Lucene search
K

6101 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/29 12:29 p.m.6 views

CVE-2026-40523

FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Audit Trail report handler that allows authenticated attackers with SAGLANALYTIC permission to execute arbitrary SQL queries by injecting malicious code into the PARAM2 and PARAM3 POST parameters. Attackers can exploit...

8.1CVSS6.1AI score0.00276EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.9 views

PT-2026-53270

Name of the Vulnerable Software and Affected Versions FrontAccounting versions prior to 2.4.20 Description An issue exists in the Audit Trail report handler that allows authenticated attackers with SA GLANALYTIC permission to execute arbitrary SQL queries. This is achieved by injecting malicious...

8.1CVSS6.1AI score0.00276EPSS
Exploits0References6
Nuclei
Nuclei
added 2026/06/28 3:8 p.m.19 views

dotCMS Core Publish Audit API - Unauthenticated SQL Injection

dotCMS Core 25.11.04-1 through 26.04.28-02 contains an SQL injection caused by unsanitized input in Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll, letting remote unauthenticated attackers read, modify, or destroy arbitrary database content, exploit requires ...

10CVSS6AI score0.01584EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.9 views

SUSE CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.8AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2026/06/27 12:0 a.m.23 views

VulnCheck KEV: CVE-2026-8054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in the Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll in dotCMS Core 25.11.04-1 through 26.04.28-02 allows remote unauthenticated attackers to read, modify, or destroy arbitrar...

10CVSS6.1AI score0.01584EPSS
In wildExploits1References2
OSV
OSV
added 2026/06/26 8:17 p.m.2 views

DEBIAN-CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.5CVSS0.00122EPSS
Exploits0References8
OSV
OSV
added 2026/06/26 8:17 p.m.4 views

UBUNTU-CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/26 7:40 p.m.6 views

EUVD-2026-39892

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.8AI score0.00122EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.6 views

CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
CVE
CVE
added 2026/06/26 7:40 p.m.18 views

CVE-2026-53287

CVE-2026-53287 affects the Linux kernel audit CAPSET path. A copy-paste bug in __audit_log_capset() writes cap_pi (inheritable) with cap_effective, corrupting inheritable audit data and enabling privilege-escalation prep in the audit trail. The issue is fixed in the Linux kernel; patches exist in...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2026/06/26 11:16 a.m.10 views

CVE-2026-57913

Johnson & Johnson Audit Tracking Management System ATMS before 2026-04-21 allows viewing of meeting minutes and transcripts...

7.5CVSS0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 10:6 a.m.35 views

CVE-2026-57913

Johnson & Johnson Audit Tracking Management System ATMS before 2026-04-21 allows viewing of meeting minutes and transcripts...

7.5CVSS0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 10:6 a.m.8 views

EUVD-2026-39644

Johnson & Johnson Audit Tracking Management System ATMS before 2026-04-21 allows viewing of meeting minutes and transcripts...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:6 a.m.9 views

CVE-2026-57913

Johnson & Johnson Audit Tracking Management System ATMS before 2026-04-21 allows viewing of meeting minutes and transcripts...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 10:6 a.m.13 views

CVE-2026-57913

CVE-2026-57913 affects Johnson & Johnson ATMS (Audit Tracking Management System) prior to 2026-04-21, enabling viewing of meeting minutes and transcripts. The available data do not specify root cause, affected versions beyond the date, or exploitable vectors beyond unauthenticated access indicate...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.14 views

PT-2026-52926

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the audit log capset function where the effective capability set is incorrectly recorded into the inheritable field. This occurs because the function reports cap pi...

7.8CVSS5.8AI score0.00184EPSS
Exploits0References378
NVD
NVD
added 2026/06/24 3:16 p.m.9 views

CVE-2026-50698

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input before generating HTML output in the Audit Trail component...

4.6CVSS0.00256EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freeipa

A flaw was identified in the FreeIPA API audit; it sends the entire FreeIPA command line to journalctl. As a result, during the FreeIPA installation process, administrative user credentials—including the administrator’s password—are inadvertently leaked into the journal database. In the worst-cas...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References3
Rows per page
Query Builder