Lucene search
+L

2456890 matches found

packetstormnews
packetstormnews
added 2026/12/29 12:0 a.m.364 views

GNUnet P2P Framework 0.26.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

6.8AI score
Exploits0
nvd
nvd
added 24 minutes ago2 views

CVE-2026-59249

Inconsistent interpretation of HTTP requests HTTP response smuggling vulnerability in elixir-mint mint allows a malicious HTTP/1 server to desynchronize a strict intermediary and the Mint client on the same pooled connection, enabling response-queue poisoning against subsequent requests that shar...

6.3CVSS
Exploits0References4
nvd
nvd
added 25 minutes ago1 views

CVE-2026-35146

HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user...

6.3CVSS
Exploits0References1
bdu_fstec
bdu_fstec
added 56 minutes ago25 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS7.2AI score0.00736EPSS
Exploits1References11Affected Software9
bdu_fstec
bdu_fstec
added 56 minutes ago28 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00412EPSS
Exploits0References11Affected Software9
bdu_fstec
bdu_fstec
added 56 minutes ago19 views

The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.

The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...

7.7CVSS5.7AI score
Exploits0Affected Software1
githubexploit
githubexploit
added 59 minutes ago4 views

Decepticon-NavMAX

!Englishhttps://img.shields.io/badge/Language-English-blue?s...

6.3AI score
Exploits0
patchstack
patchstack
added 1 hour ago0 views

WordPress Planyo online reservation system plugin <= 3.0 - Unauthenticated Server-Side Request Forgery vulnerability

Unauthenticated Server-Side Request Forgery vulnerability discovered by chaeyp, Ronnachai Sretawat Na Ayutaya Simonhaskelly, Ronnachai Chaipha rxnr in WordPress Plugin Planyo online reservation system versions = 3.0...

7.2CVSS0.00357EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 1 hour ago2 views

CVE-2026-59249 Sign-tolerant HTTP/1 chunk-size parser in Mint enables response smuggling against strict intermediaries on pooled connections

Inconsistent interpretation of HTTP requests HTTP response smuggling vulnerability in elixir-mint mint allows a malicious HTTP/1 server to desynchronize a strict intermediary and the Mint client on the same pooled connection, enabling response-queue poisoning against subsequent requests that shar...

6.3CVSS
Exploits0References4
cve
cve
added 1 hour ago3 views

CVE-2026-59249

Inconsistent interpretation of HTTP requests HTTP response smuggling vulnerability in elixir-mint mint allows a malicious HTTP/1 server to desynchronize a strict intermediary and the Mint client on the same pooled connection, enabling response-queue poisoning against subsequent requests that shar...

6.3CVSS6.1AI score
Exploits0References4
thn
thn
added 1 hour ago3 views

New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands

Ask an AI agent to summarize the reviews on a product page, and a single planted review can make it click "Buy Now" instead. Ask a coding assistant to apply a maintainer's fix from a GitHub thread, and a fake comment can make it run a stranger's command on your computer. Neither trick hijacks the...

9.3CVSS6.1AI score0.05776EPSS
Exploits1
thn
thn
added 1 hour ago7 views

Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor

An advanced malware previously attributed to a China-linked threat actor has resurfaced after more than four years within a Taiwan manufacturing firm, along with a previously unreported backdoor dubbed Stupig. Daxin "srt64.sys", as the kernel-mode rootkit is referred to, was first documented by...

6.2AI score
Exploits0
githubexploit
githubexploit
added 1 hour ago8 views

Exploit for SQL Injection in Apache Fineract

🛡️ CVE-2026-57821 – Apache Fineract SQL Injection ⚠️ LEG...

8.1CVSS6.4AI score0.00286EPSS
Exploits1
cvelist
cvelist
added 1 hour ago3 views

CVE-2026-35146 HCL DFXServer is affected by an Unencrypted Communication vulnerability.

HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user...

6.3CVSS
Exploits0References1
cve
cve
added 1 hour ago3 views

CVE-2026-35146

HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user...

6.3CVSS6.1AI score
Exploits0References1
f5
f5
added 2 hours ago3 views

K000162297: Micrometer vulnerability CVE-2026-40984

Security Advisory Description In Micrometer, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Affected versions: micrometer-core 1.16.0 through 1.16.5; 1.15.0 through 1.15.11; 1.14.0 through 1.14.15; 1.13.0 through 1.13.18; 1.9...

7.5CVSS6.1AI score0.00623EPSS
Exploits0
ibm
ibm
added 2 hours ago4 views

Security Bulletin: The IBM Common Licensing using IBM® SDK, Java™ Technology Edition affected by multiple vulnerabilities

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2026 Critical Patch Update. For more information please refer to Oracle's April 2026 CPU Advisory and the CVE links referenced below. IBM Common Licensing is...

6.1AI score
Exploits0Affected Software1
ibm
ibm
added 2 hours ago2 views

Security Bulletin: The IBM Common Licensing IBM WebSphere Application Server Liberty could provide weaker than expected security

Summary IBM WebSphere Application Server Liberty could provide weaker than expected security administering security settings when the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0 or appSecurity-5.0 feature is enabled. Vulnerability Details Refer to the security bulletins...

6.1AI score
Exploits0Affected Software1
osv
osv
added 2 hours ago2 views

RHSA-2026:39808 Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (openstack-keystone) security update

Bulletin has no description...

8CVSS6.1AI score0.00446EPSS
Exploits2References24
ibm
ibm
added 2 hours ago2 views

Security Bulletin: The IBM Common Licensing using IBM WebSphere Application Server Liberty is affected by a privilege escalation vulnerability

Summary IBM WebSphere Application Server Liberty is affected by a privilege escalation vulnerability with the restConnector-1.0 or restConnector-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...

6.1AI score
Exploits0Affected Software1
Rows per page
Query Builder