Lucene search
K

27079 matches found

Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.14 views

PT-2026-40039

Name of the Vulnerable Software and Affected Versions Ivanti Secure Access Client versions prior to 22.8R6 Description A race condition allows a locally authenticated user to escalate privileges to SYSTEM. A race condition is a situation where the system's substantive behavior is dependent on the...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References4
Microsoft KB
Microsoft KB
added 2026/05/12 12:0 a.m.108 views

KB5088064: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: May 12, 2026

KB5088064: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: May 12, 2026 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates o...

5.4AI score
Exploits0
Amd
Amd
added 2026/05/12 12:0 a.m.17 views

AMD Server Software and Embedded Chipset Driver Vulnerabilities Identified in Windows® Environments

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0432| Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.|...

8.5CVSS6.3AI score0.00122EPSS
Exploits0
Snyk
Snyk
added 2026/05/11 9:0 p.m.6 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS5.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/11 8:36 p.m.7 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/11 8:26 p.m.7 views

CVE-2026-8186

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogssbiclientsendviascporsepp in the library lib/sbi/client.c of the component NF. Performing a manipulation results in out-of-bounds read. The attack is possible to be carried out remotely. The patch is named...

7.5CVSS5.8AI score0.00519EPSS
Exploits1References1
Snyk
Snyk
added 2026/05/11 7:37 p.m.14 views

Arbitrary Code Injection

Overview org.webjars.npm:mermaid is a package for generation of diagrams and flowcharts from text in a similar manner as markdown. Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper sanitization of configuration options such as fontFamily, themeCSS, and...

6.1CVSS5.9AI score0.00398EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/11 5:49 p.m.5 views

CVE-2026-43995

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, multiple tool implementations directly import and invoke raw HTTP clients node-fetch, axios instead of using the secured wrapper. These tools include 1 OpenAPIToolkit/OpenAPIToolkit.ts, 2...

5.3CVSS5.8AI score0.00396EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/11 5:54 a.m.10 views

CVE-2026-5081

A flaw was found in Apache::Session::Generate::ModUniqueId, a Perl module designed to generate session identifiers. This module uses the Apache moduniqueid plugin's UNIQUEID environment variable directly as a session ID. The UNIQUEID is constructed from easily guessable information, such as the...

9.1CVSS5.8AI score0.00302EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017535)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017535 advisory. curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets...

4.3CVSS6.7AI score0.03141EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.9 views

LLMs for Secure Hardware Design and Related Problems: Opportunities and Challenges

The integration of Large Language Models LLMs into Electronic Design Automation EDA and hardware security is rapidly reshaping the semiconductor industry. While LLMs offer unprecedented capabilities in generating Register Transfer Level RTL code, automating testbenches, and bridging the semantic...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017479 advisory. A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other...

8.2CVSS7AI score0.01152EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.11 views

Unity Linux 20.1070e Security Update: maven (UTSA-2026-017745)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017745 advisory. Apache Maven will follow repositories that are defined in a dependencys Project Object Model pom which may be surprising to some users, resulting in potential risk i...

9.1CVSS5.8AI score0.08691EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017477 advisory. A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB devi...

7.6CVSS6.3AI score0.00794EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Cisco Unity Connection Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)

According to its self-reported version, Cisco Unity Connection is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unity Connection due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after...

8.1CVSS7.7AI score0.99506EPSS
Exploits68References3
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: postgresql (UTSA-2026-017787)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017787 advisory. A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. Tenable ha...

5.9CVSS5.8AI score0.01501EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017570)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017570 advisory. When curl = 7.20.0 and = 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back...

5.9CVSS6.8AI score0.02799EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.17 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017478)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017478 advisory. A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, usi...

7.2CVSS7.1AI score0.00573EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-paramiko (UTSA-2026-017484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017484 advisory. Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attac...

8.8CVSS5.8AI score0.04407EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017485)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017485 advisory. A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an...

7.5CVSS5.9AI score0.01738EPSS
Exploits0References4
Rows per page
Query Builder