Lucene search
K

9803 matches found

CNNVD
CNNVD
added 2026/03/23 12:0 a.m.7 views

Rails 注入漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. There were injection vulnerabilities in versions of Rails Active Storage prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1. These vulnerabilities stemmed from the direct passing of...

9.1CVSS5.8AI score0.00646EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.7 views

Rails 安全漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. There are security vulnerabilities in versions of Rails Active Support before 8.1.2.1, 8.0.4.1, and 7.2.3.1. These vulnerabilities stem from digital helper functions...

8.7CVSS5.8AI score0.0061EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.4 views

PT-2026-27263

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage enables users to attach cloud and local files within Rails applications. A flaw exists in the DiskServicedelete prefixed...

9.1CVSS5.8AI score0.00646EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.4 views

PT-2026-27257

Name of the Vulnerable Software and Affected Versions Active Support versions prior to 8.1.2.1 Active Support versions prior to 8.0.4.1 Active Support versions prior to 7.2.3.1 Description The SafeBuffer% function does not correctly propagate the @html unsafe flag to newly created buffers. If a...

6.1CVSS6.1AI score0.00327EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.2 views

PT-2026-27260

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage in Rails applications allows users to attach cloud and local files. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, the...

8.7CVSS5.8AI score0.0061EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.6 views

PT-2026-27202

Name of the Vulnerable Software and Affected Versions NetScaler ADC versions prior to 14.1-60.58 NetScaler Gateway versions prior to 13.1-662.23 Description Insufficient input validation in the SAML processing module of NetScaler ADC and NetScaler Gateway, when configured as a SAML Identity...

9.8CVSS8.8AI score0.83996EPSS
Exploits7References303
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.6 views

Rails 路径遍历漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. Versions of Rails Active Storage prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1 contained a path traversal vulnerability. This vulnerability stemmed from the lack of verificatio...

9.8CVSS5.8AI score0.00567EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.8 views

PT-2026-27262

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Active Storage in Rails applications allows users to attach cloud and local files. The DiskServicepath for function does not validate...

9.8CVSS5.9AI score0.00567EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.6 views

PT-2026-27261

Name of the Vulnerable Software and Affected Versions Active Support versions prior to 8.1.2.1 Active Support versions prior to 8.0.4.1 Active Support versions prior to 7.2.3.1 Description Active Support number helpers are susceptible to a denial-of-service condition. The number helpers accept...

8.7CVSS6.6AI score0.0061EPSS
Exploits0References22
OSV
OSV
added 2026/03/22 11:4 p.m.8 views

SUSE-SU-2026:0954-1 Security update for the Linux Kernel (Live Patch 68 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.258 fixes various security issues The following security issues were fixed: - CVE-2022-50423: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage bsc1250785. - CVE-2022-50697: mrp: introduce active flags to prevent UAF when...

7.8CVSS6.8AI score0.00278EPSS
Exploits0References19
SUSE Linux
SUSE Linux
added 2026/03/22 6:34 p.m.6 views

Security update for the Linux Kernel (Live Patch 66 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.250 fixes various security issues The following security issues were fixed: CVE-2022-50423: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage bsc1250785. CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant...

8.7CVSS6AI score0.00278EPSS
Exploits0References36
OSV
OSV
added 2026/03/22 6:34 p.m.1 views

SUSE-SU-2026:0953-1 Security update for the Linux Kernel (Live Patch 65 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.247 fixes various security issues The following security issues were fixed: - CVE-2022-50423: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage bsc1250785. - CVE-2022-50697: mrp: introduce active flags to prevent UAF when...

7.8CVSS6.8AI score0.00278EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.5 views

PT-2026-26574

Name of the Vulnerable Software and Affected Versions Content Visibility for Divi Builder version 4.01 Description A contributor-controlled expression reaches the eval function through real feature paths. More than 2,000 active installations are reported. Recommendations At the moment, there is n...

8.8CVSS5.8AI score0.00682EPSS
Exploits0References7
Wordfence Blog
Wordfence Blog
added 2026/03/19 4:12 p.m.19 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 9, 2026 to March 15, 2026)

Last week, there were 116 vulnerabilities disclosed in 78 WordPress Plugins and 19 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 66 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

9.8CVSS7AI score0.04279EPSS
Exploits10
CNVD
CNVD
added 2026/03/19 12:0 a.m.6 views

WordPress Plugin Active Products Tables for WooCommerce Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Active Products Tables for WooCommerce has a cross-site scripting vulnerabilit...

6.5CVSS5.9AI score0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/18 5:41 p.m.20 views

CVE-2026-23264 Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after commit 0ab5d711ec74 "drm/amd: Refactor amdgpuaspm to be...

0.00114EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2026/03/18 10:30 a.m.11 views

Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels

Security teams today are not short on tools or data. They are overwhelmed by both. Yet within the terabytes of alerts, exposures, and misconfigurations – security teams still struggle to understand context: Q: Which exposures, misconfigurations, and vulnerabilities chain together to create viable...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/17 5:23 a.m.5 views

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a medium-severity security flaw impacting Wing FTP to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, CVE-2025-47813 CVSS score: 4.3, is an information...

10CVSS7.9AI score0.95343EPSS
Exploits24
Trellix
Trellix
added 2026/03/17 12:0 a.m.4 views

Getting Roasted? Trellix Helix sees through AS-REP Attack

Getting Roasted? Trellix Helix sees through AS-REP Attack By Adithya Chandra and Maulik Maheta · March 17, 2026 Executive summary Threat actors regularly target Active Directory environments, continuously refining their toolsets and modifying attack frameworks to bypass security controls. However...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.5 views

EulerOS Virtualization 2.12.1 : sssd (EulerOS-SA-2026-1464)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default...

8.8CVSS5.8AI score0.00768EPSS
Exploits0References2
Rows per page
Query Builder