Lucene search
K

13535 matches found

Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.13 views

PT-2026-53692

Name of the Vulnerable Software and Affected Versions AWS Application Load Balancer affected versions not specified Description Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer when AWS WAF is enabled may allow remote actors to bypass managed rule body inspection. B...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.6 views

PT-2026-53691

Name of the Vulnerable Software and Affected Versions Amazon CloudFront affected versions not specified Description An inconsistent interpretation of HTTP/2 requests in Amazon CloudFront when AWS WAF is enabled may allow remote actors to bypass managed rule body inspection. This occurs through...

9.8CVSS5.8AI score0.00438EPSS
Exploits0References8
Fedora
Fedora
added 2026/06/27 1:12 a.m.5 views

[SECURITY] Fedora 44 Update: nginx-mod-naxsi-1.6-19.fc44

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

9.2CVSS7AI score0.03459EPSS
Exploits4
Fedora
Fedora
added 2026/06/27 12:56 a.m.5 views

[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-19.fc43

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

9.2CVSS7AI score0.03459EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2026/06/25 7:34 p.m.5 views

CVE-2026-40983

A flaw was found in Micrometer. A remote attacker can provide specially crafted gRPC gRPC Remote Procedure Call requests, which may lead to a denial-of-service DoS condition. This vulnerability allows an attacker to disrupt the availability of the affected system. Mitigation To mitigate this issu...

7.5CVSS5.9AI score0.00474EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.5 views

CVE-2026-53080

A flaw was found in the Linux kernel's traffic control firewall classifier clsfw module. An attacker with the ability to create traffic control filters could exploit a vulnerability where an invalid filter, created using an older method, is processed before proper validation. This can lead to a...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38948

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL dereference of "old" filters before change Like pointed out by Sashiko 1, since commit ed76f5edccc9 "net: sched: protect filterchain list with filterchainlock mutex" TC filters are added to a shared blo...

5.8AI score0.00172EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/24 3:19 p.m.6 views

CVE-2026-44393

A flaw was found in OpenStack oslo.messaging. The RabbitMQ driver does not properly verify the hostname of the message broker when establishing a TLS Transport Layer Security connection. An attacker capable of intercepting control-plane network traffic can exploit this vulnerability to impersonat...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51936

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fwctl component where incorrect class initialization ordering can lead to a NULL pointer dereference during device removal. Because CXL is linked before fwctl in t...

6AI score0.00166EPSS
Exploits0References12
OSV
OSV
added 2026/06/22 3:12 p.m.2 views

SUSE-SU-2026:22343-1 Security update for firewalld

This update for firewalld fixes the following issue - CVE-2026-4948: local unprivileged users can modify firewall state due to D-Bus setter mis-authorizations bsc1260903...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 3:8 p.m.2 views

OPENSUSE-SU-2026:21032-1 Security update for firewalld

This update for firewalld fixes the following issue - CVE-2026-4948: local unprivileged users can modify firewall state due to D-Bus setter mis-authorizations bsc1260903...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/22 12:21 p.m.5 views

CVE-2026-50589

A flaw was found in OpenStack Ironic. An unauthenticated malicious user could exploit this vulnerability by submitting a specially crafted JSON JavaScript Object Notation string to certain API Application Programming Interface or JSON-RPC Remote Procedure Call service endpoints. This could lead t...

7.5CVSS5.8AI score0.00433EPSS
Exploits0References4
Imperva Blog
Imperva Blog
added 2026/06/22 11:39 a.m.45 views

On-Premises API Security on Kubernetes: What It Actually Looks Like in Practice

Let’s Talk About Where Your APIs Actually Run Quick answer: On-premises API security keeps API discovery, detection, and enforcement inside your own perimeter instead of a third-party cloud—the model regulated industries need. Deploying it natively on Kubernetes sidecar sensors → a discovery...

6.2AI score
Exploits0
NVD
NVD
added 2026/06/19 3:16 p.m.16 views

CVE-2016-20091

Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers can place executable files in unquoted path directories that the wfcs.exe service will execute with...

8.5CVSS0.00113EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/19 2:16 p.m.8 views

EUVD-2016-10904

Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers can place executable files in unquoted path directories that the wfcs.exe service will execute with...

8.5CVSS5.9AI score0.00113EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/19 2:16 p.m.29 views

CVE-2016-20091 Windows Firewall Control 4.8.6.0 Unquoted Service Path Privilege Escalation

Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers can place executable files in unquoted path directories that the wfcs.exe service will execute with...

8.5CVSS0.00113EPSS
Exploits0References3
CVE
CVE
added 2026/06/19 2:16 p.m.13 views

CVE-2016-20091

CVE-2016-20091 affects Windows Firewall Control 4.8.6.0. The issue is an unquoted service path for the wfcs.exe service, enabling local attackers to escalate privileges by placing malicious executables in unquoted directories that are executed with LocalSystem privileges on service restart or sys...

8.5CVSS5.9AI score0.00113EPSS
Exploits0References3
OSV
OSV
added 2026/06/19 5:10 a.m.9 views

MAL-2026-6191 Malicious code in node-slot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d71bcdec983467ab6a47b538e524abc1cdafc98b411761bffb375be17d72009 On npm install, package.json's postinstall hook executes node test.js which invokes code in index.js that performs two distinct attacks on the...

5.9AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/19 3:54 a.m.8 views

CVE-2026-12046

A flaw was found in pgAdmin 4. Critical functions within the SQL Editor blueprint lacked proper authentication, allowing a remote attacker to bypass security controls. When combined with specific preconditions, such as knowledge of the Flask SECRETKEY and write access to the sessions directory,...

9.5CVSS6.6AI score0.0071EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-50909

Name of the Vulnerable Software and Affected Versions Windows Firewall Control version 4.8.6.0 Description An unquoted service path issue exists where the wfcs.exe service is configured with a path containing spaces that is not enclosed in quotes. This allows a local attacker to escalate privileg...

8.5CVSS5.9AI score0.00113EPSS
Exploits0References5
Rows per page
Query Builder