Lucene search
K

86552 matches found

EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-43922

Improper privilege management in Windows Group Policy allows an authorized attacker to elevate privileges locally...

7.8CVSS6AI score
Exploits0References2
NVD
NVD
added 2 hours ago2 views

CVE-2026-50391

Improper privilege management in Windows Group Policy allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References1
NCSC
NCSC
added 2 hours ago3 views

Vulnerabilities in Microsoft Windows

Microsoft has fixed a very large number of vulnerabilities in Windows. A malicious actor could exploit these vulnerabilities to carry out attacks that could result in the types of damage listed in the table below. The most serious vulnerabilities have the following identifiers: CVE-2026-49172,...

9.9CVSS6.6AI score
Exploits0
OSV
OSV
added 2 hours ago3 views

GHSA-QW5R-PPCG-F8RJ MKP: Unbounded Pod Log Read via Attacker-Controlled `limitBytes`/`tailLines` Causes Memory Exhaustion

Unbounded Pod Log Read via Attacker-Controlled limitBytes/tailLines Causes Memory Exhaustion Summary The MKP Model Context Protocol for Kubernetes server exposes a getresource MCP tool that proxies Kubernetes pod log requests. User-supplied limitBytes and tailLines parameters are parsed as...

7.5CVSS6.2AI score
Exploits0References2
Qualys Blog
Qualys Blog
added 2 hours ago2 views

How Qualys ETM Identity Detects Identity-Based Attacks Faster

Key Takeaways Identity-based attacks are among the fastest and most effective intrusion methods because valid credentials let attackers operate as trusted users. Techniques like Pass-the-Hash, Kerberoasting, Domain Controller Synchronization DCSync, and Authentication Server Response Roasting...

6.2AI score
Exploits0
Cvelist
Cvelist
added 3 hours ago2 views

CVE-2026-50391 Windows Group Policy Elevation of Privilege Vulnerability

...

7.8CVSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 hours ago2 views

CVE-2026-50391 Windows Group Policy Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added 3 hours ago4 views

CVE-2026-50391

Improper privilege management in Windows Group Policy allows an authorized attacker to elevate privileges locally...

7.8CVSS6AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 6 hours ago1 views

Security Bulletin: Multiple vulnerabilities found in CICS Transaction Gateway for Multiplatforms

Summary Multiple vulnerabilities have been found in CICS Transaction Gateway for Multiplatforms due to the use of Apache Tomcat Embed, Spring Web MVC, Spring Boot, Spring Core, Spring Context, Spring Beans and Logback Core. The Apache Tomcat Embed, Spring Web MVC, Spring Boot, Spring Core, Spring...

7.5CVSS7.2AI score0.01916EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 6 hours ago1 views

Security Bulletin: Multiple vulnerabilities found in CICS Transaction Gateway Desktop Edition.

Summary Multiple vulnerabilities have been found in CICS Transaction Gateway Desktop Edition due to the use of Apache Tomcat Embed, Spring Web MVC, Spring Boot, Spring Core, Spring Context, SnakeYAML, Spring Beans, Logback Classic and Logback Core. The Apache Tomcat Embed, Spring Web MVC, Spring...

8.1CVSS7.1AI score0.05666EPSS
Exploits4Affected Software1
Microsoft CVE
Microsoft CVE
added 6 hours ago2 views

Windows Group Policy Elevation of Privilege Vulnerability

Improper privilege management in Windows Group Policy allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score
Exploits0
Citrix
Citrix
added 7 hours ago3 views

Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows Security Bulletin for CVE-2026-53565 and CVE-2026-53566

Severity - High Description of Problem Vulnerabilities have been discovered in the Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client. Refer to the information below for further details: Affected Versions: The following supported versions of Citrix Secure Access Client fo...

8.5CVSS6.2AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 7 hours ago1 views

Security Bulletin: Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2026-23950 DESCRIPTION: node-tar,a...

8.8CVSS6.8AI score0.08279EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 8 hours ago6 views

ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting XSS by providing untrusted input to the Address6 constructor. When an application renders the output of...

8.1CVSS6.9AI score0.00471EPSS
Exploits1References5
The Hacker News
The Hacker News
added 8 hours ago6 views

Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks

Researchers at KU Leuven tested 85 of the most popular crypto wallets that run as browser extensions and found that the wallets themselves leak enough to link and track the people using them. The way these wallets talk to websites and blockchain servers can tie a person's separate addresses...

6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 9 hours ago25 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00385EPSS
Exploits0References11Affected Software9
BDU FSTEC
BDU FSTEC
added 9 hours ago21 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS7.2AI score0.00709EPSS
Exploits1References11Affected Software9
SUSE Linux
SUSE Linux
added 9 hours ago2 views

Security update for afterburn

This update for afterburn fixes the following issues Update to version 5.10.0.git73.b97f772. Security issues fixed: CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. CVE-2026-41677: openssl: out-of-bounds read in PEM password...

8.7CVSS6.2AI score0.00559EPSS
Exploits1References36
SUSE Linux
SUSE Linux
added 9 hours ago2 views

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.10.0.git73.b97f772. Security issues fixed: CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. CVE-2026-41677: openssl: out-of-bounds read in PEM password...

8.7CVSS6.2AI score0.00559EPSS
Exploits1References36
SUSE Linux
SUSE Linux
added 9 hours ago2 views

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.10.0.git73.b97f772. Security issues fixed: CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. CVE-2026-41677: openssl: out-of-bounds read in PEM password...

8.7CVSS6.2AI score0.00559EPSS
Exploits1References36
Rows per page
Query Builder