Lucene search
K

8763 matches found

The Hacker News
The Hacker News
added 3 days ago7 views

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and...

10CVSS6.4AI score0.01021EPSS
Exploits0
Wolfi
Wolfi
added 3 days ago4 views

GHSA-3GXH-FQMQ-7JGM vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40952

MCO is vulnerable to Path Disclosure and Path Traversal in file handling functionality related to data export and upload. Improper validation of the filename parameter allows writing files to arbitrary locations as well as indirect disclosure of absolute server paths through error messages. Becau...

7.1CVSS5.9AI score0.00417EPSS
Exploits0References2
OSV
OSV
added 4 days ago2 views

DEBIAN-CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00265EPSS
Exploits0References1
Circl
Circl
added 4 days ago7 views

CVE-2026-43707

creationtimestamp| type| source ---|---|--- 2026-06-30 10:00:53+00:00| seen| https://thehackernews.com/2026/06/apple-patches-30-ios-macos-safari-flaws.html 2026-07-01 01:00:45+00:00| seen| https://thehackernews.com/2026/06/apple-patches-30-ios-macos-safari-flaws.html 2026-07-01 02:51:35+00:00|...

6.5CVSS6AI score0.00307EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 5 days ago5 views

Important: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.9 views

EulerOS 2.0 SP15 : libarchive (EulerOS-SA-2026-2486)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of...

7.5CVSS7.1AI score0.00882EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 4:58 p.m.3 views

Security Bulletin:IBM Spectrum Control is vulnerable to weaknesses related to axios (CVE-2025-62718, CVE-2026-40175)

Summary Axios is vulnerable to infrastructure tampering and Critical SSRF and exposure of private internal/loopback endpoints attacks. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser an...

9.9CVSS6.6AI score0.01815EPSS
Exploits6Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/25 6:8 p.m.6 views

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 6:8 p.m.5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6AI score0.00378EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52195

Name of the Vulnerable Software and Affected Versions GitLab EE versions 16.4 through 18.11.5 GitLab EE versions 19.0 through 19.0.2 GitLab EE versions 19.1 through 19.1.0 Description Improper sanitization of user-supplied input allows an authenticated user with developer-role permissions to...

8.7CVSS6.1AI score0.00231EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.22 views

PT-2026-52217

Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering...

9.6CVSS7.1AI score
Exploits0References8
OSV
OSV
added 2026/06/24 1:13 p.m.4 views

OESA-2026-2734 mariadb security update

Security Fixes: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

10CVSS5.9AI score0.00998EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/23 6:43 a.m.4 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.2CVSS7AI score0.00552EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2026/06/22 11:17 p.m.8 views

USN-8462-1: Linux kernel (Oracle) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS7.1AI score0.96267EPSS
Exploits281
Ubuntu
Ubuntu
added 2026/06/22 11:1 p.m.7 views

USN-8388-2: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS7AI score0.93235EPSS
Exploits57
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.16 views

PT-2026-51308

Name of the Vulnerable Software and Affected Versions MISP core affected versions not specified Description Broken access-control flaws exist where authorization checks are performed against incorrect entities or ownership and editability checks are missing on write paths. This allows a...

8.8CVSS5.8AI score0.00361EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2026-132 (ALASDOCKER-2026-132)

The version of runfinch-finch installed on the remote host is prior to 1.17.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-132 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680...

9.6CVSS6.2AI score0.0056EPSS
Exploits0References16
EUVD
EUVD
added 2026/06/21 1:27 p.m.9 views

EUVD-2026-38162

phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser and updateUserRights endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edituser permission can set issuperadmin flag or grant arbitrary rights to escalate to SuperAdm...

8.8CVSS6AI score0.00251EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.10 views

RockyLinux 10 : hplip (RLSA-2026:26228)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26228 advisory. HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection CVE-2026-8632 HPLIP: HPLIP: Arbitrary code...

9.8CVSS6.5AI score0.01333EPSS
Exploits0References5
Rows per page
Query Builder