Lucene search
K

7862 matches found

Cvelist
Cvelist
added 2026/05/26 10:1 p.m.34 views

CVE-2026-45298 Dozzle: Pre-auth SSRF with response-body reflection via POST /api/notifications/test-webhook (default no-auth deploy)

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy the documented quickstart, no DOZZLEAUTHPROVIDER set, POST /api/notifications/test-webhook is reachable without authentication and forwards an attacker-controlled URL into a WebhookDispatcher that...

8.6CVSS0.01491EPSS
Exploits1References2
NVD
NVD
added 2026/05/26 9:16 p.m.17 views

CVE-2026-47672

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...

6.5CVSS0.00162EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/26 8:59 p.m.9 views

CVE-2026-47672 epa4all-client: Unauthenticated REST API for Patient Record Writes

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...

6.5CVSS5.9AI score0.00162EPSS
Exploits0References2
CVE
CVE
added 2026/05/26 8:59 p.m.22 views

CVE-2026-47672

CVE-2026-47672 affects the Java client epa4all-client for epa4all/ePA 3.0. In version 1.2.4 and earlier, a network-reachable caller can write arbitrary documents to any patient electronic health record (EHR) accessible by the institution’s SMC-B card. In misconfigured deployments (e.g., following...

6.5CVSS5.9AI score0.00162EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 4:16 p.m.23 views

CVE-2026-25112

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...

7.8CVSS0.00145EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/05/26 2:55 p.m.22 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update

Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...

9.6CVSS5.8AI score0.00505EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/05/26 2:52 p.m.39 views

CVE-2026-25112

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...

7.8CVSS0.00145EPSS
Exploits1References2
CVE
CVE
added 2026/05/26 2:52 p.m.24 views

CVE-2026-25112

Technical details about CVE-2026-25112 are not publicly provided in the supplied documents; monitor for updates.

7.8CVSS5.8AI score0.00145EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/26 2:52 p.m.10 views

CVE-2026-25112

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...

7.8CVSS5.8AI score0.00145EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/26 2:52 p.m.11 views

CVE-2026-25112

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack...

7.8CVSS5.8AI score0.00145EPSS
Exploits1References3Affected Software7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 7:1 a.m.15 views

Malicious code in ranno (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1366783d9cb87471f1b5cfeb806508ee83b2a58ded724f8ea45d8391f4f68bc The package's advertised API ex calls gn in ranno/gn.py, which POSTs the caller's prompt — and, when a data= argument is supplied, the absolute file...

6.5AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 6:37 a.m.8 views

CVE-2026-44468

The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary...

8.5CVSS5.9AI score0.00123EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/26 6:37 a.m.42 views

CVE-2026-44468 Incorrect Default Permissions in CODESYS Development System

The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary...

8.5CVSS0.00123EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/26 1:39 a.m.109 views

YKWriter

YKWriter 🔑💾 YKWriter is a lightweight Windows Forms utili...

6.8CVSS6AI score0.01249EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.11 views

A Surveillance Evasion Game with Continuous Sensor Redeployment Via Bilevel Optimization

Uncrewed Aerial Systems UASs have become a growing threat to the security of critical infrastructure, exploiting spatiotemporal gaps in sensor perimeters to infiltrate restricted airspace undetected. We formulate this interaction as a two-player zero-sum differential game between an adversarial U...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Genetec RabbitMQ 安全漏洞

Genetec RabbitMQ is a messaging queue service component provided by the American company Genetec. Genetec RabbitMQ has a security vulnerability, which stems from deployment issues and may lead to privilege escalation attacks...

7.8CVSS5.8AI score0.00145EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-43263

Name of the Vulnerable Software and Affected Versions Genetec RabbitMQ affected versions not specified Description A high-severity issue in the deployment of Genetec RabbitMQ that enables a privilege escalation attack, allowing an attacker to gain higher levels of permissions than intended...

7.8CVSS5.5AI score0.00145EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.15 views

PT-2026-43196

Name of the Vulnerable Software and Affected Versions CODESYS Development System affected versions not specified Description The software creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary fil...

8.5CVSS5.9AI score0.00123EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/05/24 6:37 p.m.84 views

Exploit for CVE-2025-13673

CVE-2025-13673 — Tutor LMS SQL Injection Lab Unauthenticated...

7.5CVSS5.9AI score0.00461EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/05/22 11:19 p.m.85 views

web-app-security-lab

Vulnerable Web App — Attack & Defend Lab A deliberately-vulne...

5.8AI score
Exploits0
Rows per page
Query Builder