Lucene search
K

328 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/17 6:34 p.m.6 views

Security Bulletin: CVE-2026-3856 found in IBM Db2 Recovery Expert for Linux, UNIX and Windows v5.5

Summary IBM Db2 Recovery Expert for Linux, UNIX and Windows could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission. Vulnerability Details ID: CVE-2026-3856 DESCRIPTION: IBM DB2 Recovery Expert for Linux, UNIX...

9.1CVSS5.8AI score0.00152EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/04 1:57 a.m.6 views

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

9.8CVSS6AI score0.00401EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.2 views

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

9.8CVSS6AI score0.00401EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.2 views

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

6AI score0.00401EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/03 12:0 a.m.4 views

EUVD-2025-208233

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

6AI score0.00401EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/02/25 10:19 p.m.7 views

CVE-2026-23859

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...

2.7CVSS5.5AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/25 10:16 p.m.7 views

CVE-2026-22765

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges...

8.8CVSS5.5AI score0.00396EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 8:27 p.m.4 views

CVE-2026-22766

Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...

7.2CVSS5.9AI score0.00698EPSS
Exploits0References1
CVE
CVE
added 2026/02/24 7:31 p.m.25 views

CVE-2026-23858

Dell Wyse Management Suite (WMS) versions prior to 5.5 contain an XSS vulnerability from improper neutralization of input during web page generation. A low-privileged, remote attacker could exploit this to perform script injection. CVSS‑3.1 metrics: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N, base score...

5.4CVSS5.5AI score0.00183EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/24 7:28 p.m.23 views

CVE-2026-22766

Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...

7.2CVSS0.00698EPSS
Exploits0References1
CVE
CVE
added 2026/02/24 7:28 p.m.33 views

CVE-2026-22766

CVE-2026-22766 affects Dell Wyse Management Suite prior to WMS 5.5. It describes an Unrestricted Upload of File with Dangerous Type vulnerability that could allow remote code execution by a high-privilege attacker with remote access. The CVSSv3.1 base score is 7.2 (HIGH) with NETWORK attack vecto...

7.2CVSS5.5AI score0.00698EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.8 views

Dell Wyse Management Suite WMS 安全漏洞

Dell Wyse Management Suite WMS is a cloud-based and on-premise management platform developed by the American company Dell. It is used for centralized management of Wyse lightweight terminal devices, supporting features such as remote configuration, firmware updates, and security policy management...

8.8CVSS7.5AI score0.00396EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.11 views

PT-2026-21794

Name of the Vulnerable Software and Affected Versions Dell Wyse Management Suite versions prior to 5.5 Description Dell Wyse Management Suite versions prior to 5.5 are susceptible to an unrestricted file upload with a dangerous type. A high privileged attacker with remote access could potentially...

7.2CVSS5.3AI score0.00698EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.20 views

PT-2026-21622

A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.6C0 and the Zyxel WX3100-T0 firmware versions through 5.50ABVL.4.8C0 could allow an authenticated attacker with administrator privileges to trigger a...

4.9CVSS5.5AI score0.01124EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.11 views

Dell Wyse Management Suite WMS 安全漏洞

Dell Wyse Management Suite WMS is a cloud-based and on-premise management platform developed by the American company Dell. It is used for centralized management of Wyse lightweight terminal devices, supporting features such as remote configuration, firmware updates, and security policy management...

2.7CVSS5.8AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 7:50 p.m.27 views

CVE-2025-27899 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system...

5.3CVSS0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.6 views

PT-2026-20233

Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002 Description The software contains a flaw that could enable a remote attacker to carry out phishing attacks through an open redirect. A crafted website can be used to exploit this issu...

6.8CVSS5.8AI score0.00137EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.10 views

PT-2026-20231

Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002 Description The software does not invalidate sessions after a timeout. This could allow an authenticated user to impersonate another user on the system. Recommendations At the moment,...

6.3CVSS5.8AI score0.00154EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/02/14 5:18 a.m.6 views

WordPress WP Activity Log plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Steven Julian in WordPress Plugin WP Activity Log versions = 5.5.4...

6.5CVSS5.4AI score0.00156EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:18 p.m.5 views

CVE-2025-54161

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

6.9CVSS5.6AI score0.00408EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder