Lucene search
K

11672 matches found

Nuclei
Nuclei
added 4 hours ago23 views

Longjing Technology BEMS API 1.21 - Unauthenticated Arbitrary File Download

Longjing Technology BEMS API 1.21 is vulnerable to local file inclusion. Input passed through the fileName parameter through the downloads API endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files...

8.7CVSS7.1AI score0.01461EPSS
Exploits1References5
EUVD
EUVD
added 4 days ago9 views

EUVD-2025-210451

An unauthenticated path traversal vulnerability exists in the web management interface of WTI Wireless Technology, Inc. version 3.5.0.r 2024/05/24 00:00:00. An unauthenticated attacker can craft malicious HTTP requests containing traversal sequences to access files outside of the intended web roo...

7.5CVSS6.1AI score0.00565EPSS
Exploits1References3
EUVD
EUVD
added 5 days ago12 views

EUVD-2026-42586

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in PEAKUP Technology Inc. PassGate allows LDAP Injection. This issue affects PassGate: through 30042026...

8.2CVSS5.9AI score0.00213EPSS
Exploits0References1
CVE
CVE
added 5 days ago14 views

CVE-2026-4256

The CVE-2026-4256 entry concerns an LDAP injection vulnerability in PEAKUP Technology Inc. PassGate. The flaw arises from improper neutralization of special elements used in LDAP queries, allowing LDAP Injection. Affected product: PassGate, affected through version 30042026. CVSS3.1 metrics indic...

8.2CVSS5.9AI score0.00213EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added last week7 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

10CVSS5.8AI score0.01011EPSS
Exploits4References9
NVD
NVD
added 2026/07/06 6:16 p.m.7 views

CVE-2026-41434

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.10.0 and prior to version 4.11.0, an unbounded recursion can crash the PKCS11 TA. Version 4.11.0 contains a patch. ...

3.3CVSS0.00105EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.9 views

Siemens SIMATIC S7 PLC Web Server Improper Neutralization of Input During Web Page Generation (CVE-2026-25787)

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the 'Motion Control Diagnostics' page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

9.3CVSS7.2AI score0.0037EPSS
Exploits0References3
CVE
CVE
added 2026/07/02 11:5 p.m.18 views

CVE-2026-13375

WatchGuard Fireware OS Autotask Technology Integration module is affected by CVE-2026-13375, a Stored XSS vulnerability. Affected versions are Fireware OS 12.4–12.12, 12.5–12.5.18, and 2025.1–2026.2. Attack vector is NETWORK with low attack complexity and high privileges required; user interactio...

4.8CVSS5.7AI score0.00158EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/02 11:5 p.m.14 views

CVE-2026-13373

WatchGuard Fireware OS Tigerpaw Technology Integration module is affected by CVE-2026-13373, exposing a Stored Cross-Site Scripting (XSS) vulnerability. The issue arises from improper neutralization of input during web page generation, enabling stored XSS in affected Fireware versions: 12.4–12.12...

4.8CVSS5.7AI score0.00158EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 11:5 p.m.35 views

CVE-2026-13373 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936. This issue affects Fireware O...

4.8CVSS0.00158EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/23 5:23 p.m.16 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 4:50 p.m.9 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

8.8CVSS5.8AI score0.00237EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 7:31 a.m.11 views

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems and Content Collector for Microsoft SharePoint

Summary IBM SDK, Java Technology Edition Quarterly CPU - Apr 2026 - Includes Oracle April 2026 CPU Critical Patch Update CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268, CVE-2026-22007 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable...

7.5CVSS5.9AI score0.00702EPSS
Exploits0Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter Regarding VMX, there are some balanced returns between the time the guest’s SPECCTRL value is written and the vmenter. Balanced returns matched by a preceding call are usually...

5.5CVSS6.3AI score0.00215EPSS
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2026/06/18 7:36 p.m.15 views

New Forrester Total Economic Impact™ study projects a 124% ROI from unifying with Microsoft Security

Across many industries, organizations are unifying security and putting AI agents to work. Security teams are utilizing agents that reason, decide, and act on their behalf, under their governance. At Microsoft, we see this firsthand—more than 80% of the Fortune 500 are already using AI.1 The...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.10 views

Siemens RUGGEDCOM RST2428P Stack-based Buffer Overflow (CVE-2025-6170)

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...

2.5CVSS6.5AI score0.0019EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/06/15 7:32 p.m.20 views

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview aka Famous Chollima, HexagonalRodent, and Void Dokkaebi. According to a report published by Proofpoint, the threat actor has...

6.9AI score
Exploits0
NVD
NVD
added 2026/06/15 2:16 p.m.16 views

CVE-2026-5230

Improper Access Control, Missing Authorization vulnerability in MIA Technology Inc. Pizzy Library allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250...

7.1CVSS0.00174EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 2:16 p.m.20 views

CVE-2026-5242

Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250...

8.8CVSS0.00304EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 12:23 p.m.10 views

EUVD-2026-36717

Improper Access Control, Missing Authorization vulnerability in MIA Technology Inc. Pizzy Library allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250...

7.1CVSS5.2AI score0.00174EPSS
Exploits0References1
Rows per page
Query Builder