Lucene search
+L

347413 matches found

OSV
OSV
added 34 minutes ago9 views

UBUNTU-CVE-2026-9494

An information disclosure vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process, the secret bearer token is embedded directly in...

5.5CVSS6.1AI score
Exploits0References3
OSV
OSV
added 34 minutes ago9 views

UBUNTU-CVE-2026-11386

An input validation and injection vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client constructs APT source files such as /etc/apt/sources.list.d/ubuntu-.list or their DEB822 equivalents using data received directly from the contract server response via...

9CVSS6.4AI score
Exploits0References3
OSV
OSV
added 34 minutes ago9 views

UBUNTU-CVE-2026-12391

An insecure symlink following vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools within the pro collect-logs command framework. The utility creates or utilizes predictable temporary file paths or user-accessible log directories when gathering diagnostic informatio...

5CVSS6.1AI score
Exploits0References3
GithubExploit
GithubExploit
added 48 minutes ago2 views

Exploit for Path Traversal in Gogs

CVE-2025-8110 — Gogs Arbitrary File Write PoC Proof-of-conc...

8.8CVSS8AI score0.7654EPSS
Exploits18
Malwarebytes
Malwarebytes
added 2 hours ago4 views

Shark vacuum flaw exposes cameras, home maps and Wi-Fi passwords

Shark’s cloud-connected robot vacuums are currently exposed by an unpatched AWS Amazon Web Services IoT Internet of Things policy flaw that could turn one compromised device into a remote-control skeleton key for many others in the same region, with access to cameras, maps, and Wi‑Fi passwords. A...

6AI score
Exploits0
GithubExploit
GithubExploit
added 2 hours ago5 views

Windows-AppResolver-LPE-PoC

Windows AppResolver LPE PoC Proof of concept for an AppResolv...

7.8CVSS5.6AI score0.00402EPSS
Exploits2
GithubExploit
GithubExploit
added 2 hours ago7 views

Exploit for CVE-2026-50454

CVE-2026-50454 SYSTEM Shell PoC Proof of concept for CVE-2026...

7.8CVSS5.7AI score0.00402EPSS
Exploits2
The Hacker News
The Hacker News
added 3 hours ago7 views

The Race to Field Military Autonomy Is On, Can Trusted Information Infrastructure Keep Pace?

Military forces are under increasing pressure to field autonomous capabilities faster than ever before. Across the U.S., UK, and NATO, new investment, evolving defense strategies, and accelerated acquisition pathways are transforming how capability is delivered, rewarding programs that can move...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 4 hours ago3 views

Security Bulletin: Multiple vulnerabilities in IBM Guardium Unified Discovery and Classification (GUDC) container images

Summary Security vulnerabilities have been addressed in the IBM Guardium Unified Discovery and Classification GUDC container images Vulnerability Details CVEID:CVE-2025-0167 DESCRIPTION: When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password use...

9.3CVSS7.2AI score0.00723EPSS
Exploits7Affected Software1
NVD
NVD
added 5 hours ago9 views

CVE-2026-62764

Improper Handling of Insufficient Privileges vulnerability in Apache Accumulo. An authenticated, but low-privileged user without system permissions may issue a remote command to gracefully shutdown system components compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver,...

5.7CVSS
Exploits0References5
The Hacker News
The Hacker News
added 5 hours ago8 views

ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files

ACR Stealer, an infostealer in circulation since 2024, is walking out of enterprise networks with saved browser passwords, live session tokens, PDFs, Microsoft 365 documents, and files from synced OneDrive and SharePoint folders. It gets in because someone pasted a command into a Run box and...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 5 hours ago5 views

New GoSerpent Malware Targets Southeast Asian Governments and Diplomats for Espionage

Cybersecurity researchers have discovered a previously undocumented malware called GoSerpent that has been put to use in cyber attacks targeting entities in Southeast Asia since late 2025 with a focus on long-term access and intelligence gathering. Russian cybersecurity company Kaspersky, which...

6.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 5 hours ago6 views

CVE-2026-62764 Apache Accumulo: A user can trigger a graceful shutdown of services without the relevant system permissions

Improper Handling of Insufficient Privileges vulnerability in Apache Accumulo. An authenticated, but low-privileged user without system permissions may issue a remote command to gracefully shutdown system components compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver,...

5.7CVSS5.4AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 5 hours ago2 views

CVE-2026-62764

Improper Handling of Insufficient Privileges vulnerability in Apache Accumulo. An authenticated, but low-privileged user without system permissions may issue a remote command to gracefully shutdown system components compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver,...

5.7CVSS5.4AI score
Exploits0References5Affected Software1
Cvelist
Cvelist
added 5 hours ago10 views

CVE-2026-62764 Apache Accumulo: A user can trigger a graceful shutdown of services without the relevant system permissions

Improper Handling of Insufficient Privileges vulnerability in Apache Accumulo. An authenticated, but low-privileged user without system permissions may issue a remote command to gracefully shutdown system components compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver,...

5.7CVSS
Exploits0References4
CVE
CVE
added 5 hours ago6 views

CVE-2026-62764

CVE-2026-62764 affects Apache Accumulo 2.1.4 and 2.1.5. An authenticated, low-privilege user without system permissions can remotely issue a command to gracefully shutdown several components (e.g., compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver), causing a denial of ...

5.7CVSS5.4AI score
Exploits0References5
EUVD
EUVD
added 5 hours ago7 views

EUVD-2026-45154

Improper Handling of Insufficient Privileges vulnerability in Apache Accumulo. An authenticated, but low-privileged user without system permissions may issue a remote command to gracefully shutdown system components compaction-coordinator, compactor, gc, manager, monitor, tserver, or sserver,...

5.7CVSS5.4AI score
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 6 hours ago3 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.13.0 Vulnerability Details CVEID:CVE-2023-5752 DESCRIPTION: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision...

8.7CVSS6.3AI score0.00549EPSS
Exploits3Affected Software1
NCSC
NCSC
added 6 hours ago10 views

vulnerabilities present in Microsoft Office

Microsoft has uncovered vulnerabilities in various Office products, such as Word, Excel, PowerPoint, and SharePoint. A malicious individual can exploit these vulnerabilities to carry out attacks that can cause various types of damage, as listed in the table below. For successful exploitation, the...

9.8CVSS7AI score0.20346EPSS
Exploits0References3
GithubExploit
GithubExploit
added 6 hours ago19 views

Exploit for Improper Handling of Case Sensitivity in Apache Camel

camel-cxf-rest / camel-cxf / camel-knative-http Header Injecti...

9.8CVSS5.8AI score0.01425EPSS
Exploits1
Rows per page
Query Builder