Lucene search
K

8795 matches found

CVE
CVE
added yesterday10 views

CVE-2026-5270

Technical details (affected versions, vulnerable component, exploit conditions) are not publicly provided in the supplied documents. The entries confirm an authentication bypass in Ciena Navigator/NCS/MCP/Blue Planet, but no specifics are available here. Monitor for updates.

6.1AI score
Exploits0References1
NCSC
NCSC
added 5 days ago6 views

Vulnerabilities found in BeyondTrust Remote Support and Privileged Remote Access

BeyondTrust has identified vulnerabilities in the products Remote Support and Privileged Remote Access. These vulnerabilities involve multiple aspects of these products. There is a pre-authentication vulnerability that allows a network-based attacker to bypass authentication checks without prior...

9.9CVSS6.2AI score0.00653EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 5 days ago9 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Go Cryptography vulnerabilities (USN-8519-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8519-1 advisory. Jakub Ciolek and Nicola Murino discovered that Go Cryptography incorrectly handled SSH agent responses. A...

7.5CVSS6.8AI score0.00868EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-56954

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themelexus Kitchor kitchor allows PHP Local File Inclusion.This issue affects Kitchor: from n/a through = 1.4.3...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References3
NVD
NVD
added last week7 views

CVE-2026-15067

Snowflake Terraform Provider versions prior to 2.18.0 contain several security vulnerabilities, including SQL injection via an unsanitized data source input could result in arbitrary SQL execution under the provider's privileged Snowflake session, potentially enabling sensitive data exfiltration...

8.8CVSS0.00371EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 5:11 a.m.7 views

EUVD-2026-42003

MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords OTP to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3...

8.8CVSS6AI score0.00342EPSS
Exploits0References2
Circl
Circl
added 2026/07/06 5:54 a.m.8 views

CVE-2026-43094

creationtimestamp| type| source ---|---|--- 2026-07-06 05:54:29+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260706...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/07/06 12:0 a.m.4 views

The vulnerability of the Internal Operations component of the “from order to payment” automation module in Oracle Receivables, a business automation system from Oracle E-Business Suite. This vulnerability allows a perpetrator to gain full control over the application.

The vulnerability of the Internal Operations component of the “from order to payment” automation module in Oracle Receivables, a business automation system from Oracle E-Business Suite, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating...

8.1CVSS5.9AI score0.00366EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-55934

Name of the Vulnerable Software and Affected Versions ModSecurity versions 3.0.0 through 3.0.15 Description The t:utf8toUnicode transformation in src/actions/transformations/utf8 to unicode.cc produces incorrect output on i386 architecture. This occurs because the snprintf function uses sizeof on...

5.8CVSS5.9AI score0.00438EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.10 views

Cursor < 3.0 Multiple Sandbox Escapes

The version of Cursor installed on the remote host is prior to 3.0. It is, therefore, affected by multiple vulnerabilities: - A flaw in the agent sandbox allows a malicious agent to manipulate the workingdirectory parameter, causing the sandbox to include writable paths outside the intended...

9.8CVSS6.9AI score0.00638EPSS
Exploits0References4
Circl
Circl
added 2026/07/02 5:46 a.m.8 views

CVE-2025-71286

creationtimestamp| type| source ---|---|--- 2026-07-02 05:46:08+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260702...

5.5CVSS6AI score0.00127EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-55240

Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description An authenticated actor with low privileges and network access can exploit multiple SQL Injection vulnerabilities to escalate privileges within UniFi OS devices or instances. SQL Injection is...

8.8CVSS5.9AI score0.00249EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2026/07/01 3:25 p.m.13 views

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and...

10CVSS6.4AI score0.28583EPSS
Exploits3
Wolfi
Wolfi
added 2026/07/01 2:16 p.m.8 views

GHSA-3GXH-FQMQ-7JGM vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/07/01 11:58 a.m.11 views

EUVD-2026-40952

MCO is vulnerable to Path Disclosure and Path Traversal in file handling functionality related to data export and upload. Improper validation of the filename parameter allows writing files to arbitrary locations as well as indirect disclosure of absolute server paths through error messages. Becau...

7.1CVSS5.9AI score0.00339EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.5 views

DEBIAN-CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References1
Circl
Circl
added 2026/06/30 10:0 a.m.9 views

CVE-2026-43707

creationtimestamp| type| source ---|---|--- 2026-06-30 10:00:53+00:00| seen| https://thehackernews.com/2026/06/apple-patches-30-ios-macos-safari-flaws.html 2026-07-01 01:00:45+00:00| seen| https://thehackernews.com/2026/06/apple-patches-30-ios-macos-safari-flaws.html 2026-07-01 02:51:35+00:00|...

6.5CVSS7AI score0.00307EPSS
Exploits0References5
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Dell Peripheral Manager permissions and access control vulnerabilities (CNVD-2026-26537)

Dell Peripheral Manager is a peripheral device management software developed by the American company Dell. Versions of Dell Peripheral Manager prior to 1.7.3 contained security vulnerabilities. Attackers could exploit these vulnerabilities to execute arbitrary code by preloading malicious DLLs...

7.8CVSS6.2AI score0.00098EPSS
Exploits0
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Dell Peripheral Manager permissions and access control vulnerabilities

Dell Peripheral Manager is a peripheral device management software developed by the American company Dell. There are security vulnerabilities in Dell Peripheral Manager. Attackers can exploit these vulnerabilities to execute arbitrary code by preloading malicious executable files...

6.7CVSS6.2AI score0.00099EPSS
Exploits0
OSV
OSV
added 2026/06/29 3:19 p.m.2 views

SUSE-SU-2026:2685-1 Security update for openCryptoki

This update for openCryptoki fixes the following issue: - CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service bsc1262283...

6.8CVSS5.8AI score0.0016EPSS
Exploits1References3
Rows per page
Query Builder