Lucene search
K

192412 matches found

Cvelist
Cvelist
added 2026/03/10 4:44 p.m.26 views

CVE-2025-48840

An authentication bypass by spoofing vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.8, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote unauthenticated attacker to bypass hostname restrictions via a specially crafted request...

5.3CVSS0.00459EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/10 4:44 p.m.2 views

CVE-2025-48840

An authentication bypass by spoofing vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.8, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote unauthenticated attacker to bypass hostname restrictions via a specially crafted request...

5.3CVSS5.8AI score0.00459EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/10 4:44 p.m.3 views

CVE-2025-54820

A Stack-based Buffer Overflow vulnerability CWE-121 vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is...

8.1CVSS5.9AI score0.0087EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/10 4:44 p.m.5 views

CVE-2026-30897

A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute...

6.6CVSS6.5AI score0.00632EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/03/10 4:21 p.m.8 views

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

Artificial Intelligence AI is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these agents make work faster, they also open a new "back door" f...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/10 2:8 p.m.4 views

CVE-2025-41757

A low-privileged remote attacker can abuse the backup restore functionality of UBR ubr-restore which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the system...

8.8CVSS5.9AI score0.00542EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/10 2:8 p.m.6 views

CVE-2025-61614

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS5.9AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/10 2:8 p.m.5 views

CVE-2026-3814

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to t...

9CVSS6AI score0.00772EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.5 views

ASP.NET Core Denial of Service Vulnerability

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.02818EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.3 views

Windows Authentication Elevation of Privilege Vulnerability

Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00273EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.4 views

Windows Device Association Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...

7CVSS5.9AI score0.00205EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.1 views

Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00462EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.7 views

MapUrlToZone Security Feature Bypass Vulnerability

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...

7.5CVSS5.8AI score0.01191EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.6 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...

8CVSS6AI score0.00836EPSS
Exploits3
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.5 views

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...

8CVSS5.9AI score0.00886EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.7 views

GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability

Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to execute code over a network...

8.8CVSS5.9AI score0.00933EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.6 views

Windows Kerberos Security Feature Bypass Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network...

6.5CVSS5.9AI score0.00347EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/03/10 1:0 p.m.15 views

When Trusted Websites Turn Malicious: WordPress Compromises Advance Global Stealer Operation

Overview Rapid7 Labs has identified and analyzed an ongoing, widespread compromise of legitimate, potentially highly trusted WordPress websites, misused by an unidentified threat actor to inject a ClickFix implant impersonating a Cloudflare human verification challenge CAPTCHA. The lure is design...

6AI score
Exploits0
CVE
CVE
added 2026/03/10 12:8 p.m.15 views

CVE-2026-2741

CVE-2026-2741 affects Vaadin’s build process which automatically downloads and extracts Node.js when not installed locally. A path traversal flaw in specially crafted ZIP archives can make files be written outside the intended extraction directory during Node.js download/extraction for Vaadin ver...

6.8CVSS5.8AI score0.00342EPSS
Exploits0References6Affected Software1
The Hacker News
The Hacker News
added 2026/03/10 11:0 a.m.11 views

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The problem is that most teams have more internet-facing exposure than they realise. Intruder's Head of Security digs into why this happens and how teams can manage ...

6.4AI score
Exploits0
Rows per page
Query Builder