Lucene search
K

74046 matches found

Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.12 views

PT-2026-28158

OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eRx error logs without proper authorization checks...

7.7CVSS5.8AI score0.00271EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/24 9:31 p.m.2 views

EUVD-2026-14986

HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this...

4.3CVSS5.8AI score0.00278EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 9:20 p.m.6 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to information exposure (CVE-2026-2484)

Summary An information exposure vulnerability was addressed in IBM InfoSphere Information Server. Vulnerability Details CVEID:CVE-2026-2484 DESCRIPTION: InfoSphere Information Server is affected by an information exposure vulnerability caused by overly verbose error messages. CWE:CWE-209:...

4.3CVSS5.8AI score0.00284EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/03/24 9:16 p.m.4 views

CVE-2025-33216

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

6.8CVSS0.00251EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/03/24 8:34 p.m.9 views

USN-8122-1: PJSIP vulnerabilities

Youngsung Kim discovered that PJSIP did not properly parse numeric header fields in SIP messages. A remote attacker could use this issue to cause PJSIP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-16872 Peter...

9.8CVSS7.4AI score0.0462EPSS
Exploits4
ATTACKERKB
ATTACKERKB
added 2026/03/24 8:21 p.m.3 views

CVE-2025-33216

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

6.8CVSS6AI score0.00251EPSS
Exploits0References4
NVD
NVD
added 2026/03/24 8:16 p.m.3 views

CVE-2026-21783

HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this...

4.3CVSS0.00278EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/24 7:48 p.m.3 views

CVE-2026-21783 HCL Traveler is affected by sensitive information disclosure

HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this...

4.3CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/24 7:48 p.m.18 views

CVE-2026-21783 HCL Traveler is affected by sensitive information disclosure

HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this...

4.3CVSS0.00278EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/24 7:48 p.m.11 views

CVE-2026-21783

HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this...

4.3CVSS5.8AI score0.00278EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/24 7:48 p.m.18 views

CVE-2026-21783

CVE-2026-21783 affects HCL Traveler. The issue is sensitive information disclosure via error messages that reveal details such as internal paths, file names, tokens/credentials, error codes, or stack traces. This could give attackers insights into system architecture and potentially enable target...

4.3CVSS5.8AI score0.00278EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/24 4:49 p.m.1 views

SUSE-SU-2026:20866-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:49 p.m.3 views

SUSE-SU-2026:20861-1 Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References13
OSV
OSV
added 2026/03/24 4:49 p.m.1 views

SUSE-SU-2026:20883-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS7AI score0.00278EPSS
Exploits0References13
OSV
OSV
added 2026/03/24 4:48 p.m.3 views

SUSE-SU-2026:20852-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS5.9AI score0.00278EPSS
Exploits0References13
OSV
OSV
added 2026/03/24 4:48 p.m.1 views

SUSE-SU-2026:20894-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in cryptmessag...

7.8CVSS6AI score0.00278EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:48 p.m.1 views

SUSE-SU-2026:20848-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in cryptmessag...

7.8CVSS7.2AI score0.00278EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:48 p.m.2 views

SUSE-SU-2026:20847-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer bsc1257118. - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to...

7.8CVSS7.2AI score0.00278EPSS
Exploits0References17
OSV
OSV
added 2026/03/24 4:48 p.m.3 views

SUSE-SU-2026:20891-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer bsc1257118. - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to...

7.8CVSS6.9AI score0.00278EPSS
Exploits0References17
Github Security Blog
Github Security Blog
added 2026/03/24 3:30 p.m.9 views

ConcreteCMS is vulnerable to Denial of Service During Bulk Downloads

ConcreteCMS v9.4.7 contains a Denial of Service DoS vulnerability in the File Manager component. The 'download' method in 'concrete/controllers/backend/file.php' improperly manages memory when creating zip archives. It uses 'ZipArchive::addFromString' combined with 'filegetcontents', which loads...

6.5CVSS5.8AI score0.00288EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder