Lucene search
K

298 matches found

The Hacker News
The Hacker News
added 2026/06/09 11:30 a.m.21 views

The Hidden Security Risk in Modern Networks: The Work Between Tools

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.11 views

CVE-2026-4914

Stored XSS in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to obtain limited information from other user sessions. User interaction is required...

5.4CVSS5.5AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.10 views

CVE-2026-40108

GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, a technician can store an XSS payload in a ITIL costs. This issue has been fixed in version 11.0.7...

7.1CVSS5.3AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 7:16 p.m.26 views

CVE-2026-9614

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS0.0144EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 5:50 p.m.14 views

EUVD-2026-33736

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS5.8AI score0.0144EPSS
Exploits0References1
Ivanti
Ivanti
added 2026/06/01 1:56 p.m.14 views

Security Advisory Ivanti Neurons for ITSM (CVE-2026-9614)

Ivanti has released updates for Ivanti Neurons for ITSM which addresses one high severity vulnerability. Successful exploitation could lead to authenticated privilege escalation to an administrator. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...

8.8CVSS5.8AI score0.0144EPSS
Exploits0
EUVD
EUVD
added 2026/04/14 3:30 p.m.7 views

EUVD-2026-22278

Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled...

5.7CVSS5.8AI score0.00586EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.7 views

Ivanti Neurons for ITSM 安全漏洞

Ivanti Neurons for ITSM is a reliable and powerful IT service management solution from the American company Ivanti. Versions of Ivanti Neurons for ITSM prior to 2025.4 contained security vulnerabilities. These vulnerabilities stemmed from improper protection of alternative paths, which could allo...

5.7CVSS5.8AI score0.00586EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/23 9:30 p.m.5 views

EUVD-2025-208946

A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...

5.8AI score0.00236EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.5 views

PT-2026-26062

Name of the Vulnerable Software and Affected Versions BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 Description BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery issue in the externalfeed/RSS API component. Authenticated attackers...

5.3CVSS6.1AI score0.12916EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.5 views

PT-2026-26061

Name of the Vulnerable Software and Affected Versions BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 Description BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery issue in the searchWeb API component. Authenticated attackers can...

5.3CVSS6.1AI score0.1743EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2026/03/11 3:27 p.m.3 views

CVE-2026-22248 GLPI affected by Remote Code Execution via malicious upload

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file and trigger its execution through an unsafe PHP...

8CVSS5.9AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:30 a.m.11 views

CVE-2023-43790

iTop is an IT service management platform. By manipulating HTTP queries, a user can inject malicious content in the fields used for the object friendlyname value. This vulnerability is fixed in 3.1.1 and 3.2.0...

5.7CVSS6.8AI score0.0036EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7258

Malware in sbrugna...

6.8CVSS5.4AI score0.00552EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-7256

Malware in sbrugna...

4.3CVSS4.6AI score0.00681EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-7257

Malware in sbrugna...

6.1CVSS6AI score0.00698EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19539

Malware in sbrugna...

7.7CVSS6.3AI score0.00779EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-19479

Malware in sbrugna...

8.7CVSS7.3AI score0.01414EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-19480

Malware in sbrugna...

8.1CVSS4.9AI score0.00808EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-25326

Malware in sbrugna...

7.7CVSS7.3AI score0.00861EPSS
Exploits0References2
Rows per page
Query Builder