Lucene search
K

5784 matches found

Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.5 views

PT-2025-28785 · Adobe · Framemaker

Name of the Vulnerable Software and Affected Versions: Adobe Framemaker versions 2020.8, 2022.6 and earlier Description: The issue is an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

7.8CVSS6.8AI score0.0017EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.5 views

PT-2025-28476 · Ivanti · Ivanti Connect Secure +1

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.8 Ivanti Policy Secure versions prior to 22.7R1.5 Description: The issue is related to improper access control in the certificate management component. This allows a remote authenticated admin wi...

6.3CVSS6.1AI score0.00248EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.3 views

PT-2025-28753 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier Description: The issue is related to an Improper Access Control vulnerability that could lead to application denial-of-service. A high-privileged attacker could exploit this vulnerabili...

4.5CVSS6AI score0.0039EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.8 views

PT-2025-28233 · Splunk · Splunk Enterprise +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.4.3 Splunk Enterprise versions prior to 9.3.5 Splunk Enterprise versions prior to 9.2.7 Splunk Enterprise versions prior to 9.1.10 Splunk Cloud Platform versions prior to 9.3.2411.104 Splunk Cloud Platfor...

4.3CVSS6.6AI score0.00186EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.5 views

PT-2025-28232 · Splunk · Splunk Enterprise +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.4.3 Splunk Enterprise versions prior to 9.3.5 Splunk Enterprise versions prior to 9.2.7 Splunk Enterprise versions prior to 9.1.10 Splunk Cloud Platform versions prior to 9.3.2411.104 Splunk Cloud Platfor...

6.5CVSS6.4AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2025/07/04 10:2 a.m.11 views

RHBA-2025:9433 Red Hat Bug Fix Advisory: microcode_ctl bug fix and enhancement update

Bulletin has no description...

5.6CVSS7.7AI score0.00371EPSS
Exploits0References32
Cisco
Cisco
added 2025/07/02 4:0 p.m.7 views

Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

4.8CVSS6.2AI score0.00209EPSS
Exploits0References1
Cisco
Cisco
added 2025/07/02 4:0 p.m.7 views

Cisco Spaces Connector Privilege Escalation Vulnerability

A vulnerability in Cisco Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. This vulnerability is due to insufficient restrictions during the execution of specific CLI commands. An attacker...

6CVSS7.2AI score0.00174EPSS
Exploits0References1
Cisco
Cisco
added 2025/07/02 4:0 p.m.10 views

Cisco Unified Communications Manager Static SSH Credentials Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that...

10CVSS7.5AI score0.01061EPSS
Exploits0References1
OSV
OSV
added 2025/07/02 12:26 a.m.1 views

CGA-H9JP-5C73-PXM8

Bulletin has no description...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/02 12:0 a.m.2 views

Cisco Meraki 14 / 15 / 16 < 16.16 DoS (cisco-sa-snort-dos-9D3hJLuj)

The version of the remote Cisco Meraki device is version 14, 15, or 16 prior to 16.16. It is, therefore, potentially affected by a denial of service vulnerability as referenced in the cisco-sa-snort-dos-9D3hJLuj advisory: - A vulnerability in the Modbus preprocessor of the Snort detection engine...

7.5CVSS6.2AI score0.01386EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/02 12:0 a.m.2 views

Cisco Meraki 16.2 < 16.16.6 / 17.x < 17.10.1 DoS (cisco-sa-meraki-mx-vpn-dos-vnESbgBf)

The version of the remote Cisco Meraki device is 16.2 prior to 16.16.6 or 17.x prior to 17.10.1. It is, therefore, potentially affected by a denial of service vulnerability as referenced in the cisco-sa-meraki-mx-vpn-dos-vnESbgBf advisory: - A vulnerability in the Cisco AnyConnect VPN server of...

8.6CVSS7.8AI score0.00992EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.7 views

PT-2025-27837

Name of the Vulnerable Software and Affected Versions DjVuLibre versions prior to 3.5.29 djvulibre versions prior to 3.5.28-2.1deb12u1 mingw-djvulibre version 3.5.29 djview versions prior to 3.5.28-2ubuntu0.25.04.1 djview3 versions prior to 3.5.28-2ubuntu0.25.04.1 djvulibre-bin versions prior to...

8.4CVSS8.1AI score0.00869EPSS
Exploits1References67
OSV
OSV
added 2025/06/28 3:19 p.m.0 views

CGA-848V-PJMJ-C36P

Bulletin has no description...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/28 12:0 a.m.8 views

PT-2025-27281 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.2.0 through 12.2.4 Fix Pack 5 IBM Cognos Analytics versions 12.0.0 through 12.0.4 Description: This issue allows authenticated users to embed arbitrary JavaScript code in the Web UI, potentially leading to...

6.4CVSS6.2AI score0.00167EPSS
Exploits0References8
NCSC
NCSC
added 2025/06/26 12:32 p.m.5 views

Vulnerability fixed in IBM WebSphere Application Server

IBM has fixed a vulnerability in IBM WebSphere Application Server Versions 8.5 and 9.0. The vulnerability is in the processing of specially crafted serialized objects. This problem can be exploited by attackers to execute arbitrary code on the server. IBM has released updates to fix the...

9.8CVSS7.7AI score0.08023EPSS
Exploits0References3
OSV
OSV
added 2025/06/25 6:15 p.m.2 views

CVE-2025-5832

Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this...

6.8CVSS6.2AI score0.00222EPSS
Exploits0References1
Cisco
Cisco
added 2025/06/25 4:0 p.m.17 views

Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an unauthenticated, remote attacker to issue commands on the underlying operating system as the root user. For more information about these vulnerabilities, see the Details...

10CVSS6.7AI score0.96732EPSS
Exploits12References1
Cisco
Cisco
added 2025/06/25 4:0 p.m.9 views

Cisco Identity Services Engine Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...

6.4CVSS7.2AI score0.00277EPSS
Exploits0References1
OSV
OSV
added 2025/06/24 4:26 p.m.0 views

CGA-75RH-2Q2Q-WM52

Bulletin has no description...

7.2AI score
Exploits0
Rows per page
Query Builder