Lucene search
K

344 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/03 1:23 a.m.3 views

CVE-2025-67480

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

5.2AI score0.00211EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/03 1:23 a.m.5 views

CVE-2025-67480 list=allrevisions can be used to bypass Extension:Lockdown

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

5.3AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 1:23 a.m.14 views

CVE-2025-67480

CVE-2025-67480 affects Wikimedia Foundation MediaWiki. The issue is in ApiQueryRevisionsBase.php and, per Debian, affects MediaWiki versions before 1.39.16, 1.43.6, 1.44.3, 1.45.1, with read-permission checks for the target page not performed properly, potentially enabling information disclosure....

6.5CVSS5.2AI score0.00211EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/29 5:18 p.m.5 views

WordPress PublishPress Revisions plugin <= 3.7.22 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by lilmingwa13 in WordPress Plugin PublishPress Revisions versions = 3.7.22...

5.4CVSS5.5AI score0.00104EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/01/28 4:1 p.m.3 views

SUSE-SU-2026:20203-1 Security update for ucode-amd

This update for ucode-amd fixes the following issues: Changes in ucode-amd: - Update to version 20251203 git commit a0f0e52138e5: linux-firmware: Update amd-ucode copyright information linux-firmware: Update AMD cpu microcode - Update to version 20251113 git commit fb0dbcd30118: linux-firmware:...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.11 views

PT-2026-4707

Name of the Vulnerable Software and Affected Versions ManagedServices affected versions not specified Description An issue exists in the setPackageOrComponentEnabled function of ManagedServices.java related to improper input validation. This can result in a notification policy desync, potentially...

8.4CVSS6.1AI score0.00096EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.17 views

PT-2026-4702

Look at the security patch preview section of https://t.co/ySklSke3uy. These are from the upcoming patch levels: Critical: CVE-2026-0039, CVE-2026-0040, CVE-2026-0041, CVE-2026-0042, CVE-2026-0043, CVE-2026-0044 High: CVE-2025-22424, CVE-2025-22426, CVE-2025-32348, CVE-2025-48561, CVE-2025-48615,...

7.8CVSS6.1AI score0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.4 views

PT-2026-4705

Name of the Vulnerable Software and Affected Versions versions prior to 2026-0025 Description A permissions bypass exists in the hasImage function of Notification.java, potentially allowing information disclosure across users. This could lead to local escalation of privilege without requiring...

6.1AI score0.00102EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.10 views

PT-2026-4687

In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.00087EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.10 views

PT-2026-4692

In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.00098EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.6 views

PT-2026-4715

In multiple functions of ubsan throwing runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6AI score0.00253EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.11 views

PT-2026-4709

In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00072EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.10 views

PT-2026-4699

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00071EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.6 views

PT-2026-4708

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

6.2AI score0.00103EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.10 views

PT-2026-4710

Name of the Vulnerable Software and Affected Versions GrapheneOS versions prior to 2026030200 Description An integer overflow in multiple functions within ubsan throwing runtime.cpp can lead to a persistent denial of service. This issue allows for remote denial of service without requiring...

6.5CVSS6AI score0.00253EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.11 views

PT-2026-4712

Name of the Vulnerable Software and Affected Versions Chromium affected versions not specified Description An integer overflow in multiple functions within ubsan throwing runtime.cpp can cause a UBSan failure. This issue may lead to a remote denial of service without requiring additional executio...

6AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.17 views

PT-2026-4693

In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2AI score0.00098EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.12 views

PT-2026-4684

In many functions of ComputerEngine.java, there is a possible way to access URIs across users due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00084EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.13 views

PT-2026-4690

In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00079EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.13 views

PT-2026-4706

Look at the security patch preview section of https://t.co/ySklSke3uy. These are from the upcoming patch levels: Critical: CVE-2026-0039, CVE-2026-0040, CVE-2026-0041, CVE-2026-0042, CVE-2026-0043, CVE-2026-0044 High: CVE-2025-22424, CVE-2025-22426, CVE-2025-32348, CVE-2025-48561, CVE-2025-48615,...

7.8CVSS6.1AI score0.00253EPSS
Exploits0References1
Rows per page
Query Builder