Lucene search
K

26512 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.8 views

TencentOS Server 4: firefox (TSSA-2026:0292)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0292 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS6.1AI score0.04938EPSS
Exploits1References29
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.13 views

PT-2026-41018

Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT DISCOVERABLE=true the default, and the NixOS module default, anyone who can reach /proto can register as a worker without any credentials by sending a fresh, never-registered worker UUID. The resulting session has...

9.4CVSS5.9AI score0.00157EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.12 views

SOGo SQL注入漏洞

SOGo is a very fast and scalable modern collaboration suite open source by Alinto. It offers calendar management, address book management, a fully functional webmail client, as well as features for resource sharing and permission handling. Versions of SOGo prior to 5.12.7 had an SQL injection...

7.1CVSS5.8AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

vCluster Platform 跨站脚本漏洞

vCluster Platform is an open-source virtual cluster manager developed by vCluster. Versions prior to vCluster Platform 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-type cross-site scripting in the name field of the...

9CVSS5.8AI score0.00312EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

Amazon SageMaker Python SDK 安全漏洞

Amazon SageMaker Python SDK is a development toolkit provided by Amazon, Inc., for building, training, and deploying machine learning models. Versions of the Amazon SageMaker Python SDK prior to v2.257.2 and v3.8.0 contained security vulnerabilities. These vulnerabilities stemmed from the...

8.5CVSS6.2AI score0.00439EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.10 views

PT-2026-41117

Name of the Vulnerable Software and Affected Versions Amazon SageMaker Python SDK versions prior to 2.257.2 Amazon SageMaker Python SDK versions prior to 3.8.0 Description The ModelBuilder/Serve component stores sensitive information in cleartext. A remote authenticated actor with permissions to...

8.5CVSS6.2AI score0.00439EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.14 views

RHEL 9 : firefox (RHSA-2026:17687)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:17687 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS6.1AI score0.04938EPSS
Exploits1References52
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.15 views

RHEL 10 : firefox (RHSA-2026:17690)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:17690 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS6.1AI score0.04938EPSS
Exploits1References52
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.12 views

PT-2026-40952

HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...

2.6CVSS5.8AI score0.00115EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.18 views

PT-2026-41118

Name of the Vulnerable Software and Affected Versions Amazon SageMaker Python SDK versions prior to 2.257.2 Amazon SageMaker Python SDK versions prior to 3.8.0 Description Missing integrity verification in the Triton inference handler allows a remote authenticated actor with S3 write access to th...

7.2CVSS6.2AI score0.0039EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.13 views

SiYuan 跨站脚本漏洞

SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan from 2.1.12 to 3.7.0 had a cross-site scripting vulnerability. This vulnerability stemmed from unescaped metadata in the Bazaar marketplace rendering packages, which could lead to storage-based...

8.3CVSS5.9AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

Schneider Electric Ecostruxure Machine Expert HVAC 安全漏洞

Schneider Electric Ecostruxure Machine Expert HVAC is a software platform developed by Schneider Electric, a French company, dedicated to the control and automation of heating, ventilation, and air conditioning equipment. Schneider Electric Ecostruxure Machine Expert HVAC has a security...

7.5CVSS5.8AI score0.00125EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.9 views

Gradient 访问控制错误漏洞

Gradient is a modern Nix continuous integration system developed by Wavelens. Version 1.1.0 of Gradient contains an access control vulnerability caused by unvalidated registration credentials. This vulnerability allows attackers to register as working nodes and access arbitrary storage paths...

9.4CVSS5.9AI score0.00157EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.14 views

Distribution 安全漏洞

Distribution is an open-source toolset developed by Distribution, used for packaging, transporting, storing, and delivering content. Versions of Distribution prior to 3.1.1 contained security vulnerabilities. These vulnerabilities stemmed from bypassing the storage.delete.enabled: false...

6.5CVSS5.8AI score0.00294EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

Amazon SageMaker Python SDK 安全漏洞

Amazon SageMaker Python SDK is a development toolkit provided by Amazon, Inc., for building, training, and deploying machine learning models. Versions of the Amazon SageMaker Python SDK prior to v2.257.2 and v3.8.0 contained security vulnerabilities. These vulnerabilities stemmed from a lack of...

7.2CVSS6AI score0.0039EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.14 views

HCL AION 安全漏洞

HCL AION is an AI lifecycle management platform developed by the Indian company HCL. HCL AION has a security vulnerability, which stems from the use of autocompletion features for certain input fields. This may lead to sensitive information being stored in the browser, potentially causing...

2.6CVSS5.8AI score0.00115EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

OpenBao 安全漏洞

OpenBao is an open-source sensitive data management software developed by OpenBao. Versions of OpenBao prior to 2.5.3 contained security vulnerabilities. These vulnerabilities arose from failures in deleting the initial namespace; subsequent retries failed to properly delete all data, potentially...

7.5CVSS5.8AI score0.00248EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.12 views

RHEL 8 : firefox (RHSA-2026:17477)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:17477 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS6.1AI score0.04938EPSS
Exploits1References52
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.10 views

CVE-2026-43939

YetAnotherForum.NET YAF.NET is a C ASP.NET forum. Prior to 4.0.5 and 3.2.12, the thread posting and reply feature accepts user-supplied content via a a post or reply that is stored server-side and later rendered back into the thread page without adequate HTML sanitization or contextual output...

7.3CVSS5.8AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.8 views

CVE-2026-35415

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.00332EPSS
Exploits0References1
Rows per page
Query Builder