Lucene search
K

47722 matches found

Vulnrichment
Vulnrichment
added 2026/02/17 7:14 p.m.2 views

CVE-2026-0102 Microsoft Edge (Chromium-based) Defense in Depth Vulnerability

...

3.1CVSS5.8AI score0.00463EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 7:14 p.m.23 views

CVE-2026-0102 Microsoft Edge (Chromium-based) Defense in Depth Vulnerability

...

3.1CVSS0.00463EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 7:3 p.m.4 views

CVE-2025-33101 Multiple Vulnerabilities in IBM Concert Software.

IBM Concert 1.0.0 through 2.1.0 could allow an attacker to obtain sensitive information using man in the middle techniques due to improper clearing of heap memory...

5.9CVSS7.1AI score0.00202EPSS
Exploits0References1
CVE
CVE
added 2026/02/17 7:3 p.m.13 views

CVE-2025-33101

CVE-2025-33101 affects IBM Concert Software 1.0.0–2.1.0. The vulnerability arises from improper clearing of heap memory, enabling an attacker to obtain sensitive information via man-in-the-middle techniques. Public sources in connected documents reiterate information disclosure as the impact and ...

5.9CVSS7.3AI score0.00202EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/17 7:3 p.m.27 views

CVE-2025-33101 Multiple Vulnerabilities in IBM Concert Software.

IBM Concert 1.0.0 through 2.1.0 could allow an attacker to obtain sensitive information using man in the middle techniques due to improper clearing of heap memory...

5.9CVSS0.00202EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/17 6:44 p.m.2 views

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the UploadIssueAttachment and UploadReleaseAttachment functions, over the /issues/attachments and /releases/attachments endpoints. This is only exploitable if the RequireSigninView setting is disabled, which it...

9.8CVSS5.5AI score0.00618EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/17 6:44 p.m.2 views

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the UploadIssueAttachment and UploadReleaseAttachment functions, over the /issues/attachments and /releases/attachments endpoints. This is only exploitable if the RequireSigninView setting is disabled, which it...

9.8CVSS5.5AI score0.00618EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/17 6:9 p.m.2 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials via handling passwords as command arguments. An attacker can obtain sensitive information by accessing process arguments through system interfaces. Remediation Upgrade github.com/neuvector/scanner to...

4.8CVSS5.9AI score0.00091EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/17 1:27 p.m.6 views

CVE-2026-0997

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate the authenticated user when processing /plugins/zoom/api/v1/channel-preference, which allows any logged-in user to change Zoom meeting restrictions for arbitrary...

4.3CVSS5.7AI score0.00152EPSS
Exploits0References1
ICS
ICS
added 2026/02/17 7:0 a.m.9 views

Honeywell HIB2PI CCTV Camera (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds; an unauthenticated attacker may change the recovery email address, potentially leading to further network compromise. 2. RECOMMENDED PRACTICES CISA recommends...

9.8CVSS7.5AI score0.00833EPSS
Exploits0References13
ICS
ICS
added 2026/02/17 7:0 a.m.6 views

GE Vernova Enervista UR Setup

RISK EVALUATION Successful exploitation of these vulnerabilities may allow code execution with elevated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

2.9CVSS6.4AI score0.00229EPSS
Exploits0References11
ICS
ICS
added 2026/02/17 7:0 a.m.6 views

Delta Electronics ASDA-Soft

RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to write arbitrary data beyond the bounds of a stack-allocated buffer, leading to the corruption of a structured exception handler SEH. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

9.8CVSS6.3AI score0.00532EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/17 4:31 a.m.11 views

Malicious code in polyutil (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 31a0fc68eee0841a78740fd3e3748171612b871b58bf9f3e52b4fa35bed64774 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

6.3AI score
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/17 1:5 a.m.5 views

nodejs: Nodejs uninitialized memory exposure

A memory exposure flaw has been discovered in Node.js. A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other...

7.1CVSS7.4AI score0.03493EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/17 12:55 a.m.6 views

pybind: Improper use of Pybind

A flaw was found in Ceph. An attacker can allow Ceph to accept any certificate because no certificate context is passed via Pybind to the constructors imaplib.IMAP4SSL or smtplib.SMTPSSL. As a result, pybind pybind does not check the server's X.509 certificate, instead accepting any certificate...

5.8AI score0.00029EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.6 views

IBM Concert 安全漏洞

IBM Concert is IBM's software platform for orchestrating and managing enterprise-class applications. An information disclosure vulnerability exists in IBM Concert. An attacker could exploit this vulnerability to steal sensitive information via a man-in-the-middle attack...

5.9CVSS5.8AI score0.00202EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2026/02/17 12:0 a.m.3 views

KLA90894 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability can be exploited to...

8.8CVSS6AI score0.2202EPSS
Exploits12References10
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.6 views

PT-2026-20240

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description IBM Concert versions 1.0.0 through 2.1.0 may allow an attacker to obtain sensitive information. This is due to improper clearing of heap memory, potentially enabling a man-in-the-middle...

5.9CVSS5.4AI score0.00202EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.2 views

DARTH-PUM: A Hybrid Processing-Using-Memory Architecture

Analog processing-using-memory PUM; a.k.a. in-memory computing makes use of electrical interactions inside memory arrays to perform bulk matrix-vector multiplication MVM operations. However, many popular matrix-based kernels need to execute non-MVM operations, which analog PUM cannot directly...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.7 views

CVE-2026-26367

eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the deleteUserAccount JSON-RPC method that permits any authenticated low-privileged user UGUSER to delete arbitrary user accounts, except for the built-in admin account. The application does not enforce...

8.1CVSS5.8AI score0.00373EPSS
Exploits2References1
Rows per page
Query Builder