Lucene search
K

4934 matches found

Nuclei
Nuclei
added 17 hours ago123 views

Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution

Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a...

8.8CVSS7.6AI score0.7699EPSS
Exploits6References5
EUVD
EUVD
added 2026/07/02 7:47 p.m.9 views

EUVD-2026-33273

Mautic Focus component Vulnerable to SSRF...

6.4CVSS5.8AI score0.00138EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/27 12:56 a.m.6 views

[SECURITY] Fedora 43 Update: nginx-1.30.3-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

9.2CVSS7AI score0.03459EPSS
Exploits4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 111. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Andro...

8.8CVSS7.4AI score0.00521EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 8:34 p.m.5 views

GHSA-MPC8-JXJH-QPGH OpenClaw: Focus command could miss controlScope enforcement

Summary Focus command could miss controlScope enforcement. In affected versions, a caller able to trigger the focus command could run the command without enforcing the expected control scope. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...

6.8CVSS5.6AI score0.00093EPSS
Exploits0References4
NVD
NVD
added 2026/06/16 7:17 p.m.21 views

CVE-2026-53850

OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenticated callers to execute the command without proper authorization checks. Attackers can trigger the focus command to change focus state outside intended caller authority,...

6.8CVSS0.00093EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:5 p.m.21 views

CVE-2026-53850

OpenClaw is affected by CVE-2026-53850, a control scope enforcement bypass in the focus command present in versions prior to 2026.4.25. The vulnerability allows authenticated callers to bypass authorization checks and change focus state outside their intended authority, potentially enabling unaut...

6.8CVSS5.5AI score0.00093EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.19 views

PT-2026-49767

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description A control scope enforcement bypass exists in the focus command. This allows authenticated callers to execute the command without proper authorization checks, enabling them to change the focus...

6.8CVSS5.5AI score0.00093EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.13 views

CVE-2026-11799

UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...

7.5CVSS5.4AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 9:17 p.m.20 views

CVE-2026-11799

UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...

7.5CVSS0.00216EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 8:52 p.m.11 views

EUVD-2026-35837

UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...

5.5AI score0.00216EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 8:52 p.m.33 views

CVE-2026-11799 UXSS in Focus for iOS / Klar Webkit navigation

UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...

0.00216EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 8:52 p.m.9 views

CVE-2026-11799 UXSS in Focus for iOS / Klar Webkit navigation

UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...

5.4AI score0.00216EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 8:52 p.m.25 views

CVE-2026-11799

CVE-2026-11799 concerns a UXSS flaw in Focus for iOS and Klar WebKit navigation. The affected components are Focus for iOS and Klar for iOS, with a root cause not explicitly detailed in the provided documents beyond the UXSS classification. The vulnerability is rated HIGH (CVSS 3.1: AV:N/AC:L/PR:...

7.5CVSS5.5AI score0.00216EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48265

Name of the Vulnerable Software and Affected Versions Focus for iOS versions prior to 151.3.1 Klar for iOS versions prior to 151.3.1 Description Universal Cross-Site Scripting UXSS exists in the Webkit navigation of Focus for iOS and Klar for iOS. UXSS is a security flaw that allows an attacker t...

7.5CVSS5.6AI score0.00216EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Mozilla Focus for iOS和Mozilla Klar for iOS 安全漏洞

Mozilla Focus for iOS and Mozilla Klar for iOS are mobile web browsers designed with privacy protection in mind by the American Mozilla Foundation. Both browsers have cross-site scripting vulnerabilities. These vulnerabilities arise due to improper input validation during the Webkit navigation...

7.5CVSS5.8AI score0.00216EPSS
Exploits0References2
Mozilla
Mozilla
added 2026/06/09 12:0 a.m.12 views

Security Vulnerabilities fixed in Focus for iOS / Klar 151.3.1 — Mozilla

CVE-2026-11799: UXSS in Focus for iOS / Klar Webkit navigation Reporter Renwa Hiwa Impact high References Bug 1975667...

7.5CVSS5.4AI score0.00216EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.11 views

CVE-2026-8945

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in Firefox and Firefox Focus for Android...

7.5CVSS5.8AI score0.00369EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.11 views

CVE-2026-9557

A Server-Side Request Forgery SSRF vulnerability exists in Mautic's Focus component. Due to insufficient validation of user-supplied URLs, an authenticated user can trigger outbound HTTP requests from the hosting server, enabling internal network reconnaissance or forcing requests to arbitrary...

6.4CVSS5.6AI score0.00138EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/29 1:18 p.m.7 views

Incorrect Authorization

Overview mautic/plugin-focus is a Focus Plugin Affected versions of this package are vulnerable to Incorrect Authorization in the enforcement of owner-scope permissions such as viewown or editown. An attacker can gain unauthorized access or modify resources belonging to other users by exploiting...

7.1CVSS5.8AI score0.00201EPSS
Exploits0References2
Rows per page
Query Builder