Lucene search
K

89 matches found

Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.13 views

PT-2026-38574

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description Improper neutralization of special elements in Copilot Business Chat allows an unauthorized attacker to disclose information over a network. Recommendations At the moment, there is no...

7.8CVSS5.8AI score0.01135EPSS
Exploits0References11
NVD
NVD
added 2026/04/23 10:16 p.m.9 views

CVE-2026-32210

Server-side request forgery ssrf in Microsoft Dynamics 365 Online allows an unauthorized attacker to perform spoofing over a network...

9.3CVSS0.00584EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/14 6:30 p.m.8 views

EUVD-2026-22376

Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...

7.5CVSS5.8AI score0.01064EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/14 4:57 p.m.2 views

CVE-2026-32202

Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS5.8AI score0.64095EPSS
Exploits3
AlpineLinux
AlpineLinux
added 2026/04/14 4:57 p.m.4 views

CVE-2026-32178

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...

7.5CVSS5.8AI score0.02279EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

Microsoft Edge 安全漏洞

Microsoft Edge is a web browser included with Windows 10 and later versions of the operating system developed by Microsoft. There is a security vulnerability in Microsoft Edge, which stems from errors in the handling of critical information within the Edge browser based on the Chromium kernel. Th...

4.3CVSS5.8AI score0.00555EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.4 views

CVE-2026-26120

Server-side request forgery ssrf in Microsoft Bing allows an unauthorized attacker to perform tampering over a network...

6.5CVSS5.8AI score0.00559EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 6:15 a.m.28 views

CVE-2026-4652

Summary of CVE-2026-4652 (NVMe/TCP) : A remote attacker with network access to an NVMe/TCP target can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID, leading to an unauthenticated Denial of Service. Affected systems expose an NVMe/TCP target; imp...

7.5CVSS5.9AI score0.00367EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/02/28 9:4 a.m.9 views

nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec

...

7.5CVSS7.2AI score0.0071EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/11 7:45 p.m.7 views

CVE-2026-21527

User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.08619EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.7 views

PT-2026-7398

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.00961EPSS
Exploits0References2
OSV
OSV
added 2026/02/05 11:15 p.m.4 views

CVE-2026-0391

User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.8AI score0.00595EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/05 10:13 p.m.6 views

CVE-2026-0391

User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.00595EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/01/22 11:15 p.m.7 views

CVE-2026-21264

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Account allows an unauthorized attacker to perform spoofing over a network...

9.3CVSS0.0037EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 10:15 p.m.7 views

CVE-2026-21924

Vulnerability in the Oracle Utilities Application Framework product of Oracle Utilities Applications component: General. Supported versions that are affected are 4.4.0.3.0, 4.5.0.0.0, 4.5.0.1.1, 4.5.0.1.3, 4.5.0.2.0, 25.4 and 25.10. Easily exploitable vulnerability allows low privileged attacker...

5.4CVSS0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.4 views

PT-2026-2663

Name of the Vulnerable Software and Affected Versions Windows LDAP affected versions not specified Description An issue with how input is checked in Windows Lightweight Directory Access Protocol LDAP could allow a network attacker who is already authorized to modify the system. This tampering cou...

6.8CVSS6.3AI score0.01116EPSS
Exploits0References10
NVD
NVD
added 2025/12/26 6:15 a.m.6 views

CVE-2025-62578

DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information...

7.5CVSS0.00379EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 1:16 a.m.5 views

CVE-2023-53817

In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - avoid null pointer deref in mpicmpui During NVMeTCP Authentication a controller can trigger a kernel oops by specifying the 8192 bit Diffie Hellman group and passing a correctly sized, but zeroed Diffie Hellamn...

0.00252EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/12/02 4:14 p.m.6 views

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

8.6CVSS6.8AI score0.00363EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.6 views

Socomec DIRIS Digiware M-70 访问控制错误漏洞

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A denial of service vulnerability exists in the Socomec DIRIS Digiware M-70, which stems from th...

8.6CVSS6.3AI score0.00363EPSS
Exploits0References2
Rows per page
Query Builder