Lucene search
K

7875 matches found

NVD
NVD
added 2026/06/19 12:16 a.m.16 views

CVE-2026-12047

HTML injection in pgAdmin 4's cloud deployment module. The verifycredentials, deploy, regions, and update-server endpoints under /rds/, /azure/, /google/, and the top-level /cloud/ blueprint propagated AWS / Azure / Google SDK exception text — and the related file-resolution and database-commit...

5.4CVSS0.00137EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 5:16 p.m.12 views

CVE-2026-20181

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

9.1CVSS0.00748EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 4:16 p.m.88 views

CVE-2026-20181

Cisco ISE/ISE-PIC in Cisco IOS XE is affected by CVE-2026-20181. The CVE entry describes authenticated remote command execution via crafted HTTP input with privilege escalation to root and potential DoS in single-node deployments. Connected PT-security material (PT-2026-34270) references a separa...

9.1CVSS5.9AI score0.00748EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46875

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Deployment Library. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise...

9.1CVSS0.00453EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.9 views

CVE-2026-35289

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Deployment Package. Supported versions that are affected are 8.61 and 8.62. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise PeopleSoft...

8.1CVSS0.00407EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.6 views

CVE-2026-35288

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Deployment Package. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where PeopleSoft Enterpri...

8.2CVSS0.00187EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.11 views

CVE-2026-35272

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Deployment Package. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterpri...

8.4CVSS0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.6 views

CVE-2026-35274

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Deployment Package. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

8.2CVSS0.00392EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/16 8:15 p.m.17 views

LobeHub: Unauthenticated SSRF in `/webapi/proxy`

Unauthenticated SSRF in /webapi/proxy allows anyone to proxy requests and inject cookies on lobehub.com Summary The /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST body and fetches it server-side without any authentication. This is the same proxy code that was vulnerable in...

9CVSS8.4AI score0.52683EPSS
Exploits2References2Affected Software1
NCSC
NCSC
added 2026/06/16 1:13 p.m.17 views

Vulnerabilities found in Check Point Remote and Mobile Access VPN-products

Check Point has identified vulnerabilities in Remote and Mobile Access VPN products, specifically those implemented using the IKEv1 key exchange protocol. Two vulnerabilities have been identified in Check Point Security Gateways and Remote Access VPN environments that utilize the outdated IKEv1...

9.3CVSS6AI score0.70099EPSS
Exploits5References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-49861

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft PeopleSoft Enterprise PT PeopleTools versions 8.61 through 8.62 Description An issue exists in the Deployment Package component of PeopleSoft Enterprise PT PeopleTools. A high-privileged attacker with access to the...

8.2CVSS5.3AI score0.00187EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-49983

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Deployment Library component of the Oracle Enterprise Manager Base Platform. A high privileged attacke...

9.1CVSS5.8AI score0.00453EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-49862

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise PT PeopleTools versions 8.61 PeopleSoft Enterprise PT PeopleTools versions 8.62 Description An issue exists in the Deployment Package component of PeopleSoft Enterprise PT PeopleTools. This flaw allows an unauthenticated...

8.1CVSS5.8AI score0.00407EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.19 views

PT-2026-49849

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft PeopleSoft Enterprise PT PeopleTools versions 8.61 through 8.62 Description A flaw in the Deployment Package component allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful...

8.2CVSS5.8AI score0.00392EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-49995

Name of the Vulnerable Software and Affected Versions Oracle Siebel CRM Siebel CRM Deployment versions 17.0 through 26.5 Description An issue exists in the Database Upgrade component of the Siebel CRM Deployment product. A low privileged attacker with access to the infrastructure where the softwa...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References5
OSV
OSV
added 2026/06/15 5:36 p.m.7 views

MAL-2026-5819 Malicious code in mozautomation (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 26d0e7dfb965969f23786d4bde7d70e597b83df522434aea471171d48442cd12 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Qualys Blog
Qualys Blog
added 2026/06/15 4:0 p.m.12 views

What Changed in OWASP Top 10 2025 and Recommendations for Each Category

Key Takeaways 1. The 2025 list introduces two new categories – Software Supply Chain Failures A03 and Mishandling of Exceptional Conditions A10 - reflecting attacks already happening in production. 2. Security Misconfiguration jumping from 5 to 2 signals that continuous deployment without...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.8 views

CVE-2026-50633

A flaw was found in Apache CXF's JCA integration module. This Java Naming and Directory Interface JNDI Injection vulnerability allows for arbitrary code execution. A remote attacker could exploit this by manipulating the Java EE Connector Architecture JCA deployment descriptor ra.xml or runtime...

8.1CVSS5.7AI score0.00782EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/06/14 7:26 p.m.84 views

VulnPilot

VulnPilot VulnPilot is an automation framework for vulnerabil...

5.4AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/13 7:10 a.m.100 views

Exploit for CVE-2026-41490

CVE-2026-41490 — SQL Injection in Dagster database I/O manager...

8.3CVSS6.2AI score0.00265EPSS
Exploits1
Rows per page
Query Builder