Lucene search
K

1118 matches found

OSV
OSV
added 2 days ago8 views

ROOT-OS-DEBIAN-11-CVE-2024-26585 CVE-2024-26585 in rootio-linux - Patched by Root

Root has patched CVE-2024-26585 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

4.7CVSS6.7AI score0.0019EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability (CVE-2026-11546)

Summary IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled. Vulnerability Details CVEID:CVE-2026-11546 DESCRIPTION: IBM WebSphere Application Server Liberty is affected by a server-side request forgery...

9.8CVSS5.7AI score0.00212EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added last week4 views

Security Bulletin: Vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2026-11541, CVE-2026-11536, CVE-2026-11594, CVE-2026-11707 and CVE-2026-11383)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about multiple vulnerabilities affecting WebSphere Application Server have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in...

9.8CVSS6.3AI score0.00342EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/25 4:34 a.m.27 views

CVE-2026-8330 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint...

4.4CVSS0.0013EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52201

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 14.8 through 18.11.5 GitLab CE/EE versions 19.0 through 19.0.2 GitLab CE/EE versions 19.1 through 19.1.0 Description An issue exists where improper input validation could allow an authenticated user to conceal content...

4.3CVSS5.8AI score0.00223EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.5 views

CVE-2026-52941

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid NULL deref of conn-lnk in smcmsgevent tracepoint The smcmsgevent tracepoint class, shared by smctxsendmsg and smcrxrecvmsg, unconditionally dereferences smc-conn.lnk: stringname, smc-conn.lnk-ibname conn-lnk is onl...

5.7AI score0.00164EPSS
Exploits0References7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 5:29 p.m.4 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in IBM Semeru Runtime

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in IBM Semeru Runtime. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

7.5CVSS7.1AI score0.00702EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 7:42 a.m.15 views

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities in Eclipse Paho Java client library

Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Engineering Workflow Management . Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting...

7.5CVSS5.4AI score0.00827EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2026/06/10 11:12 p.m.5 views

Use After Free

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.2CVSS5.3AI score0.00227EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 10:15 p.m.7 views

Memory Allocation with Excessive Size Value

Overview kafka-python is a Pure Python client for Apache Kafka Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the receivebytes function in the protocol parser. An attacker can exhaust system memory or cause connections to hang by sending a...

8.7CVSS5.5AI score0.00348EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 1:13 a.m.5 views

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' via parameter binding when a repository query method is annotated with @Query and uses a capture-all placeholder. An...

9.2CVSS5.8AI score0.00328EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 5:16 p.m.6 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via host resolution in the CLI authentication layer. An attacker can obtain authentication tokens intended for GitHub or GitHub Enterprise by causing authenticated requests to be sent to external hosts, as the ho...

9.1CVSS5.4AI score0.00289EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/27 5:36 p.m.10 views

Missing Authorization

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Missing Authorization via the migrate endpoint /actions/app/migrate. An attacker can perform unauthorized migration operations by sending crafted requests to this endpoint. Remediation There ...

7.3CVSS5.8AI score0.00283EPSS
Exploits3References2
Qualys Blog
Qualys Blog
added 2026/05/19 4:27 p.m.14 views

Inside the 2026 Verizon DBIR: What One Billion Records Revealed About Vulnerability Remediation

The Verizon 2026 Data Breach Investigations Report has been published. Qualys is proud to have served as a research partner and contributor, contributing analysis of more than one billion anonymized vulnerability remediation records across four consecutive DBIR reporting cycles of CISA Known...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/05/18 11:47 a.m.10 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Host header when constructing response URLs for custom slash commands. An attacker can redirect responses to a server under their control by sending a specially crafted request with a spoofed Hos...

5CVSS5.8AI score0.00137EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/14 5:33 a.m.6 views

CVE-2026-6335

Removed by vendor...

5.4CVSS5.8AI score0.00192EPSS
Exploits0
EUVD
EUVD
added 2026/05/14 5:33 a.m.10 views

EUVD-2026-30240

GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to execute arbitrary JavaScript in other users' browsers due to improper input...

8.7CVSS6.1AI score0.00256EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/14 2:16 a.m.78 views

Windows-pentest-lab

Windows-pentest-lab Penetration testing and vulnerability asse...

10CVSS7.1AI score0.99999EPSS
Exploits123
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.12 views

PT-2026-40879

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 15.1 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an authenticated user with project membership can enumerate private group...

4.3CVSS5.8AI score0.00172EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.11 views

PT-2026-40853

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 15.1 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an authenticated user with Guest permissions can view issues in projects they a...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References7
Rows per page
Query Builder