Lucene search
K

15 matches found

CVE
CVE
added 2026/06/05 5:53 p.m.44 views

CVE-2026-45745

Termix Desktop (Electron) versions starting with 1.7.0 have disabled TLS certificate validation, enabling network-level MITM to intercept/modify HTTPS traffic to the Termix server and potentially steal credentials and JWT/session data during login and normal use. No patched versions are publicly ...

8CVSS5.5AI score0.00168EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/27 8:55 p.m.2 views

CVE-2026-33904

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.11 views

PT-2026-28563

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.7.0 Description A deadlock in the AMF's SCTP notification handler can cause the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to...

7.5CVSS5.9AI score0.60368EPSS
Exploits18References46
OSV
OSV
added 2026/03/20 4:8 a.m.5 views

CVE-2026-32949 SQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQL

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery SSRF vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the...

8.7CVSS6AI score0.00427EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/03/06 7:54 a.m.9 views

CVE-2026-28128

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
OSV
OSV
added 2026/02/27 8:51 a.m.3 views

OPENSUSE-SU-2026:20281-1 Security update for kubevirt

This update for kubevirt fixes the following issues: Update to version 1.7.0 bsc1257128. Security issues fixed: - CVE-2025-64435: logic flaw in the virt-controller can lead to incorrect status updates and potentially causing a DoS bsc1253189. - CVE-2024-45310: kubevirt vendored...

8.5CVSS6AI score0.0045EPSS
Exploits6References17
OSV
OSV
added 2026/02/27 8:49 a.m.4 views

SUSE-SU-2026:20610-1 Security update for kubevirt

This update for kubevirt fixes the following issues: Update to version 1.7.0 bsc1257128. Security issues fixed: - CVE-2025-64435: logic flaw in the virt-controller can lead to incorrect status updates and potentially causing a DoS bsc1253189. - CVE-2024-45310: kubevirt vendored...

8.5CVSS7AI score0.0045EPSS
Exploits6References18
OSV
OSV
added 2026/02/09 8:34 p.m.6 views

CVE-2026-25791 Sliver has a DNS C2 OTP Bypass Allows Unauthenticated Session Flooding and Denial of Service

Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticated TOTP bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when EnforceOTP is enabled. Because sessions are stored...

7.5CVSS5.7AI score0.00407EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.4 views

SUSE CVE-2021-35940

An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...

7.1CVSS7.3AI score0.01185EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2018/03/13 12:0 a.m.20 views

Servicing stack update for Windows 10 Version 1709: March 5, 2018

Servicing stack update for Windows 10 Version 1709: March 5, 2018 Summary This update makes stability improvements for the Windows 10 Version 1709 servicing stack. How to get this update Method 1: Windows Update This update will be downloaded and installed automatically. Important When installing...

6.8AI score
Exploits0
CNVD
CNVD
added 2017/11/16 12:0 a.m.3 views

Apache CouchDB Elevation of Privilege Vulnerability

Apache CouchDB is the United States Apache Apache Software Foundation , a free , open source , document-oriented database , is a use of JSON as a storage format , JavaScript as a query language , MapReduce and HTTP as the API of the NoSQL database . An elevation of privilege vulnerability exists ...

10CVSS7.7AI score0.99838EPSS
Exploits21References1
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.4 views

2019-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4507465)

2019-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems KB4507465...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.2 views

2018-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4338817)

2018-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems KB4338817...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.4 views

2018-07 Update for Windows 10 Version 1709 for x64-based Systems (KB4339420)

2018-07 Update for Windows 10 Version 1709 for x64-based Systems KB4339420...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.6 views

2018-05 Update for Windows 10 Version 1709 for ARM64-based Systems (KB4131372)

2018-05 Update for Windows 10 Version 1709 for ARM64-based Systems KB4131372...

7AI score
Exploits0
Rows per page
Query Builder