Lucene search
+L

7649 matches found

NVD
NVD
added 2026/05/26 5:16 p.m.14 views

CVE-2025-36126

IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...

7.6CVSS0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 5:11 p.m.13 views

CVE-2026-8835 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 5:11 p.m.28 views

EUVD-2026-31918

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:10 p.m.10 views

CVE-2026-8834

IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...

8CVSS6.4AI score0.0026EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/26 5:10 p.m.37 views

CVE-2026-8834

CVE-2026-8834 affects IBM HTTP Server versions 8.5 and 9.0. The issue is a buffer overflow in the server, which could be exploited by a privileged user authenticated to the Administration Server to execute remote code or cause a denial of service. The CVSS metrics indicate an adjacent attack vect...

8CVSS6.4AI score0.0026EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/26 3:52 p.m.17 views

CVE-2025-36126

IBM Cognos Analytics (versions 11.2.0, 12.0, 12.1.0) and IBM Cognos Transformer (12.0, 11.2.4, 12.1.0) are affected by a stored cross-site scripting (XSS) vulnerability in Cognos Administration. The issue allows a privileged user to embed arbitrary JavaScript in the Web UI, potentially altering f...

7.6CVSS5.8AI score0.00185EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/05/26 3:52 p.m.14 views

CVE-2025-36126 IBM Cognos Analytics is affected by Cross-site scripting.

IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...

6.4CVSS5.8AI score0.00185EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.24 views

PT-2026-43366

Name of the Vulnerable Software and Affected Versions IBM HTTP Server version 8.5 IBM HTTP Server version 9.0 Description An invalid pointer dereference occurs in the Administration Server. A privileged, authenticated user can exploit this issue to cause a denial of service or expose sensitive...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.23 views

PuTTY 安全漏洞

PuTTY is a suite of free Telnet, Rlogin and SSH client software from the individual developer Simon Tatham. The software is primarily used for remote administration of Linux systems. A security vulnerability exists in PuTTY versions prior to 0.84, which stems from an assertion failure in ECDSA...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/21 11:21 p.m.14 views

[SECURITY] Fedora 44 Update: cockpit-362-1.fc44

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

8CVSS7AI score0.01016EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/05/21 4:27 p.m.12 views

cockpit: Unauthenticated remote code execution due to SSH command-line argument injection

An update is available for cockpit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

9.8CVSS5.8AI score0.142EPSS
Exploits4
Fedora
Fedora
added 2026/05/21 12:57 a.m.14 views

[SECURITY] Fedora 44 Update: pgadmin4-9.15-1.fc44

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

9.9CVSS5.8AI score0.01444EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: requires CAPNETADMIN to attach NGSM0710 ldisc. Any unprivileged user can attach to NGSM0710 ldisc, but it still requires CAPNETADMIN to create a GSM network. Additionally, it requires the initial namespace setting of...

5.5CVSS6.1AI score0.00236EPSS
Exploits1References2
NVD
NVD
added 2026/05/20 5:16 a.m.20 views

CVE-2026-9056

A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload that can be triggered by a different user...

5.4CVSS0.00178EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 5:16 a.m.32 views

CVE-2026-9057

A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...

8.2CVSS0.00261EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 4:39 a.m.10 views

CVE-2026-9057

A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...

8.2CVSS5.7AI score0.00261EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/20 4:39 a.m.49 views

CVE-2026-9057 Security fix for Qlik Talend Administration Center URL access control vulnerability

A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...

8.2CVSS0.00261EPSS
Exploits0References1
CVE
CVE
added 2026/05/20 4:39 a.m.26 views

CVE-2026-9057

The vulnerability CVE-2026-9057 affects Talend Administration Center and is a broken access control issue that allows a user with View permission to modify the Talend Studio update URL. Reported impact is high (CVSS 3.1: 8.2, Confidentiality/Integrity High, Availability None) with network attack ...

8.2CVSS5.7AI score0.00261EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/20 4:39 a.m.8 views

CVE-2026-9057 Security fix for Qlik Talend Administration Center URL access control vulnerability

A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...

8.2CVSS5.7AI score0.00261EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 4:39 a.m.14 views

EUVD-2026-31061

A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...

8.2CVSS5.7AI score0.00261EPSS
Exploits0References1
Rows per page
Query Builder