Lucene search
+L

13582 matches found

CVE
CVE
added 4 days ago8 views

CVE-2026-47632

Azure Monitor Agent Metrics Extension is affected by CVE-2026-47632 due to improper certificate validation, enabling elevation of privileges for an unauthenticated attacker on an adjacent network. Exploitation details are not provided in the connected documents. CVSSv3.1 base score 8.8 (High): AV...

8.8CVSS6.1AI score0.00313EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 4 days ago9 views

Active Directory Certificate Services Elevation of Privilege Vulnerability

Improper authorization in Active Directory Certificate Services AD CS allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.1AI score0.00802EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago13 views

Active Directory Federation Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Active Directory Federation Services AD FS allows an authorized attacker to perform spoofing over a network...

4.8CVSS6.1AI score0.0038EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago8 views

Windows Network File System Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Network File System allows an unauthorized attacker to execute code over a network...

8.1CVSS6.3AI score0.00641EPSS
Exploits0
PyPA
PyPA
added 5 days ago7 views

zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion

ImpactDNSIncoming.logexceptiondebug and the four QuietLogger exception-dedup methods stored an unbounded seenlogs dict keyed by strsys.excinfo1. The seven IncomingDecodeError messages raised from readname / decodelabelsatoffset RFC 6762 §18 name-decoding error paths all embed self.source — the...

6.5CVSS6.1AI score0.0002EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/07/08 2:58 p.m.4 views

SUSE-SU-2026:2799-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions bsc1266290. - CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. - CVE-2025-40341:...

9.8CVSS6.8AI score0.93235EPSS
Exploits51References351
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.8 views

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Improper input validation in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.8CVSS6.1AI score0.00479EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/03 12:56 p.m.41 views

CVE-2026-56015 Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length

Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add passes the prefix string to the trie builder addPrefixToTrie without checking it against the address width. addPrefixToTrie then walks the prefix buffer by prefixlength bits, reading...

0.00537EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 10:16 a.m.10 views

CVE-2026-8482

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS0.00212EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 8:42 a.m.10 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 8:42 a.m.45 views

CVE-2026-8482 Information leak in NSRPC client history

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.14 views

PT-2026-55318

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description M365 Copilot contains an open redirect issue, which occurs when an application redirects users to an untrusted external site. This flaw allows an unauthorized attacker to elevate...

9.3CVSS6AI score0.00531EPSS
Exploits0References9
NVD
NVD
added 2026/07/01 4:16 p.m.13 views

CVE-2026-8480

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...

4.3CVSS0.00087EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 2:52 p.m.35 views

CVE-2026-8480 Connection possible to the Administration portal with a revoked certificate

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...

4.3CVSS0.00087EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2026/06/30 12:0 a.m.13 views

thunderbird security update

140.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.12.0 - Add OpenELA debranding 140.12.0-1 - Update to 140.12.0 ESR...

9.6CVSS5.8AI score0.00476EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:6 a.m.6 views

batman-adv: v: stop OGMv2 on disabled interface

...

9.8CVSS5.8AI score0.00122EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

Oracle Linux 9 : thunderbird (ELSA-2026-29940)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-29940 advisory. 140.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.12.0 - Add OpenELA debranding 140.12.0-1 - Update to 140.12.0 ESR Tenab...

9.6CVSS6.1AI score0.00476EPSS
Exploits0References30
NVD
NVD
added 2026/06/26 11:16 a.m.12 views

CVE-2025-7958

A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...

8.5CVSS0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 10:15 a.m.7 views

EUVD-2025-210348

A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:15 a.m.9 views

CVE-2025-7958

A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder