Lucene search
K

245 matches found

Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-57740 WordPress AcyMailing SMTP Newsletter plugin <= 10.11.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.1...

7.1CVSS0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-57768

Missing Authorization vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.1...

7.1CVSS6.1AI score0.00226EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42721

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters. On MX Series devices with MPC10/11, LC4800/9600, and MX304 with subscribers...

5.3CVSS6AI score0.00238EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.8 views

MiracleLinux 8 : mariadb:10.11 (AXSA:2026-1201:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-1201:01 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: RHEL8tracker Rebase Galera to 26.4.27...

10CVSS6.4AI score0.00998EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/07/06 1:52 p.m.6 views

WordPress AcyMailing SMTP Newsletter plugin <= 10.11.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by kai63001 in WordPress Plugin AcyMailing SMTP Newsletter versions = 10.11.0...

9.3CVSS6AI score0.00291EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/07/06 1:41 p.m.4 views

WordPress AcyMailing SMTP Newsletter plugin <= 10.11.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin AcyMailing SMTP Newsletter versions = 10.11.0...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.9 views

RockyLinux 9 : mariadb:10.11 (RLSA-2026:33482)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33482 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux9tracker Rebase Galera to...

10CVSS6.5AI score0.00998EPSS
Exploits0References15
OSV
OSV
added 2026/07/05 12:3 p.m.4 views

RLSA-2026:33482 Important: mariadb:10.11 security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux9tracker Rebase Galera to 26.4.27 MariaDB:10.11 JIRA:Rocky...

9.9CVSS6.4AI score0.00998EPSS
Exploits0References10
Rockylinux
Rockylinux
added 2026/07/05 12:3 p.m.7 views

mariadb:10.11 security, bug fix, and enhancement update

An update is available for module.galera, module.mariadb, mariadb, galera. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a multi-user, multi-threade...

10CVSS6.5AI score0.00998EPSS
Exploits0
OSV
OSV
added 2026/06/30 12:2 p.m.8 views

RLSA-2026:33464 Important: mariadb:10.11 security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux8tracker Rebase Galera to 26.4.27 MariaDB:10.11 JIRA:Rocky...

9CVSS6.3AI score0.00998EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 11:22 a.m.20 views

Important: Red Hat Security Advisory: mariadb:10.11 security, bug fix, and enhancement update

An update for the mariadb:10.11 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 10:49 a.m.7 views

RHSA-2026:33093 Red Hat Security Advisory: mariadb10.11 security, bug fix, and enhancement update

Bulletin has no description...

9.9CVSS5.7AI score0.00998EPSS
Exploits0References46
OSV
OSV
added 2026/06/30 12:0 a.m.5 views

ALSA-2026:33464 Important: mariadb:10.11 security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: AlmaLinux8tracker Rebase Galera to 26.4.27 MariaDB:10.11...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.9 views

Fedora 43 : mariadb10.11 (2026-efc64a64ec)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-efc64a64ec advisory. MariaDB 10.11.18 Upstream Release notes: https://mariadb.com/docs/release-notes/community-server/10.11/10.11.18 Upstream Changelog:...

10CVSS6AI score0.00998EPSS
Exploits0References9
OSV
OSV
added 2026/06/24 6:23 p.m.3 views

CVE-2026-49220 Jellyfin: Potential XSS in user management

Jellyfin is an open source self hosted media server. Prior to 10.11.9, a potential XSS attack exists in Jellyfin which can allow a non-privileged user to execute arbitrary Javascript in the context of a logged-in Administrative user, resulting in numerous potential issues. The Client header durin...

5.7CVSS6.2AI score0.00194EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 6:22 p.m.42 views

CVE-2026-48793 Jellyfin: Potential FFmpeg argument injection via unescaped subtitle file path

Jellyfin is an open source self hosted media server. Prior to 10.11.10, a potential FFmpeg argument injection vulnerability exists in the subtitle conversion code path. SubtitleEncoder.ConvertTextSubtitleToSrtInternal SubtitleEncoder.cs, line 382 interpolates the subtitle file path into FFmpeg...

8.8CVSS0.00357EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 1:41 p.m.8 views

EUVD-2026-38276

Mattermost versions 11.7.x = 11.7.0, 10.11.x = 10.11.17 fail to validate bot targets when demoting users to guests which allows a lower-privileged administrator to degrade arbitrary bot accounts via the standard demote-user API.. Mattermost Advisory ID: MMSA-2026-00669...

3.8CVSS6AI score0.00231EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 1:41 p.m.3 views

CVE-2026-8823 User Manager can demote bot accounts to guest without bot-management permission

Mattermost versions 11.7.x = 11.7.0, 10.11.x = 10.11.17 fail to validate bot targets when demoting users to guests which allows a lower-privileged administrator to degrade arbitrary bot accounts via the standard demote-user API.. Mattermost Advisory ID: MMSA-2026-00669...

3.8CVSS6.1AI score0.00231EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/10 11:13 p.m.4 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: mariadb10.11: mariadb10.11-10.11.18-1.hum1 aarch64, x8664 mariadb10.11-backup-10.11.18-1.hum1 aarch64, x8664 mariadb10.11-client-utils-10.11.18-1.hum1 noarch mariadb10.11-common-10.11.18-1.hum1...

10CVSS5.8AI score0.00998EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2026/06/10 5:22 a.m.119 views

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

The anonymous security researcher going by the name Chaotic Eclipse aka Nightmare-Eclipse has released a proof-of-concept PoC exploit for yet another Microsoft Defender zero-day named RoguePlanet. "The exploit is a race condition, so it's a hit or miss," the researcher, who published the exploit...

7.8CVSS6.4AI score0.08371EPSS
Exploits2
Rows per page
Query Builder