Lucene search
K

540 matches found

HackRead
HackRead
added 2026/05/20 2:55 p.m.12 views

Understanding Trend Structure: Higher Highs and Lower Lows Explained

Before indicators, before oscillators, before anything that requires a formula – the market communicates through price structure. Peaks…...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Net: Atlantic – Eliminate double-free operations in error handling logic. The driver has a logic flaw in ring data allocation/free. In this flaw, aqringfree may be called multiple times within the same ring. This can occur whe...

7.8CVSS6.1AI score0.00275EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 4:16 p.m.9 views

CVE-2026-32673

A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In appliance mode deployments, a successful exploit can allow the attacker to cross a...

8.7CVSS0.00235EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 2:17 p.m.8 views

CVE-2026-4609

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pminviteuser function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-level...

7.1CVSS0.00219EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.9 views

PT-2026-40636

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description An issue in scripted monitors allows an authenticated attacker with the Resource Administrator or Administrator role to...

8.7CVSS5.8AI score0.00235EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/12 9:20 p.m.13 views

Out-of-bounds Read

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Out-of-bounds Read in the input validation process. An attacker can gain unauthorized write access by tricking a user with high privileges into visiting a maliciously craft...

5.1CVSS5.8AI score0.00373EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Microsoft Office ClickToRun 访问控制错误漏洞

Microsoft Office ClickToRun is a component developed by Microsoft that allows for the download and installation of Microsoft Office products. There is an access control error vulnerability present in Microsoft Office ClickToRun. Attackers can exploit this vulnerability to gain higher privileges...

8.8CVSS5.8AI score0.00212EPSS
Exploits0References2
NVD
NVD
added 2026/05/09 3:16 a.m.72 views

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS0.00226EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/05 11:25 a.m.7 views

CVE-2026-43534 OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events

OpenClaw before 2026.4.10 contains an input validation vulnerability that allows external hook metadata to be enqueued as trusted system events. Attackers can supply malicious hook names to escalate untrusted input into higher-trust agent context...

9.3CVSS5.8AI score0.0019EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.10 views

Towards Agentic Investigation of Security Alerts

Security analysts are overwhelmed by the volume of alerts and the low context provided by many detection systems. Early-stage investigations typically require manual correlation across multiple log sources, a task that is usually time-consuming. In this paper, we present an experimental, agentic...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/04/21 12:0 a.m.30 views

CVE-2026-30452

Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in...

0.00247EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.10 views

PT-2026-34006

Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in...

5.8AI score0.00247EPSS
Exploits0References3
CNVD
CNVD
added 2026/04/10 12:0 a.m.4 views

Discourse authorization issue vulnerability (CNVD-2026-17254)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an authorization issue vulnerability that can be exploited by an attacker to cause a user to purchase a lower tier...

6.3CVSS5.7AI score0.00171EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/08 10:25 p.m.18 views

CVE-2026-4916 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with custom role permissions to demote or remove higher-privileged group members due to improper authorization...

2.7CVSS0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.8 views

PT-2026-31547

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.2 through 18.8.8, 18.9 through 18.9.4, and 18.10 through 18.10.2 Description A flaw existed in GitLab CE/EE where an authenticated user with custom role permissions could potentially demote or remove higher-privileged...

2.7CVSS5.8AI score0.00348EPSS
Exploits0References7
CVE
CVE
added 2026/03/31 5:41 p.m.17 views

CVE-2026-33074

CVE-2026-33074 affects Discourse (subs plugin). From versions 2026.1.0-latest up to before 2026.1.3, 2026.2.0-latest up to before 2026.2.2, and 2026.3.0-latest up to before 2026.3.0, a user could purchase a lower-tier subscription yet obtain higher-tier benefits. Root cause details are not provid...

6.3CVSS5.7AI score0.00171EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 5:41 p.m.6 views

CVE-2026-33074 Discourse: Vulnerability in discourse-subscriptions plugin allowing users to self-grant to higher tier subscriptions

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, a user may be able to purchase a lower tier subscription but grant themselves the benefits that comes along with a higher...

6.3CVSS5.7AI score0.00171EPSS
Exploits0References2
OSV
OSV
added 2026/03/31 5:41 p.m.4 views

CVE-2026-33074 Discourse: Vulnerability in discourse-subscriptions plugin allowing users to self-grant to higher tier subscriptions

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, a user may be able to purchase a lower tier subscription but grant themselves the benefits that comes along with a higher...

6.3CVSS5.7AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.7 views

Discourse 授权问题漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an authorization issue vulnerability that can be exploited by an attacker to cause a user to purchase a lower tier...

6.3CVSS5.8AI score0.00171EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.9 views

PT-2026-29316

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, a user may be able to purchase a lower tier subscription but grant themselves the benefits that comes along with a higher...

6.3CVSS5.7AI score0.00171EPSS
Exploits0References6
Rows per page
Query Builder