Lucene search
K

161467 matches found

OSV
OSV
added 2026/06/11 12:5 p.m.7 views

RLSA-2026:24348 Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...

7.5CVSS7.2AI score0.0077EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/11 11:14 a.m.7 views

SUSE CVE-2026-47165

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, the distributed pixel cache was originally designed to operate without a challenge-response authentication model. This has been changed in versions 6.9.13-48 an...

4.1CVSS5.2AI score0.00109EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 10:19 a.m.9 views

CVE-2026-9204 Server-Side Request Forgery (SSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to read arbitrary files from the Gitaly server and access internal network resources...

5.3CVSS5.6AI score0.00247EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 10:16 a.m.10 views

CVE-2025-7064

Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024...

7.1CVSS0.00116EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/11 10:6 a.m.178 views

Exploit for CVE-2026-10795

CVE-2026-10795 CVE-2026-10795 – UpdraftPlus Authentication Byp...

8.1CVSS5.8AI score0.03578EPSS
Exploits3
EUVD
EUVD
added 2026/06/11 9:7 a.m.9 views

EUVD-2025-210109

Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024...

7.1CVSS5.4AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 9:7 a.m.26 views

CVE-2025-7064

ABB Freelance is affected by CVE-2025-7064 with an authentication bypass described as a primary weakness. Affected releases include Freelance through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, and 2024. Metrics show CVSS v3.1: Low impact on confidentiality, High impact on integ...

7.1CVSS5.4AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 9:7 a.m.27 views

CVE-2025-7064 Freelance Security Lock – Access to Windows OS

Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024...

7.1CVSS0.00116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 9:7 a.m.9 views

CVE-2025-7064 Freelance Security Lock – Access to Windows OS

Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024...

7.1CVSS5.4AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 8:31 a.m.61 views

CVE-2026-5497

CVE-2026-5497 affects vLLM 0.8.0 and later, where VideoMediaIO.load_base64() can perform unbounded frame processing for video/jpeg data URLs, leading to an Out-of-Memory DoS. An attacker can craft a single API request with thousands of comma-separated base64 JPEG frames, causing the server to dec...

7.5CVSS5.5AI score0.00543EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2026/06/11 7:23 a.m.11 views

Authentication Bypass

Yubico java-webauthn-server is vulnerable to Authentication Bypass. The vulnerability is due to incorrect validation of a function's return value during the second-factor authentication flow, allowing attackers to bypass the intended authentication checks and impersonate legitimate users...

7.5CVSS5.5AI score0.00308EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/11 7:16 a.m.10 views

CVE-2026-40997

Several Spring WS integration paths with Spring Security could surface detailed account state for example locked or disabled user semantics to remote SOAP clients through exception messages or callback outcomes, instead of failing with generic authentication errors. That behavior assists remote...

5.3CVSS0.00366EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 7:16 a.m.19 views

CVE-2026-10795

The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.26.4 via the UpdraftPlusRemoteCommunicationsV2::wploaded function. This is due to insufficient validation of the remote communications message format,...

8.1CVSS0.03578EPSS
Exploits3References4
OSV
OSV
added 2026/06/11 7:16 a.m.4 views

UBUNTU-CVE-2026-40997

Several Spring WS integration paths with Spring Security could surface detailed account state for example locked or disabled user semantics to remote SOAP clients through exception messages or callback outcomes, instead of failing with generic authentication errors. That behavior assists remote...

5.3CVSS5.4AI score0.00366EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/11 7:6 a.m.58 views

Exploit for CVE-2026-23550

🧨 CVE-2026-23550 – Modular Connector Admin Bypass Unauthentic...

9.8CVSS6AI score0.20631EPSS
Exploits7
Vulnrichment
Vulnrichment
added 2026/06/11 5:34 a.m.11 views

CVE-2026-10795 UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc

The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.26.4 via the UpdraftPlusRemoteCommunicationsV2::wploaded function. This is due to insufficient validation of the remote communications message format,...

8.1CVSS6.1AI score0.03578EPSS
Exploits3References4
EUVD
EUVD
added 2026/06/11 5:34 a.m.13 views

EUVD-2026-36215

The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.26.4 via the UpdraftPlusRemoteCommunicationsV2::wploaded function. This is due to insufficient validation of the remote communications message format,...

8.1CVSS6.1AI score0.03578EPSS
Exploits3References4
Cvelist
Cvelist
added 2026/06/11 5:34 a.m.32 views

CVE-2026-10795 UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc

The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.26.4 via the UpdraftPlusRemoteCommunicationsV2::wploaded function. This is due to insufficient validation of the remote communications message format,...

8.1CVSS0.03578EPSS
Exploits3References4
CVE
CVE
added 2026/06/11 5:34 a.m.248 views

CVE-2026-10795

UpdraftPlus (WordPress plugin)

8.1CVSS6.1AI score0.03578EPSS
In wildExploits3References4
EUVD
EUVD
added 2026/06/11 5:4 a.m.9 views

EUVD-2026-36207

Several Spring WS integration paths with Spring Security could surface detailed account state for example locked or disabled user semantics to remote SOAP clients through exception messages or callback outcomes, instead of failing with generic authentication errors. That behavior assists remote...

5.3CVSS5.5AI score0.00366EPSS
Exploits0References1
Rows per page
Query Builder