Lucene search
K

2354 matches found

Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32560

Name of the Vulnerable Software and Affected Versions SAP Business Planning and Consolidation affected versions not specified SAP Business Warehouse affected versions not specified Description Insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse...

9.9CVSS6.3AI score0.00501EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.4 views

CVE-2026-35167

Kedro is a toolbox for production-ready data science. Prior to 1.3.0, the getversionedpath method in kedro/io/core.py constructs filesystem paths by directly interpolating user-supplied version strings without sanitization. Because version strings are used as path components, traversal sequences...

8.1CVSS5.9AI score0.00327EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/04/07 10:45 a.m.8 views

Support platform breach exposes Hims & Hers customer data

Healthcare companies handle some of the most personal data imaginable. That makes them a magnet for hackers. And when those companies outsource their customer support to third-party platforms, every one of those platforms becomes another door someone can try to kick in. Telehealth giant Hims & He...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/06 5:43 p.m.5 views

CVE-2026-35167

Kedro is a toolbox for production-ready data science. Prior to 1.3.0, the getversionedpath method in kedro/io/core.py constructs filesystem paths by directly interpolating user-supplied version strings without sanitization. Because version strings are used as path components, traversal sequences...

7.1CVSS5.9AI score0.00327EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/01 9:14 p.m.4 views

GHSA-P433-9WV8-28XJ ONNX: External Data Symlink Traversal

Summary - Issue: Symlink traversal in external data loading allows reading files outside the model directory. - Affected code: onnx/onnx/checker.cc: resolveexternaldatalocation used via Python onnx.externaldatahelper.loadexternaldataformodel. - Impact: Arbitrary file read confidentiality breach...

5.5CVSS5.8AI score0.00248EPSS
Exploits1References4
HackRead
HackRead
added 2026/04/01 10:0 a.m.3 views

Defending Encryption in the Post Quantum Era

Post-quantum cryptography explained, risks of quantum attacks, and steps to secure data, systems, and infrastructure for a quantum-resilient…...

5.9AI score
Exploits0
NVD
NVD
added 2026/03/26 10:16 p.m.5 views

CVE-2026-28377

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Thanks to williamgoodfellow for reporting this vulnerability...

7.5CVSS0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.7 views

Microsoft Purview 代码问题漏洞

Microsoft Purview is a data security and management software developed by the American company Microsoft. There is a code vulnerability in Microsoft Purview, which stems from server-side request forgery. This vulnerability could allow unauthorized attackers to gain elevated privileges through the...

10CVSS5.9AI score0.00566EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2026/03/16 5:10 p.m.6 views

New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation

As organizations adopt AI, security and governance remain core primitives for safe AI transformation and acceleration. After all, data leaders are aware of the notion that: Your AI is only as good as your data. Organizations are skeptical about AI transformation due to concerns of sensitive data...

5.9AI score
Exploits0
NVD
NVD
added 2026/03/10 5:38 p.m.8 views

CVE-2026-27687

Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...

5.8CVSS0.00262EPSS
Exploits0References2
CVE
CVE
added 2026/03/02 4:17 p.m.13 views

CVE-2026-28360

NocoDB (software for building databases as spreadsheets) had a vulnerability prior to version 0.301.3 where shared view passwords were stored in plaintext in the database and compared via direct string equality. The issue has been addressed and fixed in version 0.301.3. Practical impact is limite...

6.9CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 2:44 p.m.12 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malforme...

8.1CVSS6AI score0.02054EPSS
Exploits2Affected Software1
The Hacker News
The Hacker News
added 2026/02/26 12:6 p.m.11 views

Expert Recommends: Prepare for PQC Right Now

Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place sooner rather than later. That, of course, applies to adversaries as well. The rise of ransomware and cyber extortion generated funding for a complex a...

6.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 4:9 a.m.9 views

Security Bulletin: The IBM SPSS Collaboration and Deployment Services impacted by multiple vulnerabilities disclosed in IBM Semeru Runtime

Summary The IBM SPSS Collaboration and Deployment Services impacted by multiple vulnerabilities disclosed in IBM Semeru Runtime CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTIO...

9.8CVSS6.2AI score0.00864EPSS
Exploits1Affected Software1
CVE
CVE
added 2026/02/19 9:16 a.m.13 views

CVE-2026-22267

CVE-2026-22267 affects Dell PowerProtect Data Manager prior to version 19.22. The vulnerability is an Incorrect Privilege Assignment that could allow a low privileged attacker with remote access to achieve Elevation of Privileges . The CVSS:3.1 metrics indicate network attack vector, low attack c...

8.8CVSS5.6AI score0.00407EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/14 1:27 a.m.4 views

CVE-2025-9293

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the...

7.7CVSS5.5AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 4:52 p.m.7 views

EUVD-2020-30980

GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access...

7.1CVSS5.3AI score0.00263EPSS
Exploits1References4
Microsoft Secure
Microsoft Secure
added 2026/01/29 5:0 p.m.5 views

New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data

Generative AI and agentic AI are redefining how organizations innovate and operate, unlocking new levels of productivity, creativity and collaboration across industry teams. From accelerating content creation to streamlining workflows, AI offers transformative benefits that empower organizations ...

5.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/01/29 5:0 p.m.10 views

New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data

Generative AI and agentic AI are redefining how organizations innovate and operate, unlocking new levels of productivity, creativity and collaboration across industry teams. From accelerating content creation to streamlining workflows, AI offers transformative benefits that empower organizations ...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/29 1:1 p.m.19 views

ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories

This week's updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until they add up. The kind that affects systems people rely on every day. Many of the stories point to the same trend: familiar tools being used in unexpected ways...

10CVSS7.4AI score0.99562EPSS
Exploits379
Rows per page
Query Builder