Lucene search
K

489 matches found

CNNVD
CNNVD
added 2026/04/14 12:0 a.m.7 views

Microsoft Windows Push Notifications 资源管理错误漏洞

Microsoft Windows Push Notifications is a push notification service provided by Microsoft Corporation. It provides a reliable way to deliver new updates. There is a resource management vulnerability in Microsoft Windows Push Notifications. Attackers can exploit this vulnerability to gain elevated...

8.8CVSS5.8AI score0.00177EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.3 views

PT-2026-32749

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description Improper synchronization during concurrent execution using a shared resource, known as a race condition, allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00153EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.3 views

PT-2026-32744

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description An improper synchronization of shared resources during concurrent execution, known as a race condition, allows an authorized attacker to elevate privileges locally...

8.8CVSS6.2AI score0.00177EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32828

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description An improper synchronization of shared resources during concurrent execution, known as a race condition, allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.002EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Microsoft Windows Push Notifications 竞争条件问题漏洞

Microsoft Windows Push Notifications is a push notification service provided by Microsoft Corporation. It provides a reliable way to deliver new updates. There are vulnerabilities related to competition conditions in Microsoft Windows Push Notifications. Attackers can exploit these vulnerabilitie...

7.8CVSS5.8AI score0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.4 views

PT-2026-32830

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description An improper synchronization issue, known as a race condition a situation where the system's behavior depends on the sequence or timing of uncontrollable events, occurs duri...

7.8CVSS6.4AI score0.00201EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

Microsoft Windows Push Notifications 资源管理错误漏洞

Microsoft Windows Push Notifications is a push notification service provided by Microsoft Corporation. It provides a reliable way to deliver new updates. There is a resource management vulnerability in Microsoft Windows Push Notifications. Attackers can exploit this vulnerability to gain elevated...

7.8CVSS5.8AI score0.002EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/03/09 12:53 p.m.6 views

Quiz sites trick users into enabling unwanted browser notifications

Our support team flagged a number of customers who suspected their device might be infected with malware, but Malwarebytes scans came up empty. When the customers provided screenshots, our Malware Removal Support team quickly recognized the format as web push notifications. The reason the scans...

5.6AI score
Exploits0
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.12 views

WordPress plugin All push notification for WP SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

4.9CVSS5.9AI score0.00339EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/23 6:19 a.m.14 views

CVE-2026-23964

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.5, 4.4.12, and 4.3.18, an insecure direct object reference in the web push subscription update endpoint lets any authenticated user update another user's push subscription by guessing or obtaining th...

6.5CVSS5.6AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 3:15 a.m.8 views

CVE-2026-23964

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.5, 4.4.12, and 4.3.18, an insecure direct object reference in the web push subscription update endpoint lets any authenticated user update another user's push subscription by guessing or obtaining th...

6.5CVSS0.00195EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/21 10:25 p.m.3 views

CVE-2026-21934

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Push Notifications. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

5.4CVSS5.4AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/21 12:31 a.m.4 views

EUVD-2026-3575

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Push Notifications. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

5.4CVSS5.4AI score0.002EPSS
Exploits0References2
OSV
OSV
added 2026/01/20 10:15 p.m.4 views

CVE-2026-21934

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Push Notifications. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

5.4CVSS5.8AI score0.002EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 10:15 p.m.8 views

CVE-2026-21934

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Push Notifications. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

5.4CVSS0.002EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 9:56 p.m.4 views

CVE-2026-21934

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Push Notifications. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

5.4CVSS5.4AI score0.002EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.6 views

PT-2026-3684

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62 Description A flaw exists in the Push Notifications component of Oracle PeopleSoft Enterprise PeopleTools. A low-privileged attacker with network access via HTTP can compromise the system. Successfu...

5.4CVSS7.3AI score0.002EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : firefox-102.15.0-1.0.1.el7.AXS7 (AXSA:2023-6392:33)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6392:33 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

8.8CVSS8.5AI score0.00693EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : firefox-102.15.0-1.el9.ML.1 (AXSA:2023-6389:32)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6389:32 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

8.8CVSS5.8AI score0.00693EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.15 views

CVE-2024-34369

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Webpushr Web Push Notifications Webpushr allows Reflected XSS.This issue affects Webpushr: from n/a through 4.35.0...

7.1CVSS5.2AI score0.00356EPSS
Exploits0References1
Rows per page
Query Builder