Lucene search
K

7789 matches found

NVD
NVD
added yesterday3 views

CVE-2026-46262

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

Exploits0References7
Nuclei
Nuclei
added yesterday6 views

Sitecore CMS - Cross-Site Scripting

Sitecore CMS contains a cross-site scripting vulnerability via the "special way" of displaying XML Controls directly, which allows for a Cross Site Scripting Attack. id: CVE-2014-100004 info: name: Sitecore CMS - Cross-Site Scripting author: DhiyaneshDK severity: medium description: | Sitecore CM...

4.3CVSS5.6AI score0.0033EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday18 views

ZKTeco BioTime <= 9.0.1 - Privilege Escalation

BioTime default employee credentials password 123456 allow login. Sessions are not role-validated, enabling privilege escalation to perform admin actions and enumerate backup files. id: CVE-2023-38952 info: name: ZKTeco BioTime = 9.0.1 - Privilege Escalation author: riteshs4hu severity: high...

9.8CVSS7.3AI score0.18751EPSS
Exploits2References3
GithubExploit
GithubExploit
added 2 days ago38 views

specter-network-scanner

Specter Network Scanner 🕵️‍♂️ !Pythonhttps://img.shields.i...

5.8AI score
Exploits0
NVD
NVD
added 3 days ago7 views

CVE-2026-9311

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS0.00262EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-10277

A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initia...

6.5CVSS0.00042EPSS
Exploits0References8
Debian
Debian
added 3 days ago4 views

[SECURITY] [DSA 6317-1] symfony security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6317-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2026 https://www.debian.org/security/faq -...

7.3CVSS7.4AI score0.88664EPSS
Exploits0
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-33735

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS6.4AI score0.00262EPSS
Exploits0References1
CVE
CVE
added 3 days ago23 views

CVE-2026-9311

IBM WebSphere Application Server 9.0 and 8.5 are affected by a remote code execution vulnerability (CVE-2026-9311) caused by bypassing security controls. The IBM bulletin assigns CVSS v3.1 base score 9.0 (CRITICAL) with network attack vector, high attack complexity, no privileges required, and re...

9CVSS6.4AI score0.00262EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-9311

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS6.4AI score0.00262EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 3 days ago18 views

CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago5 views

CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS6.4AI score0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago5 views

CVE-2026-10277 j3k0 mcp-google-workspace MCP Gmail Tool gmail.ts saveToDisk access control

A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initia...

6.5CVSS6.1AI score0.00042EPSS
Exploits0References8
Cvelist
Cvelist
added 3 days ago24 views

CVE-2026-10255 SourceCodester Pharmacy Sales and Inventory System ShowForm.php sell_statement access control

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sellstatement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be launched remotely. The...

6.9CVSS0.00035EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-10255

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sellstatement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be launched remotely. The...

6.9CVSS5.7AI score0.00035EPSS
Exploits0References6Affected Software1
OSV
OSV
added 3 days ago3 views

BIT-KIBANA-2026-49093 Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access

Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress controls were intended to block...

7.7CVSS5.8AI score0.00033EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

BIT-ELK-2026-49093 Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access

Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress controls were intended to block...

7.7CVSS5.8AI score0.00033EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-33606

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

7.1CVSS5.8AI score0.00095EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-45660

eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results that include resources the requesting user is not authorized to view. The exposed information is limited only the title...

4.3CVSS5.8AI score0.00027EPSS
Exploits0References2
CNNVD
CNNVD
added 3 days ago1 views

NextCloud Forms security vulnerabilities

NextCloud Forms is an open-source, hosted questionnaire and form creation tool developed by NextCloud. There were security vulnerabilities in versions 4.3.0 to 5.2.7 of NextCloud Forms, which stemmed from unauthorized access to respondent files uploaded through affected forms, due to retained...

5.3CVSS5.8AI score0.00027EPSS
Exploits0References3
Rows per page
Query Builder