Lucene search
K

9804 matches found

CVE
CVE
added 2026/06/05 5:49 p.m.16 views

CVE-2025-71318

CVE-2025-71318 concerns NetMan 204, where authentication is not enforced on administrative pages and command endpoints. A remote, unauthenticated attacker can directly access pages (e.g., administration.html, administration-commands.html, configuration.html) to disclose sensitive details such as ...

9.8CVSS5.5AI score0.00533EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 5:49 p.m.8 views

EUVD-2025-210079

NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...

9.8CVSS5.5AI score0.00533EPSS
Exploits0References3
Fedora
Fedora
added 2026/06/05 4:10 a.m.24 views

[SECURITY] Fedora 43 Update: freeipa-4.13.1-7.fc43

IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control, SELinux user roles, services. The solution provides features for further integration with Linux based clients SUDO, automount and integration...

9.8CVSS5.8AI score0.12797EPSS
Exploits7
SUSE CVE
SUSE CVE
added 2026/06/05 3:7 a.m.11 views

SUSE CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

7.5CVSS6AI score0.00405EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.9 views

PT-2026-47014

Name of the Vulnerable Software and Affected Versions NetMan 204 affected versions not specified Description Authentication is not enforced on administrative pages and command endpoints. A remote, unauthenticated attacker can directly request pages such as 'administration.html',...

9.8CVSS5.4AI score0.00533EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/04 6:17 a.m.13 views

EUVD-2026-34212

Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet...

8.7CVSS5.8AI score0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 12:30 a.m.14 views

EUVD-2026-34183

Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

5.3CVSS5.8AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 12:30 a.m.14 views

EUVD-2026-34184

Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

5.3CVSS5.8AI score0.00226EPSS
Exploits0References2
NVD
NVD
added 2026/06/03 10:16 p.m.12 views

CVE-2026-22055

Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

8.8CVSS0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 9:55 p.m.33 views

CVE-2026-22055

Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

5.3CVSS0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 9:55 p.m.28 views

CVE-2026-22055

Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

8.8CVSS5.8AI score0.00226EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/03 9:53 p.m.8 views

CVE-2026-22054

Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

5.3CVSS5.8AI score0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 9:53 p.m.31 views

CVE-2026-22054

Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

5.3CVSS0.00226EPSS
Exploits0References1
Wordfence Blog
Wordfence Blog
added 2026/06/03 4:59 p.m.11 views

Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin

On March 30th, 2026, we publicly disclosed a critical Remote Code Execution vulnerability in Everest Forms Pro, a WordPress plugin with an estimated 4,000 active installations. This vulnerability can be leveraged by unauthenticated attackers to execute arbitrary PHP code on the server, leading to...

9.8CVSS6.7AI score0.40992EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/03 4:2 p.m.7 views

CVE-2026-7312

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00441EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.12 views

PT-2026-46069

Name of the Vulnerable Software and Affected Versions Active IQ OneCollect version 2.7.3 Description Hard-coded credentials exist within the software, which could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. Recommendations At the moment, the...

5.3CVSS5.8AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.12 views

PT-2026-45902

Name of the Vulnerable Software and Affected Versions FreeIPMI versions prior to 1.16.18 Description The ipmi-oem client command, which implements Intelligent Platform Management Interface IPMI OEM commands for specific hardware vendors, contains buffer overflows on response messages. This issue...

7.5CVSS5.5AI score0.00405EPSS
Exploits0References24
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.7 views

FreeIPMI 安全漏洞

FreeIPMI is an open-source server remote management toolset provided by FreeIPMI, which offers features for managing and monitoring IPMI interfaces. Versions of FreeIPMI prior to 1.6.18 contained security vulnerabilities. These vulnerabilities stemmed from buffer overflows in the response message...

7.5CVSS5.6AI score0.00405EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

NetApp Active IQ OneCollect 安全漏洞

NetApp Active IQ OneCollect is a platform provided by the US-based NetApp company that collects, analyzes, and validates diagnostic data from storage infrastructure. Version 2.7.3 of NetApp Active IQ OneCollect contains a security vulnerability. This vulnerability stems from the use of hardcoded...

8.8CVSS5.3AI score0.00226EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/06/02 6:46 p.m.15 views

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation. Tracked as CVE-2025-48595 CVSS score: 8.4, the security flaw h...

8.4CVSS6.2AI score0.01714EPSS
Exploits1
Rows per page
Query Builder