Lucene search
+L

2292 matches found

cve
cve
added yesterday30 views

CVE-2026-60005

NGINX Plus and NGINX Open Source are affected by a vulnerability in the ngx_http_slice_module. When the slice directive and unnamed regex captures are configured, or during a background cache update, unauthenticated remote attackers can trigger uninitialized memory access in the worker process, p...

8.8CVSS6.1AI score
Exploits0References1
f5
f5
added yesterday6 views

K000162231: BIG-IP HTTP/2 vulnerability CVE-2026-59762

Security Advisory Description When an HTTP/2 profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2026-59762 Impact System performance can degrade until the TMM process is either forced to restart or is manually restarted. This...

8.7CVSS6AI score
Exploits0Affected Software14
nuclei
nuclei
added yesterday97 views

TerraMaster TOS < 4.2.06 - User Enumeration

User Enumeration vulnerability in TerraMaster TOS = 4.2.06 allows remote unauthenticated attackers to identify valid users within the system via the username parameter to wizard/initialise.php. id: CVE-2020-28185 info: name: TerraMaster TOS 4.2.06 - User Enumeration author: pussycat0x severity:...

5.3CVSS6.2AI score0.18066EPSS
Exploits1References5
cvelist
cvelist
added 2 days ago35 views

CVE-2026-15409

A Server-side request forgery SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location...

0.01404EPSS
Exploits3References1
nvd
nvd
added 2 days ago3 views

CVE-2025-53379

A out-of-bounds read vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.2, FortiAuthenticator 6.5 all versions may allow a remote unauthenticated attacker to retrieve sensitive information via a specially crafted request...

7.5CVSS0.00385EPSS
Exploits0References1
cve
cve
added 2 days ago26 views

CVE-2025-53379

Fortinet FortiAuthenticator is affected by CVE-2025-53379, an out-of-bounds read vulnerability in FortiAuthenticator 6.6.0–6.6.2 and all 6.5 versions. A remote unauthenticated attacker could potentially retrieve sensitive information via a specially crafted request. The CVSSv3.1 vector is NETWORK...

7.5CVSS6.1AI score0.00385EPSS
Exploits0References1Affected Software1
cve
cve
added 2 days ago17 views

CVE-2026-14902

Ivanti Xtraction has an open redirect vulnerability (CVE-2026-14902) in versions before 2026.2.1. An unauthenticated, remote attacker can redirect users to arbitrary external URLs. CVSS v3.1 base score 4.0 (Medium). Remediation: upgrade to 2026.2.1. See Ivanti advisory: https://hub.ivanti.com/s/a...

4CVSS6.2AI score0.00512EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2 days ago4 views

PT-2026-58054

Name of the Vulnerable Software and Affected Versions FortiAuthenticator versions 6.6.0 through 6.6.2 FortiAuthenticator versions 6.5.x Description An out-of-bounds read issue allows a remote unauthenticated attacker to retrieve sensitive information by sending a specially crafted request. An...

7.5CVSS6.1AI score0.00385EPSS
Exploits0References4
cvelist
cvelist
added 2 days ago33 views

CVE-2025-56361

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic emberAfLevelControlClusterServerTickCallback. When a MoveToLevel command is executed and followed by a conflicting write to the OperationMod...

0.00207EPSS
Exploits0References2
cvelist
cvelist
added 3 days ago29 views

CVE-2026-61505 Rejetto HFS < 3.2.1 Limited File Disclosure via Path Traversal in lang Parameter

Rejetto HFS 3.0.0 through 3.2.0 allows path traversal through the lang query parameter, permitting a remote unauthenticated attacker to read certain JSON files outside the shared folders. Exploitation is constrained to files matching a narrow naming and format pattern, limiting practical impact...

6.9CVSS0.00452EPSS
Exploits0References2
osv
osv
added 3 days ago4 views

CVE-2026-61501 Rejetto HFS < 3.2.1 Stored XSS in Admin Log Viewer

Rejetto HFS 3.0.0 through 3.2.0 renders log entries in the administration panel as HTML without sanitization. A remote unauthenticated attacker can submit a failed login with a crafted username that is written to the error log and executes JavaScript in an administrator's browser when the logs ar...

5.3CVSS6.3AI score0.00308EPSS
Exploits0References5
euvd
euvd
added 4 days ago7 views

EUVD-2026-43213

A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...

7.5CVSS6.7AI score0.00627EPSS
Exploits0References4
nvd
nvd
added last week10 views

CVE-2026-57021

An Out-of-bounds Write vulnerability in the http-gatekeeper http-gk of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX Series device is configured for remote-access VPN with pre-logon compliance check, a...

6.9CVSS0.00474EPSS
Exploits0References1
nvd
nvd
added last week7 views

CVE-2026-60095

Vinchin Backup & Recovery through 9.0.0.86562 contains a stack buffer overflow vulnerability in the ModuleHandShake function of the agentlinkserver service that allows unauthenticated remote attackers to overwrite the saved return address by supplying an oversized listenuuid field that is measure...

6.9CVSS0.00463EPSS
Exploits0References3
osv
osv
added 2026/07/09 11:16 a.m.3 views

UBUNTU-CVE-2026-59692

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References6
redhat
redhat
added 2026/07/08 7:33 p.m.7 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS6.2AI score0.00514EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.10 views

PT-2026-56420

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...

7.1CVSS6.2AI score0.00202EPSS
Exploits0References3
redhat
redhat
added 2026/07/07 9:48 p.m.4 views

mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase

A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...

7.5CVSS5.9AI score0.04409EPSS
Exploits1References5
nessus
nessus
added 2026/07/07 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding...

5.3CVSS6.1AI score0.00294EPSS
Exploits0References4
cve
cve
added 2026/07/06 3:25 p.m.16 views

CVE-2026-5268

Technical details about CVE-2026-5268 are not publicly provided in the supplied documents. No affected products, versions, root cause, or remediation are enumerated here. Monitor for updates and additional technical disclosures.

9.1CVSS6AI score0.0042EPSS
Exploits0References1
Rows per page
Query Builder