Lucene search
K

33944 matches found

Cvelist
Cvelist
added 2026/05/06 8:48 a.m.42 views

CVE-2026-40001 Local privilege escalation vulnerability in ZTE PROCESS Guard service of the cloud computer client

There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...

5.2CVSS0.00128EPSS
Exploits0References1
Akamai Blog
Akamai Blog
added 2026/05/06 8:30 a.m.8 views

Akamai Cloud Is Built for What Cloud Has Become (Updated May 2026)

...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/05/06 8:5 a.m.32 views

CVE-2026-35255

Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability allows unauthenticated attacker to compromise Oracle Cloud Native Environment Command Line...

6.6CVSS0.00182EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 8:5 a.m.10 views

CVE-2026-35255

Oracle Cloud Native Environment Command Line Interface (CNCLI) vulnerability in v2.3.2 where a malicious environment variable can allow an unauthenticated attacker to execute arbitrary code. CVSS: LOCAL attack vector, LOW complexity, LOW privileges required, user interaction required; impact is h...

6.6CVSS6AI score0.00182EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 8:5 a.m.10 views

CVE-2026-35255

Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability allows unauthenticated attacker to compromise Oracle Cloud Native Environment Command Line...

6.6CVSS6AI score0.00182EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 8:5 a.m.5 views

CVE-2026-35255

Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability allows unauthenticated attacker to compromise Oracle Cloud Native Environment Command Line...

6.6CVSS6AI score0.00182EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/06 7:8 a.m.14 views

EUVD-2026-27534

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

6.1CVSS5.8AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 7:8 a.m.41 views

CVE-2026-35254

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

6.1CVSS0.00146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.20 views

PT-2026-38638

Name of the Vulnerable Software and Affected Versions Next.js versions 13.4.13 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description Self-hosted applications using the built-in Node.js server are subject to server-side request forgery SSRF, a condition where an attacker forces a serv...

8.6CVSS6AI score0.38696EPSS
Exploits9References63
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-37356

Name of the Vulnerable Software and Affected Versions Argo CD versions 3.2.0 through 3.2.10 Argo CD versions 3.3.0 through 3.3.8 Description A missing authorization and data-masking gap exists in the '/application.ApplicationService/ServerSideDiff' endpoint. This allows an attacker with read-only...

9.6CVSS5.8AI score0.00505EPSS
Exploits2References175
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37373

Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability allows unauthenticated attacker to compromise Oracle Cloud Native Environment Command Line...

6.6CVSS6AI score0.00182EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-37348

Name of the Vulnerable Software and Affected Versions Oracle OCI CLI version 3.77 Description An issue in the Oracle OCI CLI product of Oracle Open Source Projects allows an unauthenticated attacker with network access to compromise the system. This flaw enables users to perform a path traversal,...

6.1CVSS5.8AI score0.00146EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.7 views

Oracle Cloud Native Environment Command Line Interface 代码注入漏洞

Oracle Cloud Native Environment Command Line Interface is a command-line tool for managing cloud-native environment clusters provided by Oracle Corporation. Version 2.3.2 of Oracle Cloud Native Environment Command Line Interface contains a code injection vulnerability. This vulnerability could...

6.6CVSS6.2AI score0.00182EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/06 12:0 a.m.11 views

Directory Traversal

Overview org.springframework.cloud:spring-cloud-config-server is a library that provides an HTTP resource-based API for external configuration. Affected versions of this package are vulnerable to Directory Traversal via the EnvironmentController, ResourceController, and EncryptionController reque...

8.8CVSS6.3AI score0.0022EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.9 views

Oracle OCI CLI 路径遍历漏洞

Oracle OCI CLI is a cloud infrastructure management command-line tool developed by Oracle Corporation in the United States. Version 3.77 of Oracle OCI CLI contains a path traversal vulnerability. This vulnerability allows unauthorized attackers to access the system through the network, enabling...

6.1CVSS5.8AI score0.00146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37374

There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...

5.2CVSS6AI score0.00128EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.15 views

AoI-Guided Client Selection for Robust and Timely Federated Intrusion Detection in Cloud-Edge Security Analytics

Federated learning FL is attractive for cloud-edge intrusion detection because it enables collaborative training over distributed telemetry without centralizing raw logs. In production security analytics pipelines, however, only a subset of clients participates in each round, and heterogeneous...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.7 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-41002 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-41002 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439108...

8.1CVSS5.8AI score0.0022EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.11 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-40982 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439043...

9.1CVSS5.8AI score0.00727EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.7 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-41004 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439025...

4.4CVSS5.8AI score0.00168EPSS
Exploits0
Rows per page
Query Builder