Lucene search
K

533 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.4 views

Fedora 43 : wordpress (2026-5774d46593)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5774d46593 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...

4.3CVSS5.9AI score0.00305EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.5 views

Fedora 44 : wordpress (2026-bf984d4931)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bf984d4931 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...

4.3CVSS5.9AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 11:12 p.m.4 views

CVE-2026-29109 SuiteCRM Authenticated Remote Code Execution via Unsafe Deserialization in SavedSearch Filter Processing

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions up to and including 8.9.2 contain an unsafe deserialization vulnerability in the SavedSearch filter processing component that allows an authenticated administrator to execute arbitrary...

8.6CVSS6.1AI score0.00469EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/19 11:12 p.m.3 views

CVE-2026-29109 SuiteCRM Authenticated Remote Code Execution via Unsafe Deserialization in SavedSearch Filter Processing

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions up to and including 8.9.2 contain an unsafe deserialization vulnerability in the SavedSearch filter processing component that allows an authenticated administrator to execute arbitrary...

8.6CVSS6.1AI score0.00469EPSS
Exploits0References1
CVE
CVE
added 2026/03/19 10:54 p.m.21 views

CVE-2026-29103

CVE-2026-29103 affects SuiteCRM 7.15.0 and 8.9.2, enabling authenticated administrators to trigger remote code execution via a Patch Bypass of CVE-2024-49774. The root cause is a flaw in ModuleScanner.php’s PHP token parsing that resets its internal state (checkFunction) on single-character token...

9.1CVSS6.2AI score0.00497EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/19 10:54 p.m.7 views

EUVD-2026-13364

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. A Critical Remote Code Execution RCE vulnerability exists in SuiteCRM 7.15.0 and 8.9.2, allowing authenticated administrators to execute arbitrary system commands. This vulnerability is a direc...

9.1CVSS6.2AI score0.00497EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 10:54 p.m.5 views

CVE-2026-29103 SuiteCRM Vulnerable to Remote Code Execution via Module Loader Package Scanner Bypass

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. A Critical Remote Code Execution RCE vulnerability exists in SuiteCRM 7.15.0 and 8.9.2, allowing authenticated administrators to execute arbitrary system commands. This vulnerability is a direc...

9.1CVSS6.2AI score0.00497EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/15 12:7 p.m.4 views

SUSE CVE-2017-18908

An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset request was sometime sent to an attacker-provided e-mail address...

9.8CVSS5.8AI score0.01184EPSS
Exploits0References3
CVE
CVE
added 2026/03/11 4:4 p.m.52 views

CVE-2026-1663

GitLab CVE-2026-1663 affects GitLab CE/EE: authenticated users with group import permissions could create labels in private projects due to improper authorization validation in the group import process under certain circumstances. Remediation is available by upgrading to fixed releases: 18.7.6+, ...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/03/11 3:37 p.m.53 views

CVE-2026-3848

CVE-2026-3848 affects GitLab CE/EE, versions 8.11–18.7.5, 18.8.0–18.8.5, and 18.9.0–18.9.1; all are fixed in 18.7.6, 18.8.6, and 18.9.2. The root cause is improper input validation in the import functionality that could allow an authenticated user to trigger unintended internal requests via proxy...

5CVSS5.8AI score0.00187EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.4 views

CVE-2025-36173

Affected ProductsVersionsInfoSphere Data Architect9.2.1...

6.1CVSS7.3AI score0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.6 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions prior to 18.7.6,...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.2 views

PT-2026-24708

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause a denial of service condition due to improper input validation on webhook custom header names under...

6.5CVSS5.8AI score0.00385EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/10 1:40 a.m.7 views

CVE-2025-36173

Affected ProductsVersionsInfoSphere Data Architect9.2.1...

6.1CVSS7.3AI score0.00149EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 1:40 a.m.4 views

CVE-2025-36173 InfoSphere Data Architect (IDA) 9.2.1 Vulnerability Fixes.

Affected ProductsVersionsInfoSphere Data Architect9.2.1...

6.1CVSS7.3AI score0.00149EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

WordPress 6.0 < 6.9.2

WordPress versions 6.0 6.9.2 are affected by one or more vulnerabilities %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from WordPress Security Advisory wordpress-6-9-2-release. include'compat.inc'; if description scriptid301728;...

5.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Vim < 9.2.0074 Heap-based Buffer Overflow (GHSA-h4mf-vg97-hj8j)

The version of Vim installed on the remote host is prior to 9.2.0074. It is, therefore, affected by a vulnerability as referenced in the GHSA-h4mf-vg97-hj8j advisory. - Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exis...

5.5CVSS6.2AI score0.0022EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/04 7:45 p.m.5 views

CVE-2025-64736

An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch 5462afb0. A specially crafted .abf file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability...

7.1CVSS5.9AI score0.00184EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/01 1:43 a.m.8 views

CVE-2026-28270

Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch fo...

7.2CVSS6AI score0.01607EPSS
Exploits0References1
OSV
OSV
added 2026/02/28 2:47 a.m.6 views

GHSA-8P85-9QPW-FWGW @fastify/middie has Improper Path Normalization when Using Path-Scoped Middleware

Summary A path normalization inconsistency in @fastify/middie can result in authentication/authorization bypass when using path-scoped middleware for example, app.use'/secret', auth. When Fastify router normalization options are enabled such as ignoreDuplicateSlashes, useSemicolonDelimiter, and...

8.2CVSS6AI score0.0039EPSS
Exploits0References7
Rows per page
Query Builder