Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/01 1:45 p.m.6 views

CVE-2026-13602

We found a chain of combining multiple weaknesses in the product that could allow an attacker to become any user in the backend and access any data: The payment integration plugins Stripe included in the core system, pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect,...

9.4CVSS6AI score0.00239EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54631

Name of the Vulnerable Software and Affected Versions pretix versions prior to 2026.5.3 Description A chain of weaknesses allows an attacker to impersonate any user in the backend and access any data. The issue stems from payment integration plugins Stripe, pretix-mollie, pretix-oppwa,...

9.4CVSS6.1AI score0.00239EPSS
Exploits0References4
NVD
NVD
added 2026/06/22 4:16 p.m.12 views

CVE-2026-9072

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backe...

9.8CVSS0.00409EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:21 p.m.4 views

CVE-2026-9072

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backe...

9.8CVSS6.5AI score0.00409EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.11 views

PT-2026-51350

Name of the Vulnerable Software and Affected Versions IBM i versions 7.3 through 7.6 IBM WebSphere Application Server affected versions not specified IBM WebSphere Application Server Liberty affected versions not specified Description Remote code execution and denial of service are possible when...

9.8CVSS6.3AI score0.00409EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.7 views

CVE-2025-32057

The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server...

6.5CVSS5.5AI score0.00291EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 3:22 p.m.8 views

CVE-2025-32057 Misconfigured SSL/TLS communication of Redbend service for Infotainment ECU

The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server...

6.5CVSS5.5AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.10 views

Bosch Infotainment ECU security vulnerabilities

The Bosch Infotainment ECU is an in-car entertainment system developed by the German company Bosch. There is a security vulnerability in the Bosch Infotainment ECU. This vulnerability stems from the SSL engine using a default configuration, which results in the server root certificates not being...

6.5CVSS5.8AI score0.00291EPSS
Exploits0References4
OSV
OSV
added 2024/03/11 9:14 p.m.13 views

CVE-2024-28120 API key leak in codeium-chrome

codeium-chrome is an open source code completion plugin for the chrome web browser. The service worker of the codeium-chrome extension doesn't check the sender when receiving an external message. This allows an attacker to host a website that will steal the user's Codeium api-key, and thus...

6.5CVSS6.5AI score0.00647EPSS
Exploits1References4
Rows per page
Query Builder