Lucene search
K

11956 matches found

EUVD
EUVD
added 2026/06/30 7:45 p.m.5 views

EUVD-2026-40396

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system...

9.3CVSS5.6AI score0.00217EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 1:30 p.m.4 views

MINI-XMC8-9VW6-M68H

Bulletin has no description...

5.3CVSS5.9AI score0.00232EPSS
Exploits0
Patchstack
Patchstack
added 2026/06/30 1:28 p.m.4 views

WordPress LMS theme <= 9.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme LMS versions = 9.7...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/30 10:47 a.m.3 views

RHSA-2026:28051 Red Hat Security Advisory: .NET 9.0 security update

Bulletin has no description...

7.5CVSS7AI score0.0243EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.6 views

CVE-2026-11589 WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Stored XSS via File Upload

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not properly validate uploaded files, allowing unauthenticated users to upload files containing malicious JavaScript such as HTML or SVG to a publicly accessible location, leading to Stored Cross-Site Scripting attac...

5.6AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 5:34 a.m.23 views

CVE-2026-12073

CVE-2026-12073 affects the ProfileGrid – User Profiles, Groups and Communities plugin for WordPress (versions ≤ 5.9.9.5). The root cause is the plugin not validating a user_login on some registration forms and mishandling errors, enabling unauthenticated attackers to overwrite the email of the ad...

9.8CVSS5.8AI score0.0031EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 12:25 a.m.10 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6AI score0.00298EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Oracle Linux 9 : firefox (ELSA-2026-20574)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20574 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

9.8CVSS7.2AI score0.00446EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

RHEL 9 : ruby (RHSA-2026:33512)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33512 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.4 views

Oracle Linux 9 : git-lfs (ELSA-2026-30854)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-30854 advisory. - Fix CVE-2026-39821: vendored golang.org/x/net/idna ToUnicode incorrectly accepting all-ASCII xn-- labels Tenable has extracted the preceding description bloc...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/29 10:56 p.m.7 views

Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update

An update for glibc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS5.9AI score0.00451EPSS
Exploits1References2
NVD
NVD
added 2026/06/29 3:16 p.m.9 views

CVE-2026-57341

Unauthenticated Insecure Direct Object References IDOR in Colissimo Officiel : Méthodes de livraison pour WooCommerce = 2.9.0 versions...

6.5CVSS0.00258EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/29 1:36 p.m.7 views

EUVD-2026-40112

Unauthenticated Insecure Direct Object References IDOR in Colissimo Officiel : Méthodes de livraison pour WooCommerce = 2.9.0 versions...

6.5CVSS5.8AI score0.00258EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 1:36 p.m.7 views

CVE-2026-57340

Unauthenticated Broken Access Control in Japanized For WooCommerce = 2.9.12 versions...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 1:36 p.m.8 views

EUVD-2026-40111

Unauthenticated Broken Access Control in Japanized For WooCommerce = 2.9.12 versions...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-454 pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS6.5AI score0.12217EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-449 pgAdmin 4 Vulnerable to Cross-Site Scripting (XSS) via Query Result Rendering

pgAdmin = 9.1 is affected by a security vulnerability with Cross-Site ScriptingXSS. If attackers execute any arbitrary HTML/JavaScript in a user's browser through query result rendering, then HTML/JavaScript runs on the browser...

9.1CVSS7.4AI score0.00305EPSS
Exploits0References6
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-451 pgAdmin 4 Vulnerable to Remote Code Execution

Remote Code Execution security vulnerability in pgAdmin 4 Query Tool and Cloud Deployment modules. The vulnerability is associated with the 2 POST endpoints; /sqleditor/querytool/download, where the querycommited parameter and /cloud/deploy endpoint, where the highavailability parameter is unsafe...

9.9CVSS6.2AI score0.46222EPSS
Exploits8References6
OSV
OSV
added 2026/06/29 9:45 a.m.2 views

SUSE-SU-2026:2675-1 Security update for tomcat

This update for tomcat fixes the following issues Update to Tomcat 9.0.118: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. - CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. - CVE-2026-42498: WebSocket authentication header exposure bsc1265165. -...

9.8CVSS5.9AI score0.01339EPSS
Exploits2References15
Patchstack
Patchstack
added 2026/06/29 8:18 a.m.7 views

WordPress Simple User Avatar plugin <= 4.9 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Simple User Avatar versions = 4.9...

4.3CVSS5.8AI score0.00183EPSS
Exploits0Affected Software1
Rows per page
Query Builder