Lucene search
+L

2068 matches found

cnnvd
cnnvd
added 2026/03/13 12:0 a.m.8 views

IBM Sterling B2B Integrator和IBM Sterling File Gateway 跨站脚本漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM. IBM Sterling B2B Integrator is a software suite that integrates critical B2B processes, transactions, and relationships. This software supports secure integration of complex B2B...

5.4CVSS5.8AI score0.0021EPSS
Exploits0References1
euvd
euvd
added 2026/03/10 9:32 p.m.3 views

EUVD-2026-10755

PX4 Autopilot versions 1.12.x through 1.15.x contain a protection mechanism failure in the "Re-arm Grace Period" logic. The system incorrectly applies the in-air emergency re-arm logic to ground scenarios. If a pilot switches to Manual mode and re-arms within 5 seconds default configuration of an...

5.8AI score0.00265EPSS
Exploits1References2
cnnvd
cnnvd
added 2026/03/10 12:0 a.m.7 views

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-16 and 6.9.13-41 contained a buffer error vulnerability. This vulnerability stemmed from integer...

8.1CVSS7.4AI score0.00334EPSS
Exploits0References1
osv
osv
added 2026/03/09 9:40 p.m.4 views

CVE-2026-28691 ImageMagick has an uninitialized pointer dereference in JBIG decoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References7
debiancve
debiancve
added 2026/02/25 8:4 p.m.7 views

CVE-2026-1747

Removed by vendor...

4.3CVSS5.8AI score0.00229EPSS
Exploits0
cvelist
cvelist
added 2026/02/25 7:33 p.m.29 views

CVE-2025-14103 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

4.3CVSS0.0019EPSS
Exploits0References3
osv
osv
added 2026/02/11 11:16 p.m.4 views

CVE-2026-20678

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to access sensitive user data...

5.5CVSS5.7AI score0.00124EPSS
Exploits0References2
osv
osv
added 2026/02/09 4:15 a.m.5 views

CVE-2025-66603

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts the OPTIONS method. An attacker could potentially use this information to carry out other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...

9.8CVSS5.7AI score0.0026EPSS
Exploits0References1
osv
osv
added 2026/01/28 12:15 p.m.8 views

CVE-2025-59898

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS5.8AI score
Exploits0References1
osv
osv
added 2026/01/20 3:16 p.m.6 views

CVE-2025-1722

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...

7.5CVSS5.9AI score
Exploits0References1
attackerkb
attackerkb
added 2026/01/20 3:12 p.m.4 views

CVE-2025-36065

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...

6.5CVSS5.3AI score0.00158EPSS
Exploits0References2Affected Software1
redhatcve
redhatcve
added 2026/01/16 2:23 p.m.15 views

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References1
osv
osv
added 2026/01/15 2:16 p.m.3 views

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References6
nvd
nvd
added 2026/01/15 2:16 p.m.5 views

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

7.5CVSS0.00371EPSS
Exploits0References6
cvelist
cvelist
added 2026/01/15 1:15 p.m.25 views

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

4.3CVSS0.00371EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/01/15 1:15 p.m.5 views

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

4.3CVSS6.5AI score0.00371EPSS
Exploits0References6
cve
cve
added 2026/01/15 1:15 p.m.16 views

CVE-2026-22646

Technical details about CVE-2026-22646 are not publicly provided in the connected documents. The materials reiterate the exposure of internal system details but do not specify affected products, versions, exploit information, or remediation.

7.5CVSS6.5AI score0.00371EPSS
Exploits0References6Affected Software1
attackerkb
attackerkb
added 2026/01/15 1:15 p.m.6 views

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

7.5CVSS5.6AI score0.00371EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/01/15 12:0 a.m.5 views

PT-2026-3013

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

4.3CVSS6.9AI score0.00371EPSS
Exploits0References7
redhatcve
redhatcve
added 2026/01/13 10:54 p.m.5 views

CVE-2025-3950

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed a user to leak certain information by referencing specially crafted images that bypass asset proxy protection...

3.5CVSS6.6AI score0.00226EPSS
Exploits0References1
Rows per page
Query Builder