365 E7: The Frontier Suite. Introducing the First Frontier Suite built on Intelligence and Trust As our customers rapidly...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/17 4:23 p.m.199 views

Exploit for Path Traversal in Owasp Enterprise_Security_Api

Enterprise Security API for Java Legacy ================= !...

9.8CVSS5.8AI score0.02829EPSS
Exploits2
The Hacker News
The Hacker News
added 2026/02/12 10:30 a.m.9 views

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

A new 2026 market intelligence study of 128 enterprise security decision-makers available here reveals a stark divide forming between organizations – one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuou...

5.7AI score
Exploits0
HackRead
HackRead
added 2026/01/20 9:29 a.m.8 views

One Identity Unveils Major Upgrade to Identity Manager, Strengthening Enterprise Identity Security

Alisa Viejo, United States, 20th January 2026, CyberNewsWire...

5.5AI score
Exploits0
hivepro
hivepro
added 2026/01/13 1:20 p.m.4 views

6 Best Enterprise Security Platforms for 2026

If your security stack feels like a cluttered garage full of single-purpose tools, you’re not alone. You have one tool for endpoints, another for the network, and a few more for the cloud—none of which communicate effectively. This patchwork approach creates dangerous blind spots and buries your...

7AI score
Exploits0
Rows per page
Query Builder