Lucene search
K

48 matches found

CVE
CVE
added 2026/06/15 2:6 p.m.14 views

CVE-2026-8683

Mattermost Desktop App

6.5CVSS5.2AI score0.00199EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 4:48 p.m.31 views

CVE-2026-47990 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References1
PyPA
PyPA
added 2026/05/05 4:16 p.m.13 views

PYSEC-2026-55

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14.django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served.Earlier, unsupported Django series such as 5.0.x, 4.1.x...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2026/04/24 12:30 p.m.7 views

be.yildiz-games:module-messaging-activemq (=2.0.0), com.codbex.atlas:codbex-atlas-application (>=1.1.0 <=2.110.0) +111 more potentially affected by CVE-2026-41044 via org.apache.activemq:activemq-broker (>=6.0.0 <=6.2.4)

org.apache.activemq:activemq-broker MAVEN version =6.0.0, =1.1.0, =2.55.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.2.2, =1.4.0, =2.2.0 and more Source cves: CVE-2026-41044 Source advisory: OSV:GHSA-MR6M-XJ7V-3CV3...

8.8CVSS7.2AI score0.0098EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/17 9:6 p.m.4 views

CVE-2026-40305 DNN has Force Friend Request Acceptance

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version 10.2.2, in the friends feature, a user could craft a request that would force the acceptance of a friend request on another user. Version 10.2.2...

4.3CVSS5.7AI score0.00183EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/10 12:31 p.m.9 views

be.yildiz-games:module-messaging-activemq (=2.0.0), com.codbex.atlas:codbex-atlas-application (>=1.1.0 <=2.110.0) +111 more potentially affected by CVE-2026-39304 via org.apache.activemq:activemq-broker (>=6.0.0 <=6.2.3)

org.apache.activemq:activemq-broker MAVEN version =6.0.0, =1.1.0, =2.55.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.2.2, =1.4.0, =2.2.0 and more Source cves: CVE-2026-39304 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15992455...

7.5CVSS5.7AI score0.00896EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 9:31 a.m.7 views

com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.2) +5 more potentially affected by CVE-2026-34197 via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.2)

org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.2 Source cves: CVE-2026-34197 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-16032379...

8.8CVSS6.6AI score0.96666EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-3902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an...

7.5CVSS5.5AI score0.00436EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 3:31 a.m.8 views

EUVD-2026-10978

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/03/11 1:16 a.m.5 views

CVE-2026-27239

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.7AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.6 views

Fortinet FortiAuthenticator 安全漏洞

Fortinet FortiAuthenticator is a centralized user identity management solution provided by the American company Fortinet. Vulnerabilities exist in versions 6.6.0 to 6.6.6, 6.5 all versions, 6.4 all versions, and 6.3 all versions of FortiAuthenticator. These vulnerabilities stem from the lack of...

7.2CVSS5.8AI score0.00336EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/18 7:21 a.m.23 views

CVE-2025-54745 WordPress miniOrange's Google Authenticator Plugin <= 6.1.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in miniOrange miniOrange's Google Authenticator miniorange-2-factor-authentication allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects miniOrange's Google Authenticator: from n/a through = 6.1.1...

6.5CVSS0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 2:23 p.m.4 views

CVE-2025-67596

Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through = 6.4.19...

4.3CVSS6.9AI score0.00098EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.11 views

PT-2025-43267

Name of the Vulnerable Software and Affected Versions Simple User Registration versions prior to and including 6.4 Description A privilege assignment issue exists in N-Media Simple User Registration. This allows for privilege escalation. Recommendations Update Simple User Registration to a versio...

8.8CVSS6.6AI score0.00332EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-10059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument lsid is provided in a...

6.5CVSS5.5AI score0.00254EPSS
Exploits0References2
CVE
CVE
added 2025/09/09 4:36 p.m.19 views

CVE-2025-54247

CVE-2025-54247 affects Adobe Experience Manager (AEM) versions 6.5.23.0 and earlier. The issue is improper input validation that can cause a security feature bypass, allowing a low-privileged attacker to read data unauthorizedly. Several connected sources confirm the vulnerability and its impact,...

6.5CVSS6.1AI score0.00441EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.4 views

IBM Sterling B2B Integrator和IBM Sterling File Gateway 安全漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM.IBM Sterling B2B Integrator is a suite of software that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B...

6.5CVSS6.2AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2025/07/28 12:15 p.m.8 views

AZL-65946 CVE-2025-38493 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...

5.5CVSS5.8AI score0.00151EPSS
Exploits0References1
OSV
OSV
added 2025/06/26 2:15 p.m.2 views

UBUNTU-CVE-2025-6706

An authenticated user may trigger a use after free that may result in MongoDB Server crash and other unexpected behavior, even if the user does not have authorization to shut down a server. The crash is triggered on affected versions by issuing an aggregation framework operation using a specific...

8.8CVSS5.8AI score0.00214EPSS
Exploits0References3
Rows per page
Query Builder