Lucene search
K

3139 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.4 views

Fortinet FortiAnalyzer sqli (FG-IR-26-095)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-095 advisory. - An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet...

7.2CVSS6.1AI score0.00445EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

SAP NetWeaver Application Server for ABAP 安全漏洞

SAP NetWeaver Application Server for ABAP is a core application server platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver Application Server for ABAP, which stems from the lack of authorization checks. This vulnerability may allow authenticated...

5CVSS5.8AI score0.0023EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.7 views

PT-2026-24164

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server for ABAP affected versions not specified Description An authenticated attacker with user privileges may be able to read Database Analyzer Log Files due to a missing authorization check within a specific RFC...

5CVSS5.5AI score0.0023EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.4 views

Fortinet FortiAnalyzer Lack of TLS Certificate Validation during initial SSO Authentication (FG-IR-26-078)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-078 advisory. - A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0...

6.9CVSS5.9AI score0.00185EPSS
Exploits0References2
OSV
OSV
added 2026/03/09 4:1 p.m.1 views

MAL-2026-1292 Malicious code in odds-analyzer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd711f9267e0e1bd3dc42ff98c117a939f5ffa947f11c5fd3d9aea4bc8a47c1 The package odds-analyzer was found to contain malicious code. Source: ghsa-malware 90239f2eeaa13b5a4c00596bcd6f549ab3948f0b1421e246ce67a7bfa30248d6...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/09 4:1 p.m.10 views

Malicious code in odds-analyzer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd711f9267e0e1bd3dc42ff98c117a939f5ffa947f11c5fd3d9aea4bc8a47c1 The package odds-analyzer was found to contain malicious code. Source: ghsa-malware 90239f2eeaa13b5a4c00596bcd6f549ab3948f0b1421e246ce67a7bfa30248d6...

5.7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/02 1:43 p.m.5 views

CVE-2026-28338

PMD is an extensible multilanguage static code analyzer. Prior to version 7.22.0, PMD's vbhtml and yahtml report formats insert rule violation messages into HTML output without escaping. When PMD analyzes untrusted source code containing crafted string literals, the generated HTML report contains...

6.8CVSS6AI score0.00297EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/28 2:49 a.m.6 views

EUVD-2026-9069

PMD Designer has Stored XSS in VBHTMLRenderer and YAHTMLRenderer via unescaped violation messages...

6.8CVSS5.9AI score0.00297EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/27 8:28 p.m.3 views

CVE-2026-28338

PMD is an extensible multilanguage static code analyzer. Prior to version 7.22.0, PMD's vbhtml and yahtml report formats insert rule violation messages into HTML output without escaping. When PMD analyzes untrusted source code containing crafted string literals, the generated HTML report contains...

6.8CVSS6AI score0.00297EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.9 views

PMD 跨站脚本漏洞

PMD is a scalable, multi-language static source code analyzer. Versions of PMD prior to 7.22.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the lack of escaping of output in vbhtml and yahtml report formats, which could lead to cross-site scripting attacks...

6.8CVSS5.7AI score0.00297EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.5 views

Wireshark Analyzer 4.6.4

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

7.5CVSS6AI score0.00184EPSS
Exploits3
GithubExploit
GithubExploit
added 2026/02/17 3:6 p.m.154 views

securiclaw

🦞 Securiclaw AI-Powered Code Security Scanner Securiclaw...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.6 views

RHEL 10 : wireshark (RHSA-2026:2763)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2763 advisory. The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fixes:...

7.8CVSS5.5AI score0.00194EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper checking of the isusertask auxiliary function. This vulnerability could potentially caus...

5.5CVSS6AI score0.00114EPSS
Exploits0References4
OSV
OSV
added 2026/02/05 9:13 a.m.6 views

RLSA-2026:1714 Moderate: wireshark security update

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fixes: Wireshark: NULL Pointer Dereference in Wireshark CVE-2025-9817 For more details about the security issues, including the impact, a CVSS score,...

5.5CVSS5.4AI score0.00194EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.16 views

Oracle E-Business Suite (January 2026 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle Field Service product of Oracle E-Business Suite component: HTML Dispatch Center Apache Commons BeanUtils...

8.8CVSS6.8AI score0.01495EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.5 views

RHEL 10 : wireshark (RHSA-2026:1714)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1714 advisory. The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fixes:...

7.8CVSS5.4AI score0.00194EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/31 3:21 p.m.32 views

CVE-2025-9226

Zohocorp ManageEngine OpManager, NetFlow Analyzer, and OpUtils versions prior to 128582 are affected by a stored cross-site scripting vulnerability in the Subnet Details...

4.6CVSS5.8AI score0.00419EPSS
Exploits0References1
NVD
NVD
added 2026/01/30 2:16 p.m.6 views

CVE-2025-9226

Zohocorp ManageEngine OpManager, NetFlow Analyzer, and OpUtils versions prior to 128582 are affected by a stored cross-site scripting vulnerability in the Subnet Details...

4.6CVSS0.00419EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/30 1:42 p.m.3 views

CVE-2025-9226 Stored XSS

Zohocorp ManageEngine OpManager, NetFlow Analyzer, and OpUtils versions prior to 128582 are affected by a stored cross-site scripting vulnerability in the Subnet Details...

4.6CVSS5AI score0.00419EPSS
Exploits0References1
Rows per page
Query Builder