Lucene search
+L

8992 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 4:10 p.m.16 views

Security Bulletin: Multiple Vulnerabilities in bcprov package bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage include bcprov library, which is susceptible to use of broken cryptographic algorithm, Improper neutralization, covert timing channel vulnerabilities CVE-2025-14813, CVE-2026-0636, CVE-2026-5598...

9.9CVSS6.7AI score0.00691EPSS
Exploits0Affected Software2
NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-56008

Contributor Privilege Escalation in Fusion Builder = 3.15.4 versions...

8.8CVSS0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.34 views

CVE-2026-56008 WordPress Fusion Builder plugin <= 3.15.4 - Privilege Escalation vulnerability

Contributor Privilege Escalation in Fusion Builder = 3.15.4 versions...

8.8CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.17 views

CVE-2026-56008

CVE-2026-56008 affects WordPress Fusion Builder plugin versions

8.8CVSS5.8AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39685

Contributor Privilege Escalation in Fusion Builder = 3.15.4 versions...

8.8CVSS5.8AI score0.00278EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.12 views

PT-2026-52739

Name of the Vulnerable Software and Affected Versions Fusion Builder versions prior to 3.15.5 Description A privilege escalation issue exists that allows a user with Contributor permissions to elevate their privileges. Recommendations Update to a version newer than 3.15.4...

8.8CVSS5.8AI score0.00278EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 10:37 p.m.6 views

CVE-2026-53143

A flaw was found in the Linux kernel's AMD KFD Kernel Fusion Driver component. This buffer overflow vulnerability occurs due to incorrect memory buffer handling during CRIU Checkpoint/Restore in User-space operations on SDMA System Direct Memory Access queues. A local attacker can exploit this fl...

7.8CVSS6.1AI score0.00142EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/25 9:10 a.m.5 views

Security Bulletin: Multiple Vulnerabilities in cryptography bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage include the cryptography library, which is vulnerable to a critical buffer overflow and an improper certificate validation flaw. A classic buffer overflow vulnerability exists when non-contiguous...

9.8CVSS6.6AI score0.00652EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Oracle WebCenter Portal (June 2026 CSPU)

The 12.2.1.4.0 and 14.1.2.0.0 versions of WebCenter Portal installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CSPU advisory. - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Security Framework. Supporte...

10CVSS5.9AI score0.00474EPSS
Exploits0References12
NVD
NVD
added 2026/06/22 6:16 p.m.11 views

CVE-2026-10789

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code to execute with the privileges of the current...

9.6CVSS0.00381EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/22 5:15 p.m.36 views

CVE-2026-10789 MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code to execute with the privileges of the current...

9.6CVSS0.00381EPSS
Exploits0References3
CVE
CVE
added 2026/06/22 5:15 p.m.40 views

CVE-2026-10789

Summary: CVE-2026-10789 is a code-injection vulnerability in the MCP extension for Autodesk Fusion Desktop. A malicious webpage visited by a user with Fusion Desktop running and MCP enabled can trigger arbitrary code execution with the current user’s privileges. The CVSS 3.1 score is 9.6 (CRITICA...

9.6CVSS6.2AI score0.00381EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/22 5:15 p.m.10 views

EUVD-2026-38328

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code to execute with the privileges of the current...

9.6CVSS6.2AI score0.00381EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:15 p.m.16 views

CVE-2026-10789

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code to execute with the privileges of the current...

9.6CVSS6.2AI score0.00381EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.19 views

PT-2026-51360

Name of the Vulnerable Software and Affected Versions Autodesk Fusion Desktop affected versions not specified Description A flaw in the MCP extension allows arbitrary code execution when a user visits a maliciously crafted webpage while the software is running and the extension is enabled. A...

9.6CVSS6.4AI score0.00381EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

A NULL pointer dereference flaw was discovered in the Linux kernel’s AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system...

5.5CVSS6.7AI score0.00195EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 6:17 a.m.18 views

CVE-2026-8713

The Avada Fusion Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the maybedeletefiles function in all versions up to, and including, 3.15.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the...

9.1CVSS0.01193EPSS
Exploits1References2
CVE
CVE
added 2026/06/19 4:31 a.m.84 views

CVE-2026-8713

CVE-2026-8713 affects the Avada (Fusion) Builder plugin for WordPress, specifically versions up to 3.15.3. The root cause is insufficient file path validation in the maybe_delete_files() function, which builds file paths via simple string replacement without realpath containment checks. An unauth...

9.1CVSS6.7AI score0.01193EPSS
In wildExploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.13 views

Oracle Coherence (June 2026 CPU)

The 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0 versions of Coherence installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CPU advisory. - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Core. Supported...

10CVSS6AI score0.00483EPSS
Exploits0References7
Patchstack
Patchstack
added 2026/06/18 5:36 p.m.12 views

WordPress Avada (Fusion) Builder plugin <= 3.15.3 - Unauthenticated Arbitrary File Deletion via Form Entry Value vulnerability

Unauthenticated Arbitrary File Deletion via Form Entry Value vulnerability discovered by daroo in WordPress Plugin Fusion Builder versions = 3.15.3...

9.1CVSS5.3AI score0.01193EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder