Lucene search
K

1176 matches found

Debian CVE
Debian CVE
added 2026/05/06 6:58 a.m.7 views

CVE-2026-23926

An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...

7.3CVSS5.8AI score0.00285EPSS
Exploits0
EUVD
EUVD
added 2026/05/06 6:58 a.m.9 views

EUVD-2026-27527

An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...

7.3CVSS5.8AI score0.00285EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37344

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authenticated administrator without super-user privileges can inject a JavaScript payload when creating a maintenance period. This payload is executed when an...

7.3CVSS5.8AI score0.00285EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/01 8:13 a.m.6 views

Malicious Package

Overview blackbeards-navigator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/30 11:30 a.m.9 views

Malicious code in blackbeards-navigator (npm)

Four pirate-themed npm packages blackbeards-navigator, beusy, sirens-lament, gunpowder-ghost were published by the npm account beusy with heavily inflated version numbers 209.0.0–210.0.0, a hallmark of dependency confusion attacks. Each package contains identical malicious lifecycle scripts...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/30 11:30 a.m.7 views

MAL-2026-3199 Malicious code in blackbeards-navigator (npm)

Four pirate-themed npm packages blackbeards-navigator, beusy, sirens-lament, gunpowder-ghost were published by the npm account beusy with heavily inflated version numbers 209.0.0–210.0.0, a hallmark of dependency confusion attacks. Each package contains identical malicious lifecycle scripts...

6AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/28 1:50 p.m.6 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in minimatch

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in minimatch. CVE-2026-26996 The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a minimal matching utility for converting gl...

8.7CVSS7.3AI score0.00519EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/24 4:6 p.m.5 views

Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in Elliptic

Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in Elliptic. CVE-2025-14505 The vulnerability have been addressed Vulnerability Details CVEID:CVE-2025-14505 DESCRIPTION: The ECDSA implementation of the Elliptic package generates incorrect signatures if a...

5.6CVSS5.5AI score0.00161EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/24 4:3 p.m.6 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in Lodash

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in Lodash. CVE-2025-13465 The vulnerability have been addressed. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to...

8.2CVSS5.5AI score0.01535EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/22 4:12 p.m.5 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js. CVE-2026-32141, CVE-2026-0540, CVE-2026-2327, CVE-2026-27903, CVE-2026-27904. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-3214...

6.1CVSS5.8AI score0.0034EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/10 8:27 a.m.5 views

Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in python_multipart

Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in pythonmultipart. CVE-2026-24486 vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-24486 DESCRIPTION: Python-Multipart is a streaming multipart parser for Python. Prior to version...

8.6CVSS6.7AI score0.02228EPSS
Exploits5Affected Software1
CNVD
CNVD
added 2026/04/07 12:0 a.m.2 views

IBM Content Navigator Cross-Site Scripting Vulnerability (CNVD-2026-16875)

IBM Content Navigator is an enterprise content management and collaboration platform for document management, workflow and content retrieval. A cross-site scripting vulnerability exists in IBM Content Navigator. The vulnerability stems from a failure to properly process user input and can be...

5.4CVSS5.6AI score0.00207EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/03 5:8 a.m.6 views

CVE-2026-1243

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/02 3:31 a.m.8 views

EUVD-2026-18112

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 1:16 a.m.6 views

CVE-2026-1243

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/02 12:14 a.m.3 views

CVE-2026-1243 IBM Content Navigator is affected by , a Cross-Site Scripting (XSS) vulnerability

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/02 12:14 a.m.7 views

CVE-2026-1243

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/02 12:14 a.m.20 views

CVE-2026-1243

IBM Content Navigator is affected by CVE-2026-1243: vulnerable versions 3.0.15, 3.1.0, and 3.2.0 allow an authenticated user to embed arbitrary JavaScript in the Web UI, potentially disclosing credentials within a trusted session. Remediation per IBM Security Bulletin: upgrade to 3.0.15 IF009, 3....

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/02 12:14 a.m.28 views

CVE-2026-1243 IBM Content Navigator is affected by , a Cross-Site Scripting (XSS) vulnerability

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.11 views

PT-2026-29656

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References2
Rows per page
Query Builder