Lucene search
K

27025 matches found

Cvelist
Cvelist
added 2026/03/16 4:31 a.m.31 views

CVE-2026-20990

Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...

8.4CVSS0.00159EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 4:31 a.m.2 views

CVE-2026-20990

Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...

8.4CVSS5.9AI score0.00159EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.2 views

EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2026-1478)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl,changing TLS options in one thread would inadvertently change th...

7.5CVSS6.7AI score0.01301EPSS
Exploits5References7
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

SAMSUNG Secure Folder 安全漏洞

Samsung Secure Folder is a privacy protection software developed by South Korea’s Samsung Corporation. Versions of Samsung Secure Folder prior to the SMR Mar-2026 Release 1 had security vulnerabilities. These vulnerabilities stemmed from improper export of Android application components, which...

8.4CVSS5.9AI score0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.8 views

PT-2026-25595

Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...

8.4CVSS5.9AI score0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25621

A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects the function PathUtils.RemoveParentPath of the file /api/admin/plugins/install/actions/download. This manipulation of the argument path causes path traversal. Remote exploitation of the attack is possible. The exploit...

5.1CVSS5.4AI score0.00438EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.10 views

Philips Hue Bridge 安全漏洞

The Philips Hue Bridge is a smart lighting gateway device developed by the Japanese company Philips Hue. There is a security vulnerability in the Philips Hue Bridge, which stems from the use of static random numbers in the SRP authentication mechanism, potentially allowing authentication bypass...

8.1CVSS7.2AI score0.00396EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25845

Name of the Vulnerable Software and Affected Versions IncusOS versions prior to 202603142010 Description The default configuration of systemd-cryptenroll, as used by IncusOS through mkosi, allows an attacker with physical access to the machine to access encrypted data without requiring interactio...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.4 views

EulerOS 2.0 SP11 : openssh (EulerOS-SA-2026-1614)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to...

3.6CVSS6.8AI score0.00221EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.6 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2026-1305)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP,...

6.3CVSS5.9AI score0.00611EPSS
Exploits3References5
OSV
OSV
added 2026/03/15 5:53 a.m.6 views

OESA-2026-1563 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS5.9AI score0.00582EPSS
Exploits0References4
OSV
OSV
added 2026/03/15 5:53 a.m.5 views

OESA-2026-1562 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS5.9AI score0.00582EPSS
Exploits0References6
OSV
OSV
added 2026/03/15 5:53 a.m.5 views

OESA-2026-1561 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS5.9AI score0.00582EPSS
Exploits0References6
OSV
OSV
added 2026/03/15 5:53 a.m.5 views

OESA-2026-1559 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS6.1AI score0.00582EPSS
Exploits0References6
OSV
OSV
added 2026/03/15 5:53 a.m.5 views

OESA-2026-1558 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.2CVSS6.1AI score0.00582EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/03/15 12:0 a.m.2 views

Toward Secure Web to ERP Payment Flows: A Case Study of HTTP Header Trust Failures in SAP Based Systems

Electronic banking portals often sit in front of enterprise resource planning ERP systems such as SAP, mediating payment requests between users and back end financial infrastructure. When these integrations place excessive trust in client supplied HTTP metadata, subtle design flaws can arise that...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: openssh (UTSA-2026-006162)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006162 advisory. ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. Tenable has extracted the...

3.6CVSS6AI score0.00114EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/13 10:41 p.m.8 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to the handling of HTTPS redirects when a proxy is configured and setfollowlocation is enabled. An attacker can intercept sensitive information by presenting a forged, expired, or self-signed...

9.1CVSS5.9AI score0.00179EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/13 9:31 p.m.3 views

EUVD-2026-12045

In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure attribute for cookie settings...

6.3CVSS5.8AI score0.00102EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/13 8:48 p.m.32 views

CVE-2026-32627 cpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via Proxy

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and setfollowlocationtrue, any HTTPS redirect it follows will have TLS certificate and hostname verification silently disabled on the new...

8.7CVSS0.00179EPSS
Exploits1References1
Rows per page
Query Builder