Lucene search
K

6178 matches found

OSV
OSV
added 2026/07/05 7:32 a.m.5 views

ROOT-OS-UBUNTU-2204-CVE-2026-52963 CVE-2026-52963 in rootio-linux - Patched by Root

Root has patched CVE-2026-52963 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.8AI score0.00184EPSS
Exploits0
OSV
OSV
added 2026/07/05 4:22 a.m.9 views

ROOT-OS-DEBIAN-12-CVE-2025-40070 CVE-2025-40070 in rootio-linux - Patched by Root

Root has patched CVE-2025-40070 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

7.8AI score0.00193EPSS
Exploits0
OSV
OSV
added 2026/07/05 4:22 a.m.8 views

ROOT-OS-DEBIAN-12-CVE-2025-38154 CVE-2025-38154 in rootio-linux - Patched by Root

Root has patched CVE-2025-38154 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

7.8CVSS7.2AI score0.00154EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 1:52 p.m.3 views

Security Bulletin: Vulnerabilities in kernel library (CVE-2025-68724, CVE-2026-31431) affect Power HMC.

Summary The kernel library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-68724 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in...

7.8CVSS6.8AI score0.96267EPSS
Exploits230Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-53866

Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description An unauthenticated arbitrary file read issue exists when access to the NSIP NetScaler IP, Cluster Management IP, or SNIP Subnet IP with...

7.5CVSS5.9AI score0.00415EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52144

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBUDashboard JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from improper...

8.8CVSS6.3AI score0.00689EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52143

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description An authentication bypass issue exists within the 'viewclient' webpage due to improper validation of user-supplied data. This allows remote attackers to inject arbitrary scripts,...

8.8CVSS7.5AI score0.0067EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-52148

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBURemovableMedia JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from...

8.8CVSS7.7AI score0.00689EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52149

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBULibraryPort JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from...

8.8CVSS7.7AI score0.00689EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-8927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state...

9.1CVSS6AI score0.00752EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.7 views

PT-2026-51651

Name of the Vulnerable Software and Affected Versions Hubbell Aclara Metrum affected versions not specified Description The Cellular Web Interface contains a flaw where missing authentication allows unauthenticated attackers to manipulate critical device settings and disrupt operations. This issu...

8.7CVSS5.8AI score0.00726EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-47973

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting XSS, a condition where malicious scripts are injected into trusted websites...

6.5CVSS5.1AI score0.00308EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 2:45 p.m.12 views

EUVD-2026-33330

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument specialname results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

6.5CVSS7.1AI score0.00399EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/29 1:45 p.m.17 views

EUVD-2026-33322

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSetRoute of the file /goform/formSetRoute. This manipulation of the argument ip/mask/gateway causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS7.8AI score0.00835EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/29 1:30 p.m.15 views

CVE-2026-10061

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the file /goform/formWPS. The manipulation of the argument peerPin results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor...

6.5CVSS6.3AI score0.0501EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/29 1:30 p.m.14 views

CVE-2026-10061 TRENDnet TEW-432BRP formWPS command injection

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the file /goform/formWPS. The manipulation of the argument peerPin results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor...

6.5CVSS6.3AI score0.0501EPSS
Exploits1References4
Snyk
Snyk
added 2026/05/28 3:8 a.m.13 views

Incorrect Authorization

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Incorrect Authorization via the user-facing APIs when the Organizations feature is disabled. An attacker can...

7.1CVSS5.3AI score0.00214EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.20 views

PT-2026-43096

Name of the Vulnerable Software and Affected Versions Dolibarr ERP CRM version 7.0.3 Description Unauthenticated attackers can achieve remote code execution by injecting PHP code through the db name parameter. This is performed by sending a POST request to the 'install/step1.php' endpoint...

9.8CVSS6.4AI score0.01701EPSS
Exploits1References12
CBLMariner
CBLMariner
added 2026/05/18 8:36 p.m.7 views

CVE-2026-6478 affecting package postgresql for versions less than 16.14-1

CVE-2026-6478 affecting package postgresql for versions less than 16.14-1. An upgraded version of the package is available that resolves this issue...

8.2CVSS5.8AI score0.00558EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/11 9:5 a.m.10 views

Security Bulletin: IBM Integration Bus for z/OS webui is potentially vulnerable to an clickjacking attack ( CVE-2026-1353 )

Summary IBM Integration Bus for z/OS webui is potentially vulnerable to an clickjacking attack. Vulnerability Details CVEID:CVE-2026-1353 DESCRIPTION: IBM App Connect Enterprise could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious...

5.8AI score
Exploits0Affected Software1
Rows per page
Query Builder