Lucene search
K

7622 matches found

AlmaLinux
AlmaLinux
added 2026/05/27 12:0 a.m.34 views

Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS5.9AI score0.01016EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-6419

The WishList Member plugin for WordPress is vulnerable to Privilege Escalation via Missing Authorization in versions up to and including 3.30.1. This is due to the missing capability and nonce check in the ajaxgetscreen function. This makes it possible for authenticated attackers, with...

8.8CVSS5.9AI score0.00258EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/26 6:38 p.m.22 views

Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities

Summary There are multiple vulnerabilities in the IBM HTTP Server used by IBM WebSphere Application Server CVE-2026-8834, CVE-2026-8852, CVE-2026-8856, CVE-2026-8850, CVE-2026-8854, CVE-2026-8855, CVE-2026-8835, CVE-2026-45186, CVE-2026-9170. Vulnerability Details CVEID:CVE-2026-8850 DESCRIPTION:...

9.8CVSS6.7AI score0.00488EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/05/26 6:16 p.m.20 views

CVE-2026-8835

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

7.3CVSS0.00252EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 5:16 p.m.13 views

CVE-2025-36126

IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...

7.6CVSS0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 5:11 p.m.11 views

CVE-2026-8835 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 5:11 p.m.22 views

EUVD-2026-31918

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:10 p.m.9 views

CVE-2026-8834

IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...

8CVSS6.4AI score0.0026EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/26 5:10 p.m.29 views

CVE-2026-8834

CVE-2026-8834 affects IBM HTTP Server versions 8.5 and 9.0. The issue is a buffer overflow in the server, which could be exploited by a privileged user authenticated to the Administration Server to execute remote code or cause a denial of service. The CVSS metrics indicate an adjacent attack vect...

8CVSS6.4AI score0.0026EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/26 3:52 p.m.14 views

CVE-2025-36126 IBM Cognos Analytics is affected by Cross-site scripting.

IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...

6.4CVSS5.8AI score0.00185EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 3:52 p.m.15 views

CVE-2025-36126

IBM Cognos Analytics (versions 11.2.0, 12.0, 12.1.0) and IBM Cognos Transformer (12.0, 11.2.4, 12.1.0) are affected by a stored cross-site scripting (XSS) vulnerability in Cognos Administration. The issue allows a privileged user to embed arbitrary JavaScript in the Web UI, potentially altering f...

7.6CVSS5.8AI score0.00185EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.19 views

PT-2026-43366

Name of the Vulnerable Software and Affected Versions IBM HTTP Server version 8.5 IBM HTTP Server version 9.0 Description An invalid pointer dereference occurs in the Administration Server. A privileged, authenticated user can exploit this issue to cause a denial of service or expose sensitive...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.23 views

PuTTY 安全漏洞

PuTTY is a suite of free Telnet, Rlogin and SSH client software from the individual developer Simon Tatham. The software is primarily used for remote administration of Linux systems. A security vulnerability exists in PuTTY versions prior to 0.84, which stems from an assertion failure in ECDSA...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/21 11:21 p.m.13 views

[SECURITY] Fedora 44 Update: cockpit-362-1.fc44

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

8CVSS7AI score0.01016EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/05/21 4:27 p.m.11 views

cockpit: Unauthenticated remote code execution due to SSH command-line argument injection

An update is available for cockpit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

9.8CVSS5.8AI score0.142EPSS
Exploits3
Fedora
Fedora
added 2026/05/21 12:57 a.m.12 views

[SECURITY] Fedora 44 Update: pgadmin4-9.15-1.fc44

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

9.9CVSS5.8AI score0.01444EPSS
Exploits1
NVD
NVD
added 2026/05/20 5:16 a.m.16 views

CVE-2026-9056

A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload that can be triggered by a different user...

5.4CVSS0.00178EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 5:16 a.m.30 views

CVE-2026-9057

A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...

8.2CVSS0.00261EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 4:39 a.m.10 views

CVE-2026-9057

A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the Talend Studio update URL. This issue was resolved in a patch, which is already available...

8.2CVSS5.7AI score0.00261EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/20 4:39 a.m.24 views

CVE-2026-9057

The vulnerability CVE-2026-9057 affects Talend Administration Center and is a broken access control issue that allows a user with View permission to modify the Talend Studio update URL. Reported impact is high (CVSS 3.1: 8.2, Confidentiality/Integrity High, Availability None) with network attack ...

8.2CVSS5.7AI score0.00261EPSS
Exploits0References1
Rows per page
Query Builder