Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

93 matches found

RedhatCVE
RedhatCVEadded 2 days ago4 views

CVE-2026-7312

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00032EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2 days ago3 views

CVE-2026-7195

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to...

8.8CVSS5.8AI score0.00053EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 3 days ago7 views

CVE-2026-7312

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00032EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 3 days ago6 views

CVE-2026-7312 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00032EPSS
Exploits0References1
EUVD
EUVDadded 3 days ago8 views

EUVD-2026-33918

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00084EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 3 days ago6 views

PT-2026-45762

Name of the Vulnerable Software and Affected Versions Progress Sitefinity versions 14.0.7700 through 14.4.8152 Progress Sitefinity versions 15.0.8200 through 15.0.8234 Progress Sitefinity versions 15.1.8300 through 15.1.8335 Progress Sitefinity versions 15.2.8400 through 15.2.8441 Progress...

10CVSS5.8AI score0.00032EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 3 days ago7 views

PT-2026-45763

Name of the Vulnerable Software and Affected Versions Progress Sitefinity versions 8.0.5700 through 13.3.7652 Description Insufficiently protected credentials in web services allow a remote authenticated attacker to obtain plain-text credentials used to connect to the Sitefinity Insight service...

8.7CVSS5.8AI score0.00035EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 3 days ago8 views

PT-2026-45759

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to...

8.8CVSS5.8AI score0.00053EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/05/22 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: lighttpd (UTSA-2026-016637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016637 advisory. In lighttpd 1.4.46 through 1.4.63, the modextforwardForwarded function of the modextforward plugin has a stack-based buffer overflow 4 bytes representing -1, as...

5.9CVSS6.6AI score0.01488EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2026/05/08 7:16 a.m.4 views

CVE-2026-44916

In OpenStack Ironic before 35.0.2 in a certain non-default configuration, instanceinfo'kstemplate' is rendered without sandboxing...

3CVSS5.8AI score0.00011EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/07 12:0 a.m.5 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016495 advisory. In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the...

8.1CVSS5.9AI score0.00034EPSS
Exploits0References4
OSV
OSVadded 2026/04/28 6:30 a.m.4 views

GHSA-WQPV-C3PP-3M58 OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

OpenStack Ironic through 25.0.0 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.9AI score0.00027EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2026/04/28 6:30 a.m.3 views

OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

OpenStack Ironic through 25.0.0 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.9AI score0.00027EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2026/04/28 6:16 a.m.0 views

DEBIAN-CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.6AI score0.00027EPSS
Exploits0References1
NVD
NVDadded 2026/04/28 6:16 a.m.1 views

CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS0.00027EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/28 4:53 a.m.28 views

CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS0.00027EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/28 4:53 a.m.0 views

CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.4AI score0.00027EPSS
Exploits0References1
CVE
CVEadded 2026/04/28 4:53 a.m.4 views

CVE-2026-42510

OpenStack Ironic is affected by CVE-2026-42510. The CVE record for OpenStack Ironic identifies that before version 35.0.1 it allows ipmitool execution in a non-default configuration that includes a console interface. The root cause is the ability to execute ipmitool under non-default console conf...

6.6CVSS5.5AI score0.00027EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/04/28 12:0 a.m.1 views

CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.9AI score0.00027EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/28 12:0 a.m.0 views

PT-2026-35657

CVE-2026-42510 OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface. https://t.co/7WlPP7580G...

6.6CVSS5.5AI score0.00027EPSS
Exploits0References3
Rows per page
Query Builder