Lucene search
K

2353 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/23 8:43 p.m.25 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilties with an update. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression cha...

8.9CVSS6.9AI score0.00626EPSS
Exploits0Affected Software1
NCSC
NCSC
added 2026/01/21 9:19 a.m.8 views

Vulnerabilities fixed in Oracle Database Server products

Oracle has fixed vulnerabilities in Oracle Database Server products. The vulnerabilities in Oracle Database Server allow unauthenticated attackers to compromise the integrity and confidentiality of data. This could lead to unauthorized access to sensitive data and even a possible takeover of the...

10CVSS6.9AI score0.3884EPSS
Exploits12References1
EUVD
EUVD
added 2026/01/21 12:31 a.m.4 views

EUVD-2026-3539

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications component: Security Management System. Supported versions that are affected are 14.5.0.15.0, 14.7.0.8.0 and 14.8.0.1.0. Easily exploitable vulnerability allows low privileged attacker with...

8.1CVSS5.5AI score0.00265EPSS
Exploits0References2
Redos
Redos
added 2026/01/21 12:0 a.m.5 views

ROS-20260121-73-0037

A vulnerability in the x86/mm component of the Linux operating system kernel is related to a flaw in the data security mechanism. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.8AI score0.00177EPSS
Exploits0
EUVD
EUVD
added 2026/01/10 12:31 a.m.6 views

EUVD-2026-1888

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, CryptoLib’s KMC crypto service integration is...

7.5CVSS7.5AI score0.00453EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/10 12:11 a.m.5 views

EUVD-2026-1895

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, in base64urlDecode, padding-stripping...

4.7CVSS6.3AI score0.00317EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.13 views

CVE-2023-40383

A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data...

3.3CVSS5.8AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:55 a.m.6 views

CVE-2018-4397

Analytics data was sent using HTTP rather than HTTPS. This was addressed by sending analytics data using HTTPS. This issue affected versions prior to Apple Support 2.4 for iOS...

4.3CVSS6.5AI score0.00833EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.11 views

CVE-2021-22316

There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and functional availability...

6.8CVSS6.8AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:56 a.m.10 views

CVE-2020-12037

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...

7.5CVSS6.7AI score0.00483EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/01/05 3:52 p.m.8 views

ALPRs are recording your daily drive (Lock and Code S06E26)

This week on the Lock and Code podcast … There's an entire surveillance network popping up across the United States that has likely already captured your information, all for the non-suspicion of driving a car. Automated License Plate Readers, or ALPRs, are AI-powered cameras that scan and store ...

7AI score
Exploits0
EUVD
EUVD
added 2025/12/26 12:30 a.m.4 views

EUVD-2025-205402

The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to an incorrect authorization check on the 'mediadeleteaction' function in all versions up to, and including, 1.2.6. This makes it possible for...

5.3CVSS5.6AI score0.00284EPSS
Exploits0References4
CVE
CVE
added 2025/12/18 10:2 p.m.26 views

CVE-2025-64676

CVE-2025-64676 concerns Microsoft Purview eDiscovery Remote Code Execution. A flaw in Purview (via the // path) allows an authorized attacker to execute code over the network. Affected software is Microsoft Purview/eDiscovery; the root cause is a path-related/code-execution flaw that can enable t...

7.2CVSS6.9AI score0.00904EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2025/12/16 11:30 a.m.5 views

Why Data Security and Privacy Need to Start in Code

AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now facing rapid growth in both the number of applications and the pace of change within those applications. Security and privacy teams are under significant pressure as t...

6.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.6 views

PT-2025-50700

In SwDcpItg of up L2commonPdcpSecurity.cpp, there is a possible denial of service due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS6.7AI score0.00264EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/02 12:22 p.m.8 views

CVE-2025-20373

In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...

2.7CVSS6.6AI score0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/26 6:31 p.m.5 views

EUVD-2025-199736

In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...

2.7CVSS6.1AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2025/11/26 6:15 p.m.6 views

CVE-2025-20373

In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...

2.7CVSS0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/26 5:59 p.m.10 views

CVE-2025-20373 Sensitive Information Disclosure in “_internal“ index through Splunk Add-On for Palo Alto Networks

In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...

2.7CVSS0.00196EPSS
Exploits0References1
CVE
CVE
added 2025/11/26 5:59 p.m.10 views

CVE-2025-20373

CVE-2025-20373 affects the Splunk Add-on for Palo Alto Networks (versions below 2.0.2). The issue is that client secrets are exposed in plaintext in the _internal index during the addition of new “Data Security Accounts.” Exploitation would require local access to log files or administrative acce...

2.7CVSS6.2AI score0.00196EPSS
Exploits0References1
Rows per page
Query Builder