Lucene search
K

15059 matches found

RedHat Linux
RedHat Linux
added 2026/06/19 9:14 a.m.4 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nginx: nginx-1.30.3-2.hum1 aarch64, x8664 nginx-all-modules-1.30.3-2.hum1 noarch nginx-core-1.30.3-2.hum1 aarch64, x8664 nginx-filesystem-1.30.3-2.hum1 noarch nginx-mod-devel-1.30.3-2.hum1 aarch6...

9.2CVSS6.1AI score0.03459EPSS
Exploits1References4
Rockylinux
Rockylinux
added 2026/06/19 6:4 a.m.11 views

postfix security update

An update is available for postfix. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The postfix packages provide a Mail Transport Agent MTA, which supports...

7.5CVSS6.1AI score0.00415EPSS
Exploits0
OSV
OSV
added 2026/06/19 6:4 a.m.12 views

RLSA-2026:25930 Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS6.1AI score0.00415EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 2:25 p.m.5 views

Arbitrary Command Injection

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Arbitrary Command Injection via unsanitized input in the searchemails, replyemail, and archiveemail functions. An attacker can execute...

8.6CVSS6AI score
Exploits0References2
OSV
OSV
added 2026/06/17 12:3 p.m.10 views

RLSA-2026:26205 Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 6:0 a.m.6 views

RLSA-2026:25932 Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/06/17 6:0 a.m.13 views

postfix security update

An update is available for postfix. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The postfix packages provide a Mail Transport Agent MTA, which supports...

7.5CVSS5.7AI score0.00415EPSS
Exploits0
OSV
OSV
added 2026/06/16 12:0 a.m.5 views

ALSA-2026:26205 Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.33 views

RHEL 9 : postfix (RHSA-2026:26205)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26205 advisory. The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffe...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 12:0 a.m.9 views

ALSA-2026:25930 Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 12:0 a.m.5 views

ALSA-2026:25932 Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.19 views

RHEL 8 : postfix (RHSA-2026:25932)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25932 advisory. The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffe...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/06/15 12:0 a.m.9 views

Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

SUSE SLES15 Security Update : nginx (SUSE-SU-2026:2370-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2370-1 advisory. This update for nginx fixes the following issues - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a...

9.2CVSS9AI score0.61469EPSS
Exploits43References22
Cvelist
Cvelist
added 2026/06/13 7:51 a.m.30 views

CVE-2026-2470 Pagelayer <= 2.0.9 - Incorrect Authorization to Authenticated (Contributor+) Mail Relay Configuration via 'contacts'

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.9. This is due to the pagelayersavecontent AJAX handler allowing users with basic post-edit capability to persist...

4.3CVSS0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/13 7:51 a.m.8 views

CVE-2026-2470 Pagelayer <= 2.0.9 - Incorrect Authorization to Authenticated (Contributor+) Mail Relay Configuration via 'contacts'

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.9. This is due to the pagelayersavecontent AJAX handler allowing users with basic post-edit capability to persist...

4.3CVSS5.4AI score0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 8:23 p.m.10 views

CVE-2026-44784 Discourse: Non-staff group owners can see email password in plaintext through group history

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, group owners who are not necessarily admins or moderators can view a group's outgoing email/SMTP credentials in plaintext...

6.5CVSS5.3AI score0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 8:23 p.m.13 views

EUVD-2026-36587

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, group owners who are not necessarily admins or moderators can view a group's outgoing email/SMTP credentials in plaintext...

6.5CVSS5.3AI score0.00231EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/12 7:20 p.m.10 views

WordPress Page Builder: Pagelayer – Drag and Drop website builder plugin <= 2.0.9 - Incorrect Authorization to Authenticated (Contributor+) Mail Relay Configuration vulnerability

Incorrect Authorization to Authenticated Contributor+ Mail Relay Configuration vulnerability discovered by Drew Webber mcdruid in WordPress Plugin PageLayer versions = 2.0.9...

4.3CVSS5.2AI score0.00204EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/12 6:44 p.m.38 views

CVE-2026-50287 Missing Authentication for Critical Function in @agenticmail/mcp

AgenticMail gives AI agents real email addresses and phone numbers. Prior to version 0.9.27, @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCPHTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can...

8.7CVSS0.00359EPSS
Exploits0References1
Rows per page
Query Builder