Lucene search
K

56 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-55950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all...

8.7CVSS6AI score0.00384EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 10:49 p.m.27 views

CVE-2026-39955

CVE-2026-39955 affects Cacti up to version 1.2.30, with a pre-authentication SQL injection caused by an unanchored FILTER_VALIDATE_REGEXP in graph_view.php. The issue is fixed in version 1.2.31. Impact centers on unauthorized access to potentially sensitive data before authentication; exploitatio...

9.8CVSS5.9AI score0.00315EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.15 views

WordPress plugin Responsive Check 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.8AI score0.00204EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

HCL DominoIQ 安全漏洞

HCL DominoIQ is an intelligent business platform developed by HCL Company in India, which integrates artificial intelligence capabilities with enterprise collaboration functions. HCL DominoIQ has a security vulnerability, caused by ineffective access control, which may allow authentication...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

WordPress plugin Charitable SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.5CVSS5.9AI score0.00281EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 12:17 p.m.7 views

CVE-2026-4313

AdaptiveGRC is vulnerable to Stored XSS via text type fields across the forms. Authenticated attacker can replace the value of the text field in the HTTP POST request. Improper parameter validation by the server results in arbitrary JavaScript execution in the victim's browser. Critically, this...

2.4CVSS0.0059EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16180

Limesurvey before 3.17.14 allows remote attackers to bruteforce the login form and enumerate usernames when the LDAP authentication method is used...

5.3CVSS7.2AI score0.01697EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:9 a.m.13 views

CVE-2024-2013

An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway component that if exploited allows attackers without any access to interact with the services and the post-authentication attack surface...

10CVSS7AI score0.0068EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3026

Malware in sbrugna...

6.8CVSS6.4AI score0.01435EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-2288

Malware in sbrugna...

5.8CVSS6.1AI score0.01344EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-1931

Malware in sbrugna...

7.5CVSS6.4AI score0.01572EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-4446

Malware in sbrugna...

7.5CVSS6.5AI score0.04242EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-26983

Malicious code in bioql PyPI...

10CVSS6.4AI score0.0068EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13267

Malicious code in bioql PyPI...

6.1CVSS8.9AI score0.14477EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-9506

Malicious code in bioql PyPI...

4.9CVSS5.2AI score0.0064EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/06 2:10 p.m.2 views

CVE-2025-8616 Malicious browser plugins may cause Authentication replay attack vulnerability to bypass authentication in OpenText Advanced Authentication

A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can record and replay the user authentication process to bypass Authentication. This issue affects Advanced Authentication on or before 6.5.0...

6.1CVSS6.8AI score0.00311EPSS
Exploits0References1
CVE
CVE
added 2025/07/29 12:0 a.m.26 views

CVE-2025-28172

The CVE-2025-28172 affects Grandstream Networks UCM6510 (versions 1.0.20.52 and earlier). It describes an improper restriction of excessive authentication attempts, enabling brute-force login attempts to target accounts. The cited PT-2025-31217 recommends updating to version 1.0.20.52 or later to...

6.5CVSS7AI score0.00267EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/07/28 7:47 p.m.5 views

CVE-2025-54419 Node-SAML Contains SAML Signature Verification Vulnerability

A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details with...

10CVSS6.6AI score0.00357EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/07/14 5:2 a.m.4 views

CVE-2025-7574 LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication

A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to...

10CVSS7AI score0.00745EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.8 views

PT-2025-27541 · Hikvision · Hikvision Streaming Media Management Server

Name of the Vulnerable Software and Affected Versions: Hikvision Streaming Media Management Server version 2.3.5 Description: The issue allows remote attackers to authenticate using default credentials and access restricted functionality. After authentication, an attacker can exploit an arbitrary...

8.7CVSS6.2AI score0.00852EPSS
Exploits0References9
Rows per page
Query Builder