Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/02/25 4:7 a.m.6 views

CVE-2026-3066

A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command...

8.8CVSS5.3AI score0.09143EPSS
Exploits1References1
NVD
NVD
added 2026/02/24 4:15 a.m.6 views

CVE-2026-3066

A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command...

8.8CVSS0.09143EPSS
Exploits1References4
OSV
OSV
added 2026/02/24 4:15 a.m.4 views

CVE-2026-3066

A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command...

8.8CVSS5.4AI score
Exploits0References4
Cvelist
Cvelist
added 2026/02/24 3:2 a.m.22 views

CVE-2026-3066 HummerRisk Cloud Compliance Scanning PlatformUtils.java fixedCommand command injection

A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command...

6.5CVSS0.09143EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/24 3:2 a.m.4 views

CVE-2026-3066

A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command...

6.5CVSS5.3AI score0.09143EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/24 3:2 a.m.6 views

EUVD-2026-7397

A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command...

8.8CVSS5.3AI score0.09143EPSS
Exploits1References4
CVE
CVE
added 2026/02/24 3:2 a.m.15 views

CVE-2026-3066

CVE-2026-3066 affects HummerRisk (up to 1.5.0) in the Cloud Compliance Scanning component. The vulnerability targets PlatformUtils.fixedCommand and enables remote command injection. Multiple sources confirm remote exploitation potential and that an exploit has been published; CVSS-based assessmen...

8.8CVSS6.3AI score0.09143EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.7 views

PT-2026-21659

A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command...

6.5CVSS6.3AI score0.09143EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-23419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate...

5.3CVSS5.5AI score0.02557EPSS
Exploits0References3
Qualys Blog
Qualys Blog
added 2024/02/01 12:0 a.m.36 views

Identify and De-risk Unmanaged, Unauthorized Devices With Qualys CyberSecurity Asset Management (CSAM)

69% of organizations said they experienced at least one cyberattack resulting from an exploit of an unknown or unmanaged asset such as software, cloud-based workloads user accounts, and IoT devices. Ultimately, these attacks stem from visibility gaps in the attack surface. Bringing these assets...

7.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/03/23 12:0 a.m.8 views

Maintain File Security during Compliance Scanning

Learn how to integrate security into the build process to protect downstream workflows from risk...

3.7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/06/26 3:33 p.m.15 views

Principles of a Cloud Migration

Development and application teams can be the initial entry point of a cloud migration as they start looking at faster ways to accelerate value delivery. One of the main things they might use during this is “Infrastructure as Code,” where they are creating cloud resources for running their...

7.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/01/29 5:0 p.m.80 views

Policy Compliance Adds UDC Support for Cloud Agent

Qualys is extending the Cloud Agent capabilities for users of the Policy Compliance PC application by letting them define controls. Until now, the Cloud Agent could only assess Qualys PC’s “out of the box” controls. By adding support for user defined controls UDC, Qualys PC users now can use Clou...

0.7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2017/05/18 4:0 p.m.44 views

Better Trusted Scanning with Qualys-CyberArk Integration

To manage privileged credentials, especially across multiple systems in complex environments, many organizations use privileged account security solutions. Qualys has integrated with such solutions for a long time, and has recently upgraded its CyberArk integration to include CyberArk Application...

7.2AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/03/21 7:57 p.m.164 views

MaxPatrol 8 installation process

Today I have a great opportunity to write about MaxPatrol 8. For me it is a very nostalgic experience. I worked for many year in Positive Technologies developing this product. And now I can write about it from the customer side. MaxPatrol is still not very well known outside Russia and CIS,...

6.8AI score
Exploits0
Rows per page
Query Builder