Lucene search
K

4751 matches found

Nuclei
Nuclei
added yesterday77 views

iTop Hub Connector - Information Disclosure

Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info name, version and parameters can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0. id: CVE-2024-32870 info: name: iTop Hub...

5.8CVSS6.9AI score0.00731EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday551 views

elFinder <= 2.1.47 - Command Injection

elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. The vulnerability occurs when performing image operations on JPEG files, where the filename is passed to the exiftran utility without proper sanitization, allowing command injection. id: CVE-2019-9194 info: name:...

9.8CVSS7AI score0.96633EPSS
Exploits11References5
RedHat Linux
RedHat Linux
added 5 days ago3 views

apache-cxf: org.apache.cxf/cxf-integration-jca: Apache CXF: Arbitrary code execution via JNDI Injection

A flaw was found in Apache CXF's JCA integration module. This Java Naming and Directory Interface JNDI Injection vulnerability allows for arbitrary code execution. A remote attacker could exploit this by manipulating the Java EE Connector Architecture JCA deployment descriptor ra.xml or runtime...

8.1CVSS6.4AI score0.0083EPSS
Exploits0References6
CVE
CVE
added 5 days ago11 views

CVE-2026-59207

The CVE covers n8n (open source workflow automation) where, prior to versions 2.27.4 and 2.28.1, the AI Agents feature did not enforce the Allowed HTTP Request Domains restriction configured on credentials when an MCP tool targeted an arbitrary URL. This allowed a member-level user with use-only ...

7.1CVSS6.1AI score0.00263EPSS
Exploits0References3Affected Software1
Nuclei
Nuclei
added last week65 views

Atlassian Confluence Server - Path Traversal

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 the fixed version for 6.6.x, from version 6.7.0 before 6.12.3 the fixed version for 6.12.x, from version 6.13.0 before 6.13.3 the fixed version for 6.13.x, and from version 6.14.0 before 6.14.2 the fixed version for...

10CVSS8AI score0.99913EPSS
Exploits20References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/07 6:25 a.m.7 views

Malicious code in zluri-ad-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a807f066f0255f7480ebd7d445043282260b464b0ef54a32a2d022c93bbf7 The package declares a preinstall hook node index.js that runs automatically on npm install. index.js requires os, dns, https, querystring, and the...

6AI score
Exploits0References1
OSV
OSV
added 2026/07/07 6:25 a.m.3 views

MAL-2026-6910 Malicious code in zluri-ad-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a807f066f0255f7480ebd7d445043282260b464b0ef54a32a2d022c93bbf7 The package declares a preinstall hook node index.js that runs automatically on npm install. index.js requires os, dns, https, querystring, and the...

6.1AI score
Exploits0References1
OSV
OSV
added 2026/07/06 4:18 p.m.5 views

BIT-TOMCAT-2026-53434 Apache Tomcat: Invalid CRL configuration doesn't trigger failure for FFM Connector

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0 through 11.0.22, from 10.1.0 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version 11.0.23,...

9.1CVSS6AI score0.00368EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/07/01 3:15 a.m.4 views

SUSE CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

6.5CVSS6AI score0.00368EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-11806

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled...

7.5CVSS0.00472EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 7:43 p.m.40 views

CVE-2026-11806 IBM WebSphere Application Server Liberty is affected by a an arbitrary file read vulnerability

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled...

7.2CVSS0.00472EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/30 5:33 p.m.13 views

CVE-2026-49432

A flaw was found in Apache ActiveMQ. A remote, unauthenticated attacker can exploit an improper input validation vulnerability by sending a specially crafted message with a negative content-length to an exposed STOMP connector. This can lead to a denial of service DoS condition, either by consumi...

7.5CVSS5.6AI score0.00844EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/30 7:49 a.m.31 views

CVE-2026-53434

A flaw was found in Apache Tomcat. When configuring Certificate Revocation Lists CRLs for a FFM presumably a specific type of connector, the system fails to detect and act upon an error condition. This oversight could lead to unexpected behavior or a security bypass, as the intended security...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 9:16 p.m.5 views

DEBIAN-CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References1
OSV
OSV
added 2026/06/29 9:16 p.m.5 views

UBUNTU-CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/29 8:41 p.m.8 views

CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

9.1CVSS5.7AI score0.00368EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:41 p.m.5 views

CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

5.7AI score0.00368EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/29 8:41 p.m.122 views

CVE-2026-53434

CVE-2026-53434 affects Apache Tomcat when CRLs are configured for a FFM-based connector. The root cause is a failure to detect an error condition without action, potentially bypassing security checks. Affected versions include Tomcat 11.0.0-M1 through 11.0.22, 10.1.0-M7 through 10.1.55, and 9.0.8...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/29 8:41 p.m.1 views

CVE-2026-53434 Apache Tomcat: Invalid CRL configuration doesn't trigger failure for FFM Connector

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

9.1CVSS6AI score0.00368EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/29 8:41 p.m.47 views

CVE-2026-53434 Apache Tomcat: Invalid CRL configuration doesn't trigger failure for FFM Connector

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

0.00368EPSS
Exploits0References1
Rows per page
Query Builder