Lucene search
K

52640 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.10 views

DHCP Client Service Remote Code Execution Vulnerability

Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network...

9.8CVSS6AI score0.011EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.9 views

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS6AI score0.00461EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.8 views

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

8.8CVSS6AI score0.00981EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.6 views

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS6AI score0.00397EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 1:11 p.m.8 views

Security Bulletin: DevOps Test Performance / Rational Performance Tester contains a vulnerability related to use of the AsyncHttpClient (AHC) library

Summary Due to use of the AsyncHttpClient AHC library, DevOps Test Performance / Rational Performance Tester, contains a potential vulnerability exposing sensitive session cookies or other credentials. CVE-2026-45300 Vulnerability Details CVEID:CVE-2026-45300 DESCRIPTION: The AsyncHttpClient AHC...

7.4CVSS5.5AI score0.00322EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/06/09 10:16 a.m.13 views

CVE-2026-52902

A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directive does not sanitize file paths, allowing an attacker to craft a malicious YAML file that reads arbitrary YAML-formatted files from the local filesystem when a user imports it using "awx --conf.form...

4.7CVSS0.00121EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 9:33 a.m.38 views

CVE-2026-52902 Awxkit: path traversal via yaml !include directive

A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directive does not sanitize file paths, allowing an attacker to craft a malicious YAML file that reads arbitrary YAML-formatted files from the local filesystem when a user imports it using "awx --conf.form...

4.7CVSS0.00121EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 9:33 a.m.26 views

CVE-2026-52902

CVE-2026-52902 affects awxkit (AWX CLI). The YAML !include directive permits path traversal, enabling an attacker to craft a YAML file that reads arbitrary local YAML files when a user imports it via awx --conf.format yaml import. This is a client-side vulnerability requiring user interaction. Mi...

4.7CVSS5.5AI score0.00121EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 9:33 a.m.11 views

EUVD-2026-35389

A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directive does not sanitize file paths, allowing an attacker to craft a malicious YAML file that reads arbitrary YAML-formatted files from the local filesystem when a user imports it using "awx --conf.form...

4.7CVSS5.5AI score0.00121EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 9:33 a.m.6 views

CVE-2026-52902 Awxkit: path traversal via yaml !include directive

A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directive does not sanitize file paths, allowing an attacker to craft a malicious YAML file that reads arbitrary YAML-formatted files from the local filesystem when a user imports it using "awx --conf.form...

4.7CVSS5.4AI score0.00121EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/09 9:33 a.m.16 views

CVE-2026-52902

A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directive does not sanitize file paths, allowing an attacker to craft a malicious YAML file that reads arbitrary YAML-formatted files from the local filesystem when a user imports it using "awx --conf.form...

4.7CVSS5.5AI score0.00121EPSS
Exploits0References3
Veracode
Veracode
added 2026/06/09 9:19 a.m.12 views

Improper Certificate Validation

The LDAP client is vulnerable to Improper Certificate Validation. The vulnerability is due to missing hostname verification during TLS server identity validation, where the LDAP client validates the certificate chain but does not verify that the certificate matches the intended LDAP server...

8.8CVSS5.5AI score0.00182EPSS
Exploits0References2Affected Software1
SUSE Linux
SUSE Linux
added 2026/06/09 8:18 a.m.12 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex...

9.3CVSS6AI score0.00563EPSS
Exploits12References98
Cvelist
Cvelist
added 2026/06/09 3:48 a.m.33 views

CVE-2026-41715 Reactor Netty HTTP Client Leaks Credentials On Protocol Downgrade Redirect

In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...

6.1CVSS0.00172EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 3:48 a.m.30 views

CVE-2026-41715

CVE-2026-41715 affects the Reactor Netty HTTP Client. When redirects are enabled, HTTP redirects from secure to insecure endpoints may leak credentials and expose sensitive data. Affected versions are Reactor Netty 1.0.0–1.0.51; 1.1.0–1.1.35; 1.2.0–1.2.17; 1.3.0–1.3.5. The provided documents do n...

6.1CVSS5.5AI score0.00172EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 3:48 a.m.8 views

EUVD-2026-35322

In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...

6.1CVSS5.5AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.16 views

CVE-2026-11477

A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java of the component OAuth2 Client. The manipulation results in op...

5.3CVSS5.1AI score0.00303EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/06/09 2:20 a.m.14 views

curl: Trailing-Dot Hostname in Redirect Silently Strips Client Certificate and Auth Credentials

Summary When curl follows a redirect where the Location header contains a hostname with a trailing dot e.g., https://example.com./path, Curlpeerequal in peer.c:321-330 compares the original hostname example.com against the redirect target example.com. using curlstrequal, which does not normalize...

5.7CVSS6.6AI score0.01595EPSS
Exploits1
CVE
CVE
added 2026/06/09 12:20 a.m.33 views

CVE-2026-44746

An XSS vulnerability (reflected) in SAP NetWeaver Java (JDBC Test Servlet) allows an unauthenticated attacker to craft a URL containing malicious script. If a victim clicks the link, the injected input is processed during web page generation, causing the attacker’s code to run in the victim’s bro...

6.1CVSS5.4AI score0.00199EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.7 views

PT-2026-47917

Name of the Vulnerable Software and Affected Versions Remote Desktop Client affected versions not specified Description A heap-based buffer overflow allows an unauthorized attacker to execute arbitrary code over a network, which can affect the system. A heap-based buffer overflow occurs when an...

7.6CVSS6.5AI score0.00461EPSS
Exploits0References7
Rows per page
Query Builder