Lucene search
K

5 matches found

Nuclei
Nuclei
added 17 hours ago12 views

TRUfusion Enterprise <= 7.10.4.0 - Admin Contact Portal

TRUfusion Enterprise versions 7.10.4.0 and earlier contained a vulnerability that allowed unauthenticated access to the Internal Admin Contact Page, resulting in the disclosure of PII including partner and contact names. id: CVE-2025-27225 info: name: TRUfusion Enterprise = 7.10.4.0 - Admin Conta...

7.5CVSS5.9AI score0.17601EPSS
Exploits1References3
OSV
OSV
added 4 days ago4 views

PYSEC-2026-407 Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass

Summary Marimo 19.6k stars has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints e.g., /ws that correct...

9.8CVSS7.7AI score0.95645EPSS
Exploits11References10
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.31 views

Linux Distros Unpatched Vulnerability : CVE-2026-48842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape...

8.1CVSS5.9AI score0.00764EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.8 views

The vulnerability of the PreAuth component in the corporate email management system Zimbra Collaboration Suite allows a hacker to redirect users to any arbitrary URL address.

The vulnerability of the PreAuth component in the Zimbra Collaboration Suite email management system is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to any given URL address remotely...

7.5CVSS6.3AI score0.00393EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/07/29 12:0 a.m.4 views

PT-2020-14758 · Gnome +1 · Gnome Balsa +1

Name of the Vulnerable Software and Affected Versions: GNOME Balsa versions prior to 2.6.0 Description: A malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap mbox connect in libbalsa/imap/imap-handle.c. This...

7.5CVSS7.3AI score0.0205EPSS
Exploits1References18
Rows per page
Query Builder