Lucene search
+L

1178 matches found

CNNVD
CNNVD
added 2026/05/18 12:0 a.m.14 views

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.5, 11.1.5, 10.13.11, and 11.3.4.0 of Mattermost Plugins contain security vulnerabilities. These...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.21 views

PT-2026-41646

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/13 2:21 p.m.12 views

CVE-2026-28961

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information...

4.6CVSS5.8AI score0.0016EPSS
Exploits0References1
ICS
ICS
added 2026/05/12 7:0 a.m.36 views

Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

7.5CVSS5.9AI score0.00125EPSS
Exploits0References11
EUVD
EUVD
added 2026/05/11 9:31 p.m.16 views

EUVD-2026-29265

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information...

5.8AI score0.0016EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 9:18 p.m.22 views

CVE-2026-28961

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information...

4.6CVSS0.0016EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 8:8 p.m.17 views

CVE-2026-28961

The CVE-2026-28961 entry affects macOS Tahoe and is fixed in macOS Tahoe 26.5. The issue could allow an attacker with physical access to a locked device to view sensitive user information; the description notes this was addressed with improved checks. The available documents point to a hardware/s...

4.6CVSS5.8AI score0.0016EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/11 8:8 p.m.34 views

CVE-2026-28961

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information...

0.0016EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 8:8 p.m.10 views

CVE-2026-28961

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information...

5.8AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2026/05/11 10:16 a.m.14 views

CVE-2025-10908

Due to a lack of user account state validation during authentication, locked user accounts can be successfully authenticated using Magic Link or Pass Key methods. This bypasses the intended security control that should prevent access to accounts that have been locked. This vulnerability may allow...

7.3CVSS0.0023EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.13 views

PT-2026-39808

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information...

5.8AI score0.0016EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.12 views

WSO2 Identity Server 安全漏洞

WSO2 Identity Server is an identity authentication server developed by the American company WSO2. WSO2 Identity Server has a security vulnerability that stems from the lack of verification of user account status. This vulnerability may allow locked accounts to be successfully authenticated throug...

7.3CVSS5.8AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.14 views

Apple多款产品 安全漏洞

Apple iOS and other products are owned by the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

7.5CVSS5.9AI score0.0041EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.10 views

SUSE CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/06 12:30 p.m.10 views

EUVD-2026-27753

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.8AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 2026/05/06 12:16 p.m.10 views

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.5CVSS0.00112EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.6 views

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.5CVSS5.8AI score0.00112EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.15 views

PT-2026-37531

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amd/display component where disabling TMDS output turns off the PHY PLL Phase-Locked Loop, causing the OTG Output Timing Generator to remain stuck. This state...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.15 views

PT-2026-36406

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth component where hci store wake reason is called within hci event packet before the per-event minimum payload length is enforced by hci event func. This...

8.1CVSS5.8AI score0.00205EPSS
Exploits0
Veracode
Veracode
added 2026/04/30 7:50 a.m.10 views

Sensitive Information Disclosure

Spring Security is vulnerable to Sensitive Information Disclosure. The vulnerability is due to bypass of timing attack protections in DaoAuthenticationProvider when handling disabled, expired, or locked user states, which allows an attacker to infer user account status through response timing...

3.7CVSS5.2AI score0.00215EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder