Lucene search
K

9120 matches found

Veracode
Veracode
added 2026/06/12 12:11 p.m.13 views

Security Misconfiguration

@hulumi/baseline is vulnerable to Security Misconfiguration. The vulnerability is due to AccountFoundation reuse paths silently downgrading GuardDuty and Security Hub security settings, which allows an attacker to operate with reduced detection and monitoring capabilities in the affected...

5.2AI score0.00052EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.14 views

VMware Cloud Foundation Operations 8.x < 8.18.7 Multiple Vulnerabilities (VMSA-2026-0004)

According to its self-reported version, the instance of VMware Cloud Foundation Operations formerly VMware Aria Operations running on the remote web server is 8.x 8.18.7. It is, therefore, affected by multiple stored cross-site scripting vulnerabilities: - VMware Cloud Foundation Operations...

8CVSS5AI score0.00399EPSS
Exploits0References4
OSV
OSV
added 2026/06/10 1:38 p.m.10 views

GHSA-CJ8G-PRCM-MFG5 @hulumi/baseline: AccountFoundation reuse paths silently downgrade GuardDuty / Security Hub posture

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: Medium — CWE-693 Protection Mechanism Failure Summary AccountFoundation can either create AWS detective services GuardDuty for threat detection, Security Hub for compliance dashboards or reuse pre-existing ones via opt-in flags. The...

6.3CVSS5.5AI score0.00052EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 1:38 p.m.13 views

GHSA-2MXR-P26X-MJ73 @hulumi/baseline: AccountFoundation audit-delivery S3 bucket could be silently weakened

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-1059 Insufficient Technical Documentation / Behavioral Inconsistency Summary The S3 bucket that AccountFoundation creates to receive CloudTrail and AWS Config audit logs is meant to be tamper-resistant — if someone with...

7.1CVSS5.5AI score0.00041EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/10 6:9 a.m.11 views

firefox: thunderbird: Other issue in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the WebRTC component...

9.8CVSS5.4AI score0.00446EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.19 views

Apache OFBiz 授权问题漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.07 had an authorization vulnerability; this vulnerability stemmed from an issue wi...

8.8CVSS5.3AI score0.00407EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48479

Affected: @hulumi/baseline 1.4.0 — Fixed in: 1.4.0 — Severity: Medium — CWE-693 Protection Mechanism Failure Summary AccountFoundation can either create AWS detective services GuardDuty for threat detection, Security Hub for compliance dashboards or reuse pre-existing ones via opt-in flags. The...

6.3CVSS5.5AI score0.00052EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.15 views

CVE-2026-41724

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS5.2AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.12 views

CVE-2026-41723

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS5.2AI score0.00399EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/08 3:4 p.m.10 views

firefox: thunderbird: Other issue in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the WebRTC component...

9.8CVSS5.4AI score0.00446EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/08 2:58 p.m.11 views

firefox: thunderbird: Other issue in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the WebRTC component...

9.8CVSS5.4AI score0.00446EPSS
Exploits0References6
NVD
NVD
added 2026/06/08 9:16 a.m.18 views

CVE-2026-41724

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS0.00313EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 9:16 a.m.14 views

CVE-2026-41722

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS0.00302EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 9:16 a.m.18 views

CVE-2026-41723

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS0.00399EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/08 7:7 a.m.8 views

CVE-2026-41724 VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS5.2AI score0.00399EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 7:7 a.m.132 views

CVE-2026-41724 VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS0.00313EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 7:7 a.m.10 views

CVE-2026-41724

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS5.2AI score0.00313EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2026/06/08 7:7 a.m.131 views

CVE-2026-41724

CVE-2026-41724 affects VMware Cloud Foundation Operations and is a stored cross-site scripting vulnerability. The NVD/NVD-derived data shows CVSSv3.1 base score 8.0 (Network, High impact on confidentiality, integrity, availability; Privileges Required: Low; User Interaction: Required). Exploitati...

8CVSS5.2AI score0.00313EPSS
Exploits0References1Affected Software3
Vulnrichment
Vulnrichment
added 2026/06/08 7:6 a.m.11 views

CVE-2026-41723 VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS5.2AI score0.00399EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 7:6 a.m.53 views

CVE-2026-41723 VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS0.00399EPSS
Exploits0References1
Rows per page
Query Builder