Lucene search
K

7868 matches found

EUVD
EUVD
added 2026/06/02 12:45 a.m.10 views

EUVD-2026-33857

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.01067EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/02 12:45 a.m.38 views

CVE-2026-10550 elunez eladmin Application Deployment App.java command injection

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS0.01067EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/02 12:45 a.m.10 views

CVE-2026-10550

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.01067EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/02 12:45 a.m.9 views

CVE-2026-10550 elunez eladmin Application Deployment App.java command injection

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.01067EPSS
Exploits0References6
CVE
CVE
added 2026/06/02 12:45 a.m.20 views

CVE-2026-10550

Summary of CVE-2026-10550 (elunez eladmin) : Affects eladmin up to 2.7; the vulnerability targets the Application Deployment Module, specifically the App.java component. The issue arises from manipulating the uploadPath argument, enabling command injection and remote code execution. Public exploi...

6.5CVSS6.3AI score0.01067EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/02 12:31 a.m.23 views

EUVD-2026-33817

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC Elliptic Curve private keys are inadvertently exposed through the public /tokenkeys endpoint. This endpoint is designed to provide public key material for JW...

10CVSS5.8AI score0.00346EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.6 views

Operationalizing Cyber Attack Prediction: A Gap-Prioritized Framework with Dataset and Model Selection Guidelines

While AI and machine learning for cyber attack prediction have advanced, a critical gap persists between theoretical research and practical operational deployment. Building on Ankalaki et al. 2025, this paper provides a comprehensive analysis of 150+ benchmark datasets and 200+ studies to identif...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.19 views

PT-2026-45678

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.01067EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

ELADMIN 命令注入漏洞

ELADMIN is a backend management system developed by elunez’s individual developer. Versions of ELADMIN 2.7 and earlier had a command injection vulnerability. This vulnerability stemmed from the operation of the uploadPath parameter in the App.java file within the Application Deployment Module...

6.5CVSS5.4AI score0.01067EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Spacelabs Healthcare Sentinel 安全漏洞

Spacelabs Healthcare Sentinel is a cardiology information management system developed by Spacelabs Healthcare in the United States. Vulnerabilities exist in Spacelabs Healthcare Sentinel versions 10.5.x and later, as well as versions 11.6.0 and earlier under the 11.x.x range. These vulnerabilitie...

9.8CVSS6.3AI score0.00664EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:22 p.m.9 views

CVE-2026-40965

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC Elliptic Curve private keys are inadvertently exposed through the public /tokenkeys endpoint. This endpoint is designed to provide public key material for JW...

10CVSS5.8AI score0.00346EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2026/06/01 9:22 p.m.61 views

CVE-2026-40965

Cloud Foundry UAA versions v76.12.0–v78.12.0 expose EC private keys via the public /token_keys endpoint, enabling private key disclosure for EC-based JWT signing. Affected components: uaa_release (v76.12.0–v78.12.0) and CF Deployment (v30.0.0–v56.0.0). Root cause: misexposure of EC private key ma...

10CVSS5.8AI score0.00346EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 9:2 p.m.10 views

CVE-2026-40964

Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and platform component via minting a JWT that the cf-auth-proxy accepts as a valid logs.admin token...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:2 p.m.7 views

CVE-2026-40964

Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and platform component via minting a JWT that the cf-auth-proxy accepts as a valid logs.admin token...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.8 views

Malicious Package

Overview @vpmdhaj/devops-tools is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...

9.8CVSS5.7AI score
Exploits0References2
Ivanti
Ivanti
added 2026/06/01 1:56 p.m.13 views

Security Advisory Ivanti Neurons for ITSM (CVE-2026-9614)

Ivanti has released updates for Ivanti Neurons for ITSM which addresses one high severity vulnerability. Successful exploitation could lead to authenticated privilege escalation to an administrator. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...

8.8CVSS5.8AI score0.0144EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.16 views

PT-2026-45616

Name of the Vulnerable Software and Affected Versions Cloud Foundry UAA versions v76.12.0 through v78.12.0 CF Deployment versions v30.0.0 through v56.0.0 Description Private key exposure occurs when the server inadvertently reveals Elliptic Curve EC private keys through the public '/token keys'...

10CVSS5.8AI score0.00346EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

CloudFoundry CF Deployment 安全漏洞

CloudFoundry CF Deployment is a code deployment component of the CloudFoundry Foundation. There is a security vulnerability in CloudFoundry CF Deployment, which stems from a bypass of input validation during SMB volume mounting processes. This vulnerability could allow developers with low...

8.1CVSS5.5AI score0.00239EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

Cloud Foundry UAA 安全漏洞

Cloud Foundry UAA is an identity verification and management service terminal designed for the CloudFoundry platform by the Cloud Foundry Foundation in the United States. There is a security vulnerability in Cloud Foundry UAA, which stems from the exposure of private keys. This vulnerability may...

10CVSS5.3AI score0.00346EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Cloud Foundry Foundation 安全漏洞

Cloud Foundry Foundation is an open-source platform as a service PaaS offered by the Cloud Foundry Foundation. There is a security vulnerability in Cloud Foundry Foundation’s cf-auth-proxy component. This vulnerability stems from authentication bypassing, allowing unauthenticated remote attackers...

7.5CVSS5.4AI score0.00393EPSS
Exploits0References1
Rows per page
Query Builder