Lucene search
K

1894 matches found

IBM AIX
IBM AIX
added 2026/02/18 8:44 a.m.7 views

Vulnerability in libxml2 (CVE-2025-8732) affects AIX

IBM SECURITY ADVISORY First Issued: Wed Feb 18 08:44:14 CST 2026 |Updated: Fri Mar 13 13:55:04 CDT 2026 |Update: Added iFix information for VIOS 3.1. The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/libxml2advisory10.asc Security Bulleti...

4.8CVSS5AI score0.00202EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.13 views

PT-2026-20494

Name of the Vulnerable Software and Affected Versions mingSoft MCMS version 6.1.1 Description A flaw exists in mingSoft MCMS 6.1.1 related to unrestricted file upload. The issue is located within the Template Archive Handler component, specifically in a function associated with the...

7.2CVSS4.9AI score0.00362EPSS
Exploits1References8
NVD
NVD
added 2026/02/17 10:18 p.m.8 views

CVE-2023-38005

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

4.3CVSS0.00207EPSS
Exploits0References1
CNVD
CNVD
added 2026/02/11 12:0 a.m.6 views

Huawei EMUI and Huawei HarmonyOS file system module out-of-bounds write vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei EMUI and Huawei HarmonyOS file system module, which can...

5.8CVSS5.9AI score0.00094EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 3:0 a.m.32 views

CVE-2026-0484 Missing Authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA

Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the...

6.5CVSS0.0027EPSS
Exploits0References2
OSV
OSV
added 2026/02/09 8:16 a.m.5 views

CVE-2026-2222

A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...

4.8CVSS4AI score0.00205EPSS
Exploits2References5
CNNVD
CNNVD
added 2026/02/07 12:0 a.m.8 views

warehouse 访问控制错误漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu, based on Spring Boot. There is an access control vulnerability in Warehouse, which stems from improper access control in the role permission binding processing program...

8.8CVSS6.6AI score0.00309EPSS
Exploits1References7
OSV
OSV
added 2026/02/04 9:15 p.m.4 views

CVE-2023-38281

IBM Cloud Pak System does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker...

5.3CVSS5.6AI score0.00285EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/02/04 7:35 p.m.7 views

@n8n/chat (>=1.0.0 <=1.19.0) potentially affected by CVE-2026-25054 via @n8n/design-system (>=2.0.0 <=2.1.0)

@n8n/design-system NPM version =2.0.0, =1.0.0, =1.19.0 Source cves: CVE-2026-25054 Source advisory: SNYK:JS-N8NDESIGNSYSTEM-15225250...

8.5CVSS5.8AI score0.00187EPSS
Exploits0
Debian
Debian
added 2026/01/31 10:41 p.m.10 views

[SECURITY] [DLA 4460-1] ceph security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4460-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 01, 2026 https://wiki.debian.org/LTS -...

9.1CVSS7.1AI score0.00935EPSS
Exploits1
ICS
ICS
added 2026/01/27 7:0 a.m.7 views

iba Systems ibaPDA

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthorized actions on the file system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

10CVSS5.8AI score0.00409EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2026/01/22 12:32 a.m.5 views

CVE-2026-23952

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL Magick Scripting Language parser when processing tags before images are loaded. This can lead to DoS attack due to...

7.5CVSS5.4AI score0.0043EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-40951)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40951 advisory. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in...

5.5CVSS6.9AI score0.00239EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : cups-1.6.3-52.0.1.el7.AXS7 (AXSA:2024-8620:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8620:07 advisory. CVE-2023-4504: scanps: check for null terminator after backslash character CVEs: CVE-2023-4504 Due to failure in validating the length provided by an...

7CVSS6.2AI score0.00663EPSS
Exploits2References2
NVD
NVD
added 2026/01/17 3:16 a.m.18 views

CVE-2025-14450

The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'changewalletfundrequeststatuscallback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with...

6.5CVSS0.00214EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/17 2:22 a.m.6 views

EUVD-2026-3163

The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'changewalletfundrequeststatuscallback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with...

6.5CVSS4.7AI score0.00214EPSS
Exploits0References5
OSV
OSV
added 2026/01/16 3:16 a.m.4 views

CVE-2026-1018

Police Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing Unauthenticated remote attacker to exploit Absolute Path Traversal to download arbitrary system files...

7.5CVSS5.9AI score0.00589EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001569)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001569 advisory. A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udffilewriteiter function for the malicious UDF...

5.5CVSS6.5AI score0.00497EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 9 : cups-2.3.3op2-34.el9_7.2 (AXSA:2026-027:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-027:01 advisory. CUPS: Local denial-of-service via cupsd.conf update and related issues CVE-2025-61915 cups: Slow client communication leads to a possible DoS attack...

6.7CVSS5.5AI score0.00409EPSS
Exploits2References3
Redos
Redos
added 2026/01/13 12:0 a.m.7 views

ROS-20260113-7345

A vulnerability in the ext4fillsuper function in the fs/ext4/super.c module of the ext4 file system of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...

7.8CVSS6.6AI score0.00277EPSS
Exploits0
Rows per page
Query Builder