Lucene search
+L

1708 matches found

cve
cve
added 2026/06/25 8:39 a.m.23 views

CVE-2026-53236

CVE-2026-53236 affects the Linux kernel where a patch restricts SO_ATTACH_FILTER (cBPF) usage on TCP sockets to CAP_NET_ADMIN, mitigating a potential side-channel leaking TCP sequence/ACK data. Debian/Ubuntu entries show patches across newer kernel builds (e.g., Linux 6.1 series with 6.1.176-1~de...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References6Affected Software1
drupal
drupal
added 2026/06/24 12:0 a.m.7 views

AI (Artificial Intelligence) - Moderately critical - Access bypass - SA-CONTRIB-2026-055

This module enables you to utilize an agent to use Drupal core actions tools with bypassed access. Certain Drupal core actions, exposed as agent tools did not have correct access validation, and some core actions were missing associated access-level definitions. This vulnerability is mitigated by...

3.3CVSS5.8AI score0.00161EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.6 views

PT-2026-52168

Name of the Vulnerable Software and Affected Versions Drupal AI versions 0.0.0 through 1.2.17 Drupal AI versions 1.3.0 through 1.3.8 Drupal AI versions 1.4.0 through 1.4.3 Description A missing authorization issue allows forceful browsing. Certain Drupal core actions exposed as agent tools lack...

6AI score0.00161EPSS
Exploits0References3
nvd
nvd
added 2026/06/23 11:16 p.m.11 views

CVE-2026-12163

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

5.5CVSS0.00145EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/23 12:0 a.m.14 views

PT-2026-51604

Name of the Vulnerable Software and Affected Versions Fortra File Integrity Monitoring FIM versions prior to 9.4.0.1 Description A stored cross-site scripting XSS issue exists in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or...

5.5CVSS5.6AI score0.00145EPSS
Exploits0References7
nvd
nvd
added 2026/06/19 10:16 a.m.17 views

CVE-2026-34192

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not...

7.7CVSS0.0011EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/18 12:56 p.m.8 views

CVE-2026-54223

UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates to read and write any file on the application’s server that application has privileges to, what results in Remote Code Execution. Because vendor contact attempts were unsuccessful, the vulnerability...

8.6CVSS5.5AI score0.00628EPSS
Exploits0References3
euvd
euvd
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37581

Incorrect Authorization vulnerability allows users with system login privileges to delete task definitions in unauthorized projects This issue affects Apache DolphinScheduler versions prior to 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes this issue...

4.9CVSS5.1AI score0.00437EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/12 9:43 p.m.8 views

CVE-2026-34195 GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page translation from virtual page indexes

Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping...

5.3AI score0.00328EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/11 3:10 p.m.13 views

CVE-2024-45636 IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.1CVSS5.4AI score0.00094EPSS
Exploits0References1
euvd
euvd
added 2026/06/11 3:10 p.m.11 views

EUVD-2024-55619

IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user...

4.1CVSS5.4AI score0.00094EPSS
Exploits0References1
cve
cve
added 2026/06/11 3:10 p.m.33 views

CVE-2024-45636

The CVE-2024-45636 entry concerns IBM Security QRadar EDR. Affected: QRadar EDR 3.12–3.12.24. Issue: credentials are stored in plaintext, readable by a local privileged user (CWE-256). Impact: potential exposure of sensitive credentials on the host; CVSS v3.1 base score 4.1 (L, H, N) with Local a...

4.4CVSS5.4AI score0.00094EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2026/06/11 12:0 a.m.19 views

IBM Security QRadar EDR 安全漏洞

IBM Security QRadar EDR is a terminal detection and response software developed by the American multinational company IBM. There are security vulnerabilities in versions 3.12 to 3.12.24 of IBM Security QRadar EDR. These vulnerabilities stem from the storage of user credentials in plain text, whic...

4.4CVSS5.3AI score0.00094EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/10 2:59 p.m.11 views

CVE-2026-47343

Non-privileged backend users with file mount access were able to perform write operations move, delete, rename on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0...

7.2CVSS5.5AI score0.00238EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.20 views

Lenovo ThinkPad 加密问题漏洞

The Lenovo ThinkPad is a portable computer by the company Lenovo. The Lenovo ThinkPad has an encryption vulnerability, which stems from issues with the embedded controller firmware. This vulnerability may allow privileged local users to perform arbitrary read and write operations on privileged...

8.4CVSS5.5AI score0.00077EPSS
Exploits0References2
cve
cve
added 2026/06/09 10:49 a.m.30 views

CVE-2026-47343

Technical details are not publicly available in the provided documents. Monitor TYPO3 security advisories for updates. The CVE describes unauthorized write actions on file mount folders across several TYPO3 CMS versions, with no publicly disclosed exploitation specifics.

7.2CVSS5.5AI score0.00238EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/09 8:59 a.m.12 views

CVE-2026-41723

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS5.2AI score0.00399EPSS
Exploits0References1
cve
cve
added 2026/06/09 12:21 a.m.40 views

CVE-2026-44750

CVE-2026-44750 affects SAP MDG (Review Match Groups Application) due to missing authorization checks for authenticated users, enabling a low-privileged user to perform restricted actions and escalate privileges. Impact is described as low integrity impact; confidentiality and availability are not...

4.3CVSS5.5AI score0.00161EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.13 views

PT-2026-52485

Name of the Vulnerable Software and Affected Versions Schneider Electric PowerLogic P7 affected versions not specified Description An OS Command Injection issue exists in the firmware of the device, which occurs when special elements used in OS commands are not properly neutralized. This flaw...

9CVSS6AI score0.01191EPSS
Exploits0References5
nvd
nvd
added 2026/06/08 4:16 p.m.15 views

CVE-2026-22164

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory. By creating resources of certain types and presenting a set of parameters to the affected interface the exploit can be used to corrupt kernel memory...

7.5CVSS0.00338EPSS
Exploits0References1
Rows per page
Query Builder