Lucene search
K

1385 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-6036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page...

6.5CVSS7.4AI score0.01615EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2015-4908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different...

5CVSS6.3AI score0.0299EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-6150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS7.3AI score0.00867EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/15 12:30 a.m.16 views

CVE-2025-43988

KuWFi 5G01-X55 FL2020V0.0.12 devices expose an unauthenticated API endpoint ajaxget.cgi, allowing remote attackers to retrieve sensitive configuration data, including admin credentials...

7.5CVSS7.5AI score0.00427EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/13 12:0 a.m.4 views

NVIDIA Triton Inference Server Python Out-of-Bounds Read Vulnerability

Triton Inference Server is a high-performance inference service engine developed by NVIDIA, designed for AI model deployment in production environments, with support for a variety of frameworks TensorFlow, PyTorch, ONNX, etc. and optimized inference performance for GPUs and CPUs. An out-of-bounds...

7.5CVSS7AI score0.00875EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.6 views

The vulnerability of the `update-ldcache` function in software for creating and running NVIDIA Container Toolkit containers and NVIDIA GPU Operator resource management software allows a malicious actor to gain unauthorized access to protected information or cause service failures.

The vulnerability in the update-ldcache function of software for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, arises from an improper definition of symbolic references before accessing files. Exploiting this vulnerabili...

8.5CVSS7.8AI score0.00679EPSS
Exploits0References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2025/08/08 12:0 a.m.6 views

The vulnerability of the Fortinet FortiPortal security analysis and management tool, related to improper handling of path equivalence, allows for the disclosure of protected information.

The vulnerability of the Fortinet FortiPorta security management and analysis tool is related to improper resolution of path equivalence. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system...

8.6CVSS5.4AI score0.01227EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2025/08/07 1:19 p.m.6 views

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. "At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable...

7.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/08/07 12:0 a.m.3 views

The vulnerability of the distributed Git version control system, related to improper filtering of output data, allows a malicious actor to gain read, modify, or delete access to data, or execute arbitrary code.

The vulnerability of the distributed Git version control system is related to improper filtering of output data during the extraction or sending of message exchanges from the server. Exploiting this vulnerability can allow a remote attacker to gain read, modify, or delete access to data, or execu...

7.6CVSS7.6AI score0.00494EPSS
Exploits1References6Affected Software2
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.5 views

NVIDIA Triton Inference Server 安全漏洞

Triton Inference Server is a high-performance inference service engine developed by NVIDIA, designed for AI model deployment in production environments, with support for a variety of frameworks TensorFlow, PyTorch, ONNX, etc. and optimized inference performance for GPUs and CPUs. An out-of-bounds...

7.5CVSS6.8AI score0.00875EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/08/05 12:0 a.m.5 views

The vulnerability of the WeGIA web manager’s script /html/saude/profile_paciente.php, which allows a hacker to disclose confidential information

The vulnerability of the WeGIA web manager’s script /html/saude/profilepaciente.php is related to the failure to protect the SQL query structure when processing the parameter idfuncionario. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose confidential informati...

9.9CVSS5.6AI score0.00371EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.6 views

The software’s vulnerability related to secure remote access to data in Palo Alto Networks GlobalProtect App allows a intruder to escalate their privileges. This vulnerability arises from errors in privilege management.

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.5AI score0.00132EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.6 views

The vulnerability of the sub_41F0FC function in the /H5/webgl.data file of the D-Link DI-7003GV2 router’s microprogramming software, which allows a hacker to disclose confidential information

The vulnerability of the sub41F0FC function in the /H5/webgl.data file of the D-Link DI-7003GV2 router’s microprogramming system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to disclose confidential information remotely...

5.3CVSS5.8AI score0.01033EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.6 views

The vulnerability of Zoom, a video conferencing software, related to the falsification of cross-site requests, allows attackers to disclose protected information.

The vulnerability of Zoom video conferencing software is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

4CVSS5.4AI score0.00213EPSS
Exploits0References2Affected Software18
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.4 views

The vulnerability of the ColdFusion software platform lies in the improper limitation of XML references to external objects. This allows attackers to gain unauthorized access to protected information or circumvent existing security restrictions, thereby causing service failures.

The vulnerability of the ColdFusion software platform is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or circumvent existing security...

9.3CVSS5.5AI score0.00548EPSS
Exploits0References2
OSV
OSV
added 2025/07/16 8:36 a.m.9 views

CLSA-2025-1752655009 java-1.8.0-openjdk: Fix of 7 CVEs

CVE-2024-20952: remote data access or modification in sandboxed clients - CVE-2024-20932: modify or access sensitive data in sandboxed client environments - CVE-2024-20918: remote data access or modification in sandboxed clients - CVE-2024-20926: remote data access in sandboxed clients -...

7.5CVSS5.8AI score0.01026EPSS
Exploits0References1
OSV
OSV
added 2025/07/15 8:15 p.m.1 views

CVE-2025-30762

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle...

7.5CVSS5.8AI score0.00375EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/10 12:0 a.m.5 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in the exposure to information due to inconsistencies, allowing attackers to disclose protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the exposure of information due to inconsistencies. Exploiting this vulnerability allows a malicious actor to disclose the protected information remotely...

5.4CVSS5.4AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.7 views

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data remotely...

7.4CVSS7.1AI score0.00328EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.6 views

The vulnerability of the Traffic Service service (traffic_stat/traffic_service/traffic_service.c) in the network device software developed by ASR Microelectronics, including models ASR1803L, ASR1806, ASR1901, and ASR1903L, allows a malicious actor to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Traffic Service service trafficstat/trafficservice/trafficservice.c of the network card microprogramming software from ASR Microelectronics, models ASR1803L, ASR1806, ASR1901, and ASR1903L, is related to improper cleaning or release of resources. Exploiting this...

5.5CVSS5.5AI score0.00234EPSS
Exploits0References2Affected Software4
Rows per page
Query Builder