Lucene search
K

25 matches found

CVE
CVE
added 2026/06/30 8:50 p.m.16 views

CVE-2026-11594

CVE-2026-11594 affects IBM WebSphere Application Server components (8.5 and 9.0; with related advisories also mentioning 9.1) where the administrative console is vulnerable to cross-site scripting. The core issue is XSS in the administrative console login/page rendering. Public bulletins from IBM...

8.5CVSS5.6AI score0.00337EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 6:55 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses dompurify-3.2.7.tgz, dompurify-3.3.0.tgz, dompurify-3.3.1.tgz which is vulnerable to CVE-2026-0540.

Summary IBM Maximo Application Suite - Monitor Component uses dompurify-3.2.7.tgz, dompurify-3.3.0.tgz, dompurify-3.3.1.tgz which is vulnerable to CVE-2026-0540. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-0540 DESCRIPTION: DOMPurify 3.1.3...

6.1CVSS7.2AI score0.0034EPSS
Exploits0Affected Software1
Debian CVE
Debian CVE
added 2026/04/21 8:35 p.m.6 views

CVE-2026-35236

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS7AI score0.00242EPSS
Exploits0
OSV
OSV
added 2026/02/09 5:16 a.m.2 views

CVE-2025-66595

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cross-Site Request Forgery CSRF. When a user accesses a link crafted by an attacker, the user’s account could be compromised. The affected products and versions are as follows:...

5.4CVSS5.7AI score0.00095EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/09 3:37 a.m.5 views

CVE-2025-66594

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed on the error page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...

6.9CVSS5.3AI score0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.8 views

PT-2026-7051

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts the OPTIONS method. An attacker could potentially use this information to carry out other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...

2.1CVSS5.3AI score0.0026EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/21 10:24 p.m.8 views

CVE-2026-21949

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

6.5CVSS4.9AI score0.00317EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/20 10:15 p.m.5 views

CVE-2026-21952

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...

4.9CVSS7AI score0.00337EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/19 4:16 a.m.3 views

CVE-2025-52457

Observable Timing Discrepancy CWE-208 in HBUS devices may allow an attacker with physical access to the device to extract device-specific keys, potentially compromising further site security. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in 9.30.2881 MR3, 9.2...

5.7CVSS6.6AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.6 views

IBM OpenPages 安全漏洞

IBM OpenPages is an AI-driven, highly scalable governance, risk and compliance GRC solution from International Business Machines IBM. A security vulnerability exists in IBM OpenPages versions 9.1 and 9.0 that stems from susceptibility to an HTML injection attack that could lead to malicious code...

5.4CVSS7.4AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 2025/09/16 12:23 p.m.12 views

CVE-2025-55118

CVE-2025-55118 concerns BMC Control-M/Agent. The issue is a memory corruption vulnerability that can be remotely triggered when SSL/TLS is configured, with specific non-default conditions: Control-M/Agent 9.0.20 using non-default SSL/TLS setting use_openssl=n; and 9.0.21/9.0.22 with non-default s...

8.9CVSS6.2AI score0.00343EPSS
Exploits0References2
OSV
OSV
added 2024/06/28 7:15 p.m.4 views

CVE-2024-35116

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: 290335...

7.5CVSS5.8AI score0.00702EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.7 views

PT-2024-23670 · Derbynet · Derbynet

Name of the Vulnerable Software and Affected Versions: DerbyNet versions 9.0 and below Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the "render-document.php" component. This enables the attacker to perform unauthorized actions on the affected...

7.4CVSS7.6AI score0.01027EPSS
Exploits2References7
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.4 views

Gallagher Command Centre Cross-Site Scripting Vulnerability

Gallagher Command Centre is a centralized control tool for Gallagher access control systems from Gallagher New Zealand. A security vulnerability exists in Gallagher Command Centre due to improper neutralization of special elements. The following products and versions are affected: Gallagher Comma...

6.8CVSS6.8AI score0.00304EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/03 12:0 a.m.2 views

FRRouting FRR Security Vulnerabilities

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 9.0.1 and earlier versions. An attacker could exploit this vulnerability to cause a system crash...

7.5CVSS6.6AI score0.00911EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/03 12:0 a.m.4 views

PT-2023-9208 · Unknown +10 · Frrouting Frr +10

Name of the Vulnerable Software and Affected Versions: FRRouting FRR versions through 9.0.1 Description: An issue was discovered in FRRouting where a crash can occur when a malformed BGP UPDATE message with an EOR is processed. This happens because the presence of EOR does not lead to a...

9.8CVSS7.6AI score0.02152EPSS
Exploits10References184
OSV
OSV
added 2023/10/17 10:15 p.m.4 views

CVE-2023-22083

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Web UI. Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

4.3CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2022/06/24 3:0 p.m.4 views

CVE-2022-21829

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...

9.8CVSS7.1AI score0.01681EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/07/27 12:0 a.m.6 views

Dell EMC Isilon OneFS 和 EMC PowerScale 权限许可和访问控制问题漏洞

DELL Dell EMC Isilon OneFS and EMC PowerScale are both a set of horizontally scalable storage systems for unstructured data from Dell USA. A privilege permission and access control issue vulnerability exists in Dell EMC Isilon OneFS and PowerScale OneFS, which stems from Dell EMC Isilon OneFS...

8.8CVSS8AI score0.00593EPSS
Exploits0References2
CNNVD
CNNVD
added 2020/11/20 12:0 a.m.9 views

HCL Technologies Domino 输入验证错误漏洞

HCL Domino is a server for collaborative client-server software platforms. A denial of service vulnerability exists in HCL Domino versions 9.0.1 FP10 IF6, prior to 10.0.1. The vulnerability stems from improper validation of user-supplied input. An attacker could exploit the vulnerability to cause...

7.5CVSS7.2AI score0.01031EPSS
Exploits0References3
Rows per page
Query Builder