Lucene search
K

5644 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-45135

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Caddy is an extensible server platform that uses TLS by default. From 2.7.0 until 2.11.3, the FastCGI transport's splitPos in...

8.1CVSS6.4AI score0.00399EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Firefox, Thunderbird

An attacker could have placed a datalist element to obscure the address bar. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

4.3CVSS5.6AI score0.00647EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in GIMP

GIMP ICO File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a...

8.8CVSS7.8AI score0.10561EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.26 views

Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability (CVE-2016-8610)

Question Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability CVE-2016-8610 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"Al...

7.5CVSS6.8AI score0.39657EPSS
Exploits1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/18 8:58 a.m.6 views

CVE-2026-50643

8cc is vulnerable to an Out‑of‑Bounds Read due to improper handling of line directives and GNU linemarkers. The compiler accepts attacker-controlled filename and line number metadata and later uses it without validation when accessing source line arrays. By supplying invalid or oversized line...

5.1CVSS5.3AI score0.00138EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/15 7:54 a.m.7 views

mysql: JSON unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: JSON. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/06/14 4:49 p.m.180 views

Exploit for CVE-2026-42945

CVE-2026-42945 NGINX Rift RCE PoC with Reverse Shell Remote...

9.2CVSS6.9AI score0.61469EPSS
Exploits40
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-45490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Note that Nessus relies on the presence of the packag...

7.8CVSS5.4AI score0.00384EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.8 views

CVE-2026-47946

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS0.00283EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.33 views

CVE-2026-48576 Secure Boot Security Feature Bypass Vulnerability

...

7.9CVSS0.01028EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/09 2:14 p.m.55 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.72253EPSS
Exploits31
Cvelist
Cvelist
added 2026/06/09 3:50 a.m.35 views

CVE-2026-41841 Spring Framework Information Disclosure via Static Resource Cache in Spring MVC and WebFlux

Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...

5.9CVSS0.00313EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 1:51 p.m.5 views

CLEANSTART-2026-JV06428 Security fixes for CVE-2025-15558, CVE-2025-61729, CVE-2026-23831, CVE-2026-23991, CVE-2026-23992, CVE-2026-24051, CVE-2026-24137, CVE-2026-25679, CVE-2026-26958, CVE-2026-27142, CVE-2026-33186, CVE-2026-33211, ghsa-273p-m2cw-6833, ghsa-4c4x-jm2x-pf9j, ghsa-4qg8-fj49-pxjh, ghsa-846p-jg2w-w324, ghsa-f83f-xpx7-ffpw, ghsa-fcv2-xgw5-pqxf, ghsa-fphv-w9fq-2525, ghsa-jqc5-w2xx-5vq4, ghsa-mqqf-5wvp-8fh8 applied in versions: 0.43.0-r0, 0.43.0-r1, 0.43.0-r2, 0.43.0-r3, 0.43.0-r4

Multiple security vulnerabilities affect the tkn-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.6CVSS6.7AI score0.01557EPSS
Exploits3References34
OSV
OSV
added 2026/06/08 12:39 p.m.2 views

CLEANSTART-2026-MX76059 Security fixes for CVE-2026-33870, CVE-2026-33871, CVE-2026-41417, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42586, CVE-2026-42587, CVE-2026-44248, ghsa-25qh-j22f-pwp8, ghsa-389x-839f-4rhx, ghsa-38f8-5428-x5cv, ghsa-3p8m-j85q-pgmj, ghsa-45q3-82m4-75jr, ghsa-4g8c-wm8x-jfhw, ghsa-57rv-r2g8-2cj3, ghsa-5jpm-x58v-624v, ghsa-84h7-rjj3-6jx4, ghsa-cm33-6792-r9fm, ghsa-f6hv-jmp6-3vwv, ghsa-fghv-69vj-qj49, ghsa-jfg9-48mv-9qgx, ghsa-jq43-27x9-3v86, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-pwqr-wmgm-9rr8, ghsa-qqpg-mvqg-649v, ghsa-rgrr-p7gp-5xj7, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-xq3w-v528-46rv, ghsa-xxqh-mfjm-7mv9 applied in versions: 0.1.109-r0, 0.1.113-r1, 0.1.118-r2

Multiple security vulnerabilities affect the management-api-for-apache-cassandra-5.0 package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS5.8AI score0.01125EPSS
Exploits11References50
Chainguard
Chainguard
added 2026/06/05 7:17 p.m.8 views

CVE-2026-9881 vulnerabilities

Vulnerabilities for packages: chromium...

9CVSS5.4AI score0.00203EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 3:15 p.m.19 views

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because Anthropic's own action repo used the same workflow, a working attack could have pushed...

6AI score
Exploits0
Chainguard
Chainguard
added 2026/06/04 1:20 p.m.11 views

CVE-2026-39821 vulnerabilities

Vulnerabilities for packages: nifikop-fips, terragrunt, wolfictl, postgres-operator-fips, helm-fips, portieris-fips, kwok, aws-otel-collector-fips, kubernetes-dashboard-api-fips, authentik-fips, knative-kafka-broker, stern, gitaly, kubernetes-fips, cilium-envoy-fips, kuberay-apiserver,...

9.6CVSS6.7AI score0.00478EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/06/04 12:4 p.m.9 views

cockpit security update

An update is available for cockpit. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. I...

8CVSS7.2AI score0.01016EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/04 11:14 a.m.35 views

CVE-2026-4104 SQLi in Akmer Informatics' TeknoPass

Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass allows SQL Injection. This issue affects TeknoPass: from 20210501 through 20260429...

9.8CVSS0.00302EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:0 a.m.15 views

CVE-2026-36175

Technical details enabling exploitation are not publicly available in the provided documents. The GNCC GP5 U-Boot vulnerability description is repeated across sources; monitor for updated advisories or technical specifics.

6.8CVSS5.8AI score0.00225EPSS
Exploits0References3
Rows per page
Query Builder