Lucene search
K

1820 matches found

NVD
NVD
added 2026/06/30 10:16 a.m.11 views

CVE-2025-24816

Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges...

6.5CVSS0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 8:58 a.m.39 views

CVE-2025-24816 An Improper Access Control vulnerability in Nokia MantaRay NM

Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges...

0.00276EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 8:58 a.m.13 views

CVE-2025-24816

Technical details about CVE-2025-24816 are not publicly available in the provided documents; monitor for updates from Nokia and vulnerability databases.

6.5CVSS5.8AI score0.00276EPSS
Exploits0References1
Redos
Redos
added 2026/06/17 12:0 a.m.5 views

ROS-20260617-73-0021

The vulnerability of the console-based graphic editor ImageMagick is related to deficiencies in pathname restrictions for the directory. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data...

8.6CVSS7.8AI score0.00671EPSS
Exploits0
Redos
Redos
added 2026/06/17 12:0 a.m.6 views

ROS-20260617-73-0022

The vulnerability of the console-based graphic editor ImageMagick is related to deficiencies in pathname restrictions for the directory. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data...

8.6CVSS7.8AI score0.00671EPSS
Exploits0
Redos
Redos
added 2026/06/17 12:0 a.m.7 views

ROS-20260617-73-0027

The vulnerability of the msl.c component in the console-based image editing tool ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data or cause service interruptions...

9.8CVSS5.8AI score0.00272EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.10 views

CVE-2026-2401

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker...

5CVSS5.4AI score0.00103EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34296

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

4.3CVSS7.3AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.8 views

CVE-2024-36315

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...

5.7CVSS5.4AI score0.00135EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 3:24 p.m.10 views

CVE-2026-45679

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values, this behavior can exfiltrate...

6.5CVSS5.7AI score0.00212EPSS
Exploits1References3Affected Software1
Redos
Redos
added 2026/05/29 12:0 a.m.15 views

ROS-20260529-73-0020

The vulnerability of the cURL command-line utility lies in the use of an uninitialized resource. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

5.3CVSS5.8AI score0.04929EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in usbutils

The vulnerability of the readlinkrecursive function in the USBUtils utility is related to buffer overflow on the stack. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

6.6CVSS5.9AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the console-based graphic editor ImageMagick, related to deficiencies in pathname restrictions for directories, allows attackers to gain access to confidential data.

The vulnerability of the console-based graphic editor ImageMagick is related to deficiencies in pathname restrictions for the directory. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data...

8.6CVSS7.2AI score0.00671EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the msl.c component in the console-based image editing tool ImageMagick allows a hacker to gain access to confidential data or cause a service failure.

The vulnerability of the msl.c component in the console-based image editing tool ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data or cause service interruptions...

7.4CVSS7.4AI score0.00272EPSS
Exploits0References9Affected Software5
Cvelist
Cvelist
added 2026/05/12 7:19 p.m.48 views

CVE-2026-44874 Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface

A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system...

4.9CVSS0.00305EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:19 p.m.6 views

CVE-2026-44874

A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system...

4.9CVSS5.8AI score0.00305EPSS
Exploits0References2Affected Software1
Redos
Redos
added 2026/05/05 12:0 a.m.9 views

ROS-20260505-73-0013

A vulnerability in the http.cookies library of the Python programming language interpreter CPython is related to improper encoding or escaping of output data. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information...

7.5CVSS7.3AI score0.00419EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2026/04/28 12:0 a.m.5 views

ConnectWise ScreenConnect Path Traversal Vulnerability

ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems...

8.4CVSS9.3AI score0.87624EPSS
In wildExploits5
EUVD
EUVD
added 2026/04/21 9:31 p.m.5 views

EUVD-2026-24447

Vulnerability in the PeopleSoft Enterprise CS Student Records product of Oracle PeopleSoft component: Research Tracking. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise ...

5.7CVSS5.8AI score0.00187EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.6 views

CVE-2026-34299

Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft component: Work Order Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder