Lucene search
K

230 matches found

CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Jupyter Server 安全漏洞

Jupyter Server is an application developed by the Jupyter organization that provides backend services for Jupyter web applications. Version 2.17.0 of Jupyter Server contains a security vulnerability. This vulnerability stems from incorrect root directory boundary checks in the getospath function,...

8.1CVSS5.3AI score0.00437EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/01 10:5 p.m.11 views

CVE-2026-24088 Missing Authentication for Critical Function in Boot

Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...

8.2CVSS5.8AI score0.00071EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 10:5 p.m.33 views

CVE-2026-24088

Technical details are not publicly available in the provided documents for CVE-2026-24088. Monitor for updates.

8.2CVSS5.8AI score0.00071EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45643

Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...

8.2CVSS5.8AI score0.00071EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 8:29 a.m.9 views

CVE-2024-47270

Improper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors...

2.7CVSS5.8AI score0.00249EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.18 views

PT-2026-43414

Name of the Vulnerable Software and Affected Versions epa4all-client versions prior to 1.2.5 Description Any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In misconfigured deployments, such as those...

6.5CVSS5.9AI score0.00162EPSS
Exploits0References5
Rosalinux
Rosalinux
added 2026/05/22 8:59 a.m.19 views

Advisory ROSA-SA-2026-3294

CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of the Linux kernel. A logical error occurs when transitioning a TCP socket to the espintcp mode after writing file data to the receive queue. The kernel processes file...

8.8CVSS6.1AI score0.93235EPSS
Exploits45
Veracode
Veracode
added 2026/05/16 5:4 a.m.7 views

Privilege Escalation

OpenClaw is vulnerable to Privilege Escalation. The vulnerability is due to improper permission enforcement in the gateway plugin HTTP authentication mechanism, where operator.read requests are incorrectly granted operator.write runtime permissions, allowing attackers to perform unauthorized writ...

7.1CVSS5.8AI score0.00239EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.16 views

CVE-2026-34645

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/13 3:29 p.m.6 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the handling of internal service references by the Gateway API provider. An attacker can gain unauthorized dynamic configuration write access by creating or updating an HTTPRoute that targets rest@internal, even...

9.9CVSS5.8AI score0.00468EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.14 views

EUVD-2026-29765

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

4.3CVSS5.8AI score0.00393EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.15 views

EUVD-2026-29780

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing. are affected by an Improper Input...

3.4CVSS5.8AI score0.00373EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.19 views

EUVD-2026-29755

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00411EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.21 views

EUVD-2026-29754

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 9:20 p.m.8 views

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization in the authorization process. An attacker can gain unauthorized write access by bypassing security measures. Remediation Upgrade...

8.7CVSS5.8AI score0.00561EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 9:20 p.m.9 views

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization via the authorization process. An attacker can gain unauthorized write access by bypassing security measures. Remediation Upgrade...

8.7CVSS5.8AI score0.00411EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 8:16 p.m.14 views

CVE-2026-34685

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures...

3.4CVSS0.00373EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 8:16 p.m.7 views

CVE-2026-34646

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS0.00411EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 8:16 p.m.10 views

CVE-2026-34645

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS0.00561EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 7:50 p.m.9 views

CVE-2026-34656 Adobe Commerce | Improper Authorization (CWE-285)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

4.3CVSS5.8AI score0.00393EPSS
Exploits0References1
Rows per page
Query Builder