Lucene search
K

534 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34295

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

6.5CVSS7.3AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.12 views

CVE-2026-22019

Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft component: Person Search. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise H...

5.4CVSS7.3AI score0.00152EPSS
Exploits0References1
OSV
OSV
added 2026/06/03 11:1 a.m.6 views

SUSE-SU-2026:2236-1 Security update for vim

This update for vim fixes the following issues - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim bsc1264706. - CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile via crafted filename bsc1265349. -...

7CVSS5.8AI score0.00917EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2026/05/27 3:12 p.m.22 views

CVE-2026-49054 WordPress The Post Grid plugin <= 7.9.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2...

4.3CVSS5.8AI score0.00213EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 3:12 p.m.25 views

CVE-2026-49054

CVE-2026-49054 concerns WordPress plugin The Post Grid (versions up to 7.9.2). The issue is a Missing Authorization / Broken Access Control vulnerability caused by misconfigured access control logic, allowing unauthorized access where restrictions should apply. Public sources in the connected rec...

4.3CVSS5.8AI score0.00213EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/27 2:59 p.m.13 views

WordPress The Post Grid plugin <= 7.9.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by timomangcut in WordPress Plugin The Post Grid versions = 7.9.2...

4.3CVSS5.8AI score0.00213EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/27 9:13 a.m.10 views

WordPress Livemesh SiteOrigin Widgets plugin <= 3.9.2 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Missing Authorization to Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Livemesh SiteOrigin Widgets versions = 3.9.2...

6.4CVSS5.8AI score0.00223EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/27 6:46 a.m.29 views

CVE-2026-3897

The CVE-2026-3897 entry describes a Stored XSS in the Livemesh Addons for Beaver Builder WordPress plugin, via the labb_admin_ajax action. Affected versions are all up to 3.9.2. Root cause is missing authorization checks despite nonce verification, enabling authenticated Subscriber+ users to modi...

6.4CVSS5.8AI score0.00223EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/26 8:15 p.m.16 views

EUVD-2026-31986

A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function LoginController.selectDepart of the file /sys/selectDepart. This manipulation causes improper access controls. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and m...

7.5CVSS6.7AI score0.00291EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/26 6:46 a.m.13 views

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (April 2026)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

5.8AI score
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/23 1:39 a.m.14 views

SUSE CVE-2022-39307

Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the /api/user/password/sent-reset-email URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks...

5.3CVSS6.7AI score0.00696EPSS
Exploits0References9
OSV
OSV
added 2026/05/22 3:54 p.m.9 views

CLSA-2026-1779465287 Update of tomcat

Bump leading release to maintain monotonic rpm-version ordering in the AlmaLinux 9.2 ESU update stream...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2026/05/22 8:29 a.m.17 views

EUVD-2026-31420

A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...

5.4CVSS5.8AI score0.00141EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/22 8:29 a.m.8 views

CVE-2026-8381 Broken Access Control in TeamViewer DEX Platform (On Premises)

A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...

5.4CVSS5.8AI score0.00141EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could use an improperly formatted OID in a SET request to the nsVacmAccessTable, causing a NULL pointer derefrence. Version 5.9.2 includes a patch to addre...

8.8CVSS6.7AI score0.01146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could exploit an improper input validation vulnerability when setting malformed OIDs in both the master agent and subagent simultaneously. Version 5.9.2...

6.5CVSS6.6AI score0.01052EPSS
Exploits0References2
OSV
OSV
added 2026/05/18 1:48 p.m.9 views

CLEANSTART-2026-TK12973 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj applied in versions: 9.2.8-r0, 9.2.8-r1

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References10
NVD
NVD
added 2026/05/13 5:16 p.m.13 views

CVE-2026-2695

A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...

6.3CVSS0.00201EPSS
Exploits0References1
Circl
Circl
added 2026/05/08 6:19 p.m.12 views

CVE-2026-39218

creationtimestamp| type| source ---|---|--- 2026-05-08 18:19:08+00:00| seen| https://gist.github.com/cla7aye15I4nd/f9a7700240afe7ae8171ee65682e890f...

5.4AI score
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 3:53 p.m.53 views

CVE-2026-41889 pgx: SQL Injection via placeholder confusion with dollar quoted string literals

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted string literal is used in the SQL query, that string literal contains text that would be would be interpreted as a placeholder outside of a...

2.3CVSS0.00356EPSS
Exploits0References3
Rows per page
Query Builder