Lucene search
K

9833 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52105

Name of the Vulnerable Software and Affected Versions Sentry versions 24.4.0 through 26.5.1 Description A Regular Expression Denial of Service ReDoS exists in the event ingestion pipeline. This occurs when a regular expression is applied to attacker-controlled fields on incoming events, allowing...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References6
NVD
NVD
added 2026/06/23 11:16 p.m.9 views

CVE-2026-12163

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

5.5CVSS0.00145EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 11:16 p.m.10 views

CVE-2026-12164

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission...

4.4CVSS0.00101EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 10:15 p.m.6 views

CVE-2026-12164

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission...

4.4CVSS5.9AI score0.00101EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 10:15 p.m.29 views

CVE-2026-12164 Privilege Escalation in Fortra File Integrity Monitoring (FIM)

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission...

4.4CVSS0.00101EPSS
Exploits0References1
Fedora
Fedora
added 2026/06/23 1:9 a.m.4 views

[SECURITY] Fedora 44 Update: prometheus-3.12.0-1.fc44

The Prometheus monitoring system and time series database...

7.5CVSS5.8AI score0.00761EPSS
Exploits1
Fedora
Fedora
added 2026/06/23 12:54 a.m.4 views

[SECURITY] Fedora 43 Update: prometheus-3.12.0-1.fc43

The Prometheus monitoring system and time series database...

7.5CVSS5.8AI score0.00761EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.12 views

PT-2026-51605

Name of the Vulnerable Software and Affected Versions Fortra File Integrity Monitoring FIM versions prior to 9.4.0 Description An issue exists where incorrect or elevated effective permissions may be assigned to users created by the tetool import command while the software is running. This occurs...

4.4CVSS5.7AI score0.00101EPSS
Exploits0References8
Securelist
Securelist
added 2026/06/22 10:0 a.m.17 views

A VBScript campaign distributed through WhatsApp deploying RMM software

In June 2026, we observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, wi...

6.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 7:36 a.m.5 views

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments

Summary IBM java SDK is used by Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...

7.5CVSS5.9AI score0.00702EPSS
Exploits0Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/amd: Fixed a crash that occurred due to a race between amdpmuenableall, perf NMI, and throttling. amdpmuenableall does the following: if !testbitidx, cpuc-activemask continue; amdpmuenableeventcpuc-eventsidx; A perf N...

4.7CVSS6.2AI score0.00098EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d The issue of NULL pointer dereferencing was fixed by removing unnecessary structure fields. If the driver reads a value that is sufficient for the condition: val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 th...

7.8CVSS6.1AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfsattrs. If coretempaddcore encounters an error, pdata-coredataindx is already NULL and has been freed. Do not pass this value to sysfsremovegroup, as it will cause a crash in...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A flaw related to memory leaks in the Linux kernel’s performance monitoring subsystem was discovered due to the use of PERFEVENTIOCSETFILTER. A local user could exploit this flaw to deplete resources, resulting in a denial of service...

5.5CVSS6.6AI score0.00348EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: kernfs: Fixed a UAF Use-after-Free issue during polling when the opened file is released. A Use-after-Free vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-fre...

7.8CVSS6.7AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Zabbix

A regular Zabbix user without access to the Monitoring - Problems view can still call the problem.view.refresh action, and thus still retrieve a list of active problems...

5.1CVSS5.2AI score0.00274EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 1:58 p.m.4 views

Security Bulletin: IBM Tivoli Monitoring is included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent

Summary IBM Tivoli Monitoring is included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocol...

7.5CVSS7.2AI score0.00702EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/06/16 9:0 a.m.10 views

CVE-2026-39581

CVE-2026-39581 documents a SQL Injection in the WordPress plugin WP Sessions Time Monitoring Full Automatic for versions

8.5CVSS5.7AI score0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.26 views

CVE-2026-39581 WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.1.4 - SQL Injection vulnerability

Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic = 1.1.4 versions...

8.5CVSS0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.7 views

EUVD-2026-37047

Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic = 1.1.4 versions...

8.5CVSS5.8AI score0.0027EPSS
Exploits0References1
Rows per page
Query Builder