Lucene search
+L

1923 matches found

OSV
OSV
added 2026/07/10 8:17 a.m.3 views

MINI-Q2G4-25MP-F2X3

Bulletin has no description...

7.8CVSS6.1AI score0.00183EPSS
Exploits0
Circl
Circl
added 2026/07/07 9:16 a.m.8 views

CVE-2025-68075

creationtimestamp| type| source ---|---|--- 2026-07-07 09:16:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mq2bfo4jtg2n...

6.5CVSS5.9AI score0.00161EPSS
Exploits0References1
Circl
Circl
added 2026/07/06 11:10 a.m.9 views

CVE-2025-69752

creationtimestamp| type| source ---|---|--- 2026-07-06 11:10:32+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpxxde63zc23...

4.3CVSS5.9AI score0.00162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.5 views

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-8501-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8501-1 advisory. It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is know...

9.8CVSS6.8AI score0.00591EPSS
Exploits11References15
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:7 p.m.11 views

CVE-2026-13054

A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025.1...

8.6CVSS5.9AI score0.00459EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:5 p.m.12 views

CVE-2026-13383

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS ikestubd process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fireware OS 12.1 up to and including 12.12 and 2025.1 up to a...

8.6CVSS6.1AI score0.00546EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.13 views

PT-2026-55323

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.0 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.12 WatchGuard Fireware OS versions 2025.1 through 2026.2 Description An Out-of-bounds Write issue exists in the CLI, where an...

8.6CVSS6.3AI score0.00468EPSS
Exploits0References12
OSV
OSV
added 2026/07/02 12:0 a.m.5 views

MAL-2026-6774 Malicious code in @marketfront/devtoolsloader (npm)

The @marketfront/devtoolsloader package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References2
Wolfi
Wolfi
added 2026/07/01 2:16 p.m.10 views

CVE-2025-11712 vulnerabilities

Vulnerabilities for packages: firefox...

6.1CVSS6.4AI score0.00256EPSS
Exploits0
CVE
CVE
added 2026/07/01 11:59 a.m.26 views

CVE-2026-53908

CVE-2026-53908 affects MCO. The vulnerability enables user enumeration via authentication-related functions: username reminder and password reset responses differ for valid vs invalid users, allowing an attacker to discover valid usernames and email addresses. Vulnerable context: confirmed in ver...

6.9CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/29 10:53 p.m.3 views

Improper Neutralization of Special Elements in Data Query Logic

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the checkUserPassword process. An attacker can execute arbitrary queries on the backend database by injecting specially crafted input into the password field of a Graph...

8.7CVSS6.2AI score0.00484EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-427 Modular Max Serve has Unsafe Deserialization vulnerability

Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code...

9.3CVSS6.3AI score0.00301EPSS
Exploits1References10
OSV
OSV
added 2026/06/26 12:0 a.m.3 views

CVE-2026-50765

A stored cross-site scripting XSS vulnerability in the patron restriction type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label...

6.1CVSS5.9AI score0.0022EPSS
Exploits1References3
OSV
OSV
added 2026/06/23 11:17 p.m.3 views

MINI-5R94-R25V-WQH2

Bulletin has no description...

6.5CVSS5.7AI score0.00196EPSS
Exploits0
OSV
OSV
added 2026/06/23 11:17 p.m.3 views

MINI-QM43-25VP-85MC

Bulletin has no description...

6.1CVSS5.7AI score0.00188EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/23 2:48 p.m.38 views

CVE-2025-62180 Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs...

7.1CVSS0.00215EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:18 p.m.4 views

CVE-2026-54288

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, the Body Limit Middleware trusts the request's Content-Length header to decide whether a body is within the limit. On AWS Lambda API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge the body is...

6.5CVSS5.8AI score0.00103EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/17 4:23 p.m.7 views

MINI-6MGR-V25C-G9MM

Bulletin has no description...

5AI score
Exploits0
OSV
OSV
added 2026/06/16 10:26 p.m.7 views

MINI-M852-G67V-25WG

Bulletin has no description...

7.5CVSS5AI score0.00622EPSS
Exploits1
Patchstack
Patchstack
added 2026/06/16 2:9 p.m.6 views

NPM: hono: Path traversal in `serve-static` on Windows via encoded backslash (`%5C`)

NPM: hono: Path traversal in serve-static on Windows via encoded backslash %5C vulnerability discovered by ? in WordPress Npm hono versions 4.12.25...

5.9CVSS5.8AI score0.00292EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder