Lucene search
K

3950 matches found

CNNVD
CNNVD
added 2026/04/03 12:0 a.m.10 views

Airbus AIRBUS PSS TETRA Connectivity Server 安全漏洞

Airbus AIRBUS PSS TETRA Connectivity Server is a communication software developed by Airbus. Version 7.0 of Airbus AIRBUS PSS TETRA Connectivity Server contains a security vulnerability. This vulnerability stems from improper default permission settings, which may lead to unauthorized access and...

8.6CVSS6.1AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-29994

Name of the Vulnerable Software and Affected Versions AIRBUS PSS TETRA Connectivity Server version 7.0 Description A flaw exists in AIRBUS PSS TETRA Connectivity Server on Windows Server OS that could allow an attacker to execute arbitrary code with SYSTEM privileges if a user is tricked into...

8.6CVSS6.2AI score0.00135EPSS
Exploits0References5
Qualys Blog
Qualys Blog
added 2026/03/30 3:0 p.m.7 views

Optimizing Risk Discovery and Remediation with Qualys Gateway Service (QGS)

Unpatched vulnerabilities remain one of the largest drivers of cyber risk, accounting for nearly 60% of cyber compromises. Modern security programs are therefore measured not only by how quickly they discover risk, but also by how efficiently they remediate it. As organizations scale vulnerabilit...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/03/25 1:39 a.m.6 views

[SECURITY] Fedora 43 Update: containernetworking-plugins-1.9.1-1.fc43

Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...

7.5CVSS7AI score0.00523EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/24 9:31 a.m.4 views

CVE-2026-32942

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a heap use-after-free vulnerability in the Interactive Connectivity Establishment ICE session. This occurs due to race conditions between session destruction and callbacks, potentially allowing for...

9.3CVSS6.5AI score0.00319EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 8:25 a.m.5 views

CVE-2026-3550 RockPress <= 1.0.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via AJAX Actions

The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.17. This is due to missing capability checks on multiple AJAX actions rockpressimport, rockpressimportstatus, rockpresslastimport, rockpressresetimport, and rockpresscheckservices...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References16
CVE
CVE
added 2026/03/20 8:25 a.m.10 views

CVE-2026-3550

CVE-2026-3550 – RockPress (WordPress) vulnerability : RockPress

5.3CVSS5.8AI score0.00402EPSS
Exploits0References16
EUVD
EUVD
added 2026/03/20 3:43 a.m.4 views

EUVD-2026-13520

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

9.3CVSS5.7AI score0.00319EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 3:27 a.m.3 views

CVE-2026-32939

DataEase is an open source data visualization analysis tool. Versions 2.10.19 and below have inconsistent Locale handling between the JDBC URL validation logic and the H2 JDBC engine's internal parsing. DataEase uses String.toUpperCase without specifying an explicit Locale, causing its security...

7.7CVSS5.8AI score0.00447EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.5 views

PT-2026-26591

The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.17. This is due to missing capability checks on multiple AJAX actions rockpress import, rockpress import status, rockpress last import, rockpress reset import, and rockpress check...

5.3CVSS5.8AI score0.00402EPSS
Exploits0References18
Vulnrichment
Vulnrichment
added 2026/03/11 4:31 p.m.6 views

CVE-2026-20074 Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System IS-IS multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. This vulnerability is due to insufficient input validation of ingre...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2026/03/06 8:6 p.m.5 views

The Future of Iran’s Internet Is More Uncertain Than Ever

Iran’s internet shutdown has reduced connectivity by 99 percent, with air strikes likely causing additional outages, and few workarounds remaining...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.5 views

Amazon Linux 2 : freerdp, --advisory ALAS2-2026-3166 (ALAS-2026-3166)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3166 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a...

9.8CVSS6AI score0.00756EPSS
Exploits6References14
RedhatCVE
RedhatCVE
added 2026/02/18 1:40 a.m.8 views

CVE-2025-70828

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration...

8.8CVSS6AI score0.00478EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/17 12:0 a.m.27 views

CVE-2025-70829

An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to access sensitive data via a custom H2 JDBC connection string...

0.00429EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/17 12:0 a.m.5 views

CVE-2025-70828

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration...

6.1AI score0.00478EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.8 views

datart 安全漏洞

Datart is an open-source data visualization platform developed by running-elephant. Version datart v1.0.0-rc.3 contains a security vulnerability. This vulnerability stems from the unchecked URL parameter in the JDBC configuration, which may allow attackers to execute arbitrary code...

8.8CVSS6.1AI score0.00478EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/11 8:56 p.m.4 views

CVE-2026-25994 PJSIP has a heap buffer overflow in ICE with long username

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a buffer overflow vulnerability exists in PJNATH ICE Session when processing credentials with excessively long usernames...

9.3CVSS5.9AI score0.01927EPSS
Exploits3References2
Microsoft KB
Microsoft KB
added 2026/02/10 4:0 p.m.53 views

February 10, 2026—KB5077179 (OS Build 28000.1575)

February 10, 2026—KB5077179 OS Build 28000.1575 This cumulative update for Windows 11, version 26H1 KB5077179, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

8.8CVSS7AI score0.25835EPSS
Exploits12
CNVD
CNVD
added 2026/01/30 12:0 a.m.5 views

Rockwell Automation ArmorStart LT Denial of Service Vulnerability (CNVD-2026-10854)

Rockwell Automation ArmorStart LT is a distributed motor controller from Rockwell Automation. A denial of service vulnerability exists in the Rockwell Automation ArmorStart LT, which originates from a device losing ICMP connectivity while performing a Burp Suite active scan, and can be exploited ...

8.7CVSS5.7AI score0.00423EPSS
Exploits0References1
Rows per page
Query Builder