Lucene search
K

33935 matches found

Wiz blog
Wiz blog
added 2026/05/11 1:0 p.m.13 views

Wiz at Wiz: Reducing Risk through Service Ownership

How Wiz security uses Service Catalog to turn cloud risk into service ownership...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/11 10:16 a.m.17 views

CVE-2026-26946

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS0.00104EPSS
Exploits0References1
NVD
NVD
added 2026/05/11 10:16 a.m.18 views

CVE-2026-35157

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote...

9.8CVSS0.00317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 9:39 a.m.8 views

CVE-2026-26946

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS5.8AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 9:33 a.m.20 views

CVE-2026-35157

Dell ECS 3.8.1.0–3.8.1.7 and Dell ObjectScale

9.8CVSS5.9AI score0.00317EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2026/05/11 9:27 a.m.38 views

CVE-2025-43992

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 8:57 a.m.8 views

CVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...

9.8CVSS5.8AI score0.00223EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 8:57 a.m.6 views

CVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...

9.8CVSS5.8AI score0.00223EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/11 1:2 a.m.11 views

[SECURITY] Fedora 43 Update: rclone-1.74.0-2.fc43

"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...

9.8CVSS5.8AI score0.34734EPSS
Exploits3
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.8 views

Dell ECS 安全漏洞

Dell ECS is an enterprise-level object storage solution from the American company Dell. Versions 3.8.1.0 to 3.8.1.7 of Dell ECS, as well as versions prior to 4.3.0.0 of Dell ObjectScale, have security vulnerabilities. These vulnerabilities stem from improper management of operating system...

6.7CVSS5.8AI score0.00104EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.7 views

Dell ECS和Dell ObjectScale 信任管理问题漏洞

Dell ECS and Dell ObjectScale are both products of the American company Dell. Dell ECS is an scalable, manageable, and elastic enterprise-level object storage solution. Dell ObjectScale is an object storage platform. There were security management vulnerabilities in versions 3.8.1.0 to 3.8.1.7 of...

9.8CVSS5.8AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Meari IoT Cloud MQTT Broker EMQX 安全漏洞

Meari IoT Cloud MQTT Broker EMQX is a high-performance IoT messaging proxy service based on the MQTT protocol provided by Meari Corporation. A security vulnerability exists in the Meari IoT Cloud MQTT Broker EMQX 4.x version. This vulnerability stems from the lack of authorization for device-leve...

7.7CVSS5.8AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.8 views

MLflow 代码问题漏洞

MLflow is an open-source platform that simplifies machine learning development. It includes features for tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of MLflow prior to 3.9.0 contained code vulnerabilities. These vulnerabilities stemmed fr...

7.1CVSS7.2AI score0.00288EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.10 views

PT-2026-39585

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS5.8AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.16 views

PT-2026-39642

In Meari IoT Cloud alert image storage on Alibaba OSS latest observed; storage service version not disclosed, motion snapshots are retrievable without authentication, signed URLs, or expiry enforcement. URLs function as direct object references and remain valid beyond expected operational windows...

7.5CVSS5.8AI score0.00293EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.8 views

Devs Palace ERP Online 跨站脚本漏洞

Devs Palace ERP Online is a cloud-based enterprise resource planning and business management system developed by Devs Palace. Versions of Devs Palace ERP Online 4.0.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from an unknown function in the...

4.8CVSS5.6AI score0.00253EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39716

Bitwarden Server prior to v2026.4.0 contains a missing authorization vulnerability that allows a provider service user to add an arbitrary organization to their provider via POST /providers/providerId/clients/existing, resulting in takeover of the target organization; self-hosted installations ar...

8.9CVSS5.9AI score0.00596EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.11 views

PT-2026-39588

Name of the Vulnerable Software and Affected Versions Dell ECS versions 3.8.1.0 through 3.8.1.7 Dell ObjectScale versions prior to 4.3.0.0 Description An issue involving the use of hard-coded credentials allows an unauthenticated attacker with local access to potentially gain filesystem access...

9.8CVSS5.8AI score0.00223EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.10 views

PT-2026-39649

Name of the Vulnerable Software and Affected Versions MLflow versions prior to 3.9.0 Description A Server-Side Request Forgery SSRF issue exists where the create webhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation. Subsequently, the send webhoo...

7.1CVSS7.2AI score0.00288EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.7 views

Meari Alibaba OSS 安全漏洞

Meari Alibaba OSS is an IoT cloud data storage solution developed by Meari Company, which integrates object storage services. There is a security vulnerability in Meari Alibaba OSS. This vulnerability arises from the lack of authentication, signed URLs, and expiration controls in Meari IoT Cloud...

7.5CVSS5.8AI score0.00293EPSS
Exploits0References1
Rows per page
Query Builder