Lucene search
K

1627 matches found

Cvelist
Cvelist
added 2026/06/30 7:32 p.m.35 views

CVE-2026-13449 XXE attack in IBM Business Automation Manager Open Editions

IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

7.6CVSS0.00406EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 7:32 p.m.7 views

EUVD-2026-40389

IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

7.6CVSS5.8AI score0.00406EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/30 10:4 a.m.3 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-13449 DESCRIPTION: IBM Business Automation Manager Open Editions is vulnerable t...

9.1CVSS5.8AI score0.00406EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/30 10:2 a.m.5 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application...

8.7CVSS6.8AI score0.01125EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.14 views

PT-2026-53970

Name of the Vulnerable Software and Affected Versions IBM Business Automation Manager Open Editions versions 9.0.0 through 9.4.2 Description An XML external entity injection XXE occurs when processing XML data. This allows a remote attacker to expose sensitive information or consume memory...

9.1CVSS6AI score0.00406EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Windows UEFI 处理逻辑错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows UEFI. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected: Windows 11...

7.8CVSS5.8AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows RDP 缓冲区错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has a buffer error vulnerability. Attackers can exploit this vulnerability to obtain sensitive information. The following products and versions are affected: Windows App Client f...

7.5CVSS6AI score0.0087EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft UxTheme 缓冲区错误漏洞

Microsoft UxTheme is a core system component built into the Windows operating system by Microsoft, used to render system windows, controls, and various graphical interface themes. There is a buffer overflow vulnerability in Microsoft UxTheme. Attackers can exploit this vulnerability to cause a...

5.5CVSS5.7AI score0.00383EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Windows Application Identity (AppID) Subsystem 日志信息泄露漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has information leakage vulnerabilities. Attackers can exploit these vulnerabilities to obtain sensitive information. The following products and versions are affected: Windows...

5.5CVSS6AI score0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Windows Cryptographic Services 授权问题漏洞

Microsoft Windows Cryptographic Services are encryption services provided by Microsoft Corporation. There is an authorization issue vulnerability in Microsoft Windows Cryptographic Services. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions ar...

8.4CVSS5.3AI score0.00261EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

Microsoft Windows NT OS Kernel 缓冲区错误漏洞

The Microsoft Windows NT OS Kernel is the core of the Windows operating system developed by Microsoft Corporation. It is responsible for managing system resources, providing hardware abstraction, and ensuring system security and stability. There are security vulnerabilities in the Microsoft Windo...

7.8CVSS5.8AI score0.05659EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows Performance Monitor 数字错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in input validation of Microsoft Windows. Attackers can exploit this vulnerability to execute code remotely. The following products and versions are affected: Windows 11...

8.1CVSS6AI score0.0064EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Remote Desktop Client 竞争条件问题漏洞

Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. The Microsoft Remote Desktop Client has vulnerabilities related to race conditions. The following products and versions are affected: Windows 10 Version 1809 for 32-bit systems, Windows 10 Version 1809...

7.5CVSS5.4AI score0.00397EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Kinect 权限许可和访问控制问题漏洞

The Microsoft Kinect is a motion input device developed by Microsoft Corporation. The Microsoft Kinect has an access control vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows Server 2025, Windows 10 Version...

7.8CVSS5.8AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Microsoft Windows Media Center 缓冲区错误漏洞

Microsoft Windows Media is a series of media playback and management software developed by the American company Microsoft. There are security vulnerabilities in Microsoft Windows Media. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected:...

7.8CVSS7.1AI score0.00445EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.11 views

CVE-2026-3676

IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...

6.5CVSS5.4AI score0.00402EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:54 p.m.10 views

CVE-2026-8716

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/14 5:33 a.m.8 views

CVE-2026-8280 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to cause denial of service through excessive memory consumption due to improper input validation...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/14 5:33 a.m.32 views

CVE-2026-8280

Removed by vendor...

6.5CVSS5.8AI score0.00295EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Microsoft Windows 访问控制错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in access control of Microsoft Windows. Attackers can exploit this vulnerability to bypass certain functions. The following products and versions are affected: Windows 10...

4.4CVSS5.8AI score0.00204EPSS
Exploits0References2
Rows per page
Query Builder