Lucene search
+L

51884 matches found

osv
osv
added tomorrow2 views

UBUNTU-CVE-2026-9494

An information disclosure vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process, the secret bearer token is embedded directly in...

5.5CVSS6.1AI score
Exploits0References3
ibm
ibm
added 4 hours ago1 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty

Summary SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-11806 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3...

9.8CVSS6.1AI score0.00472EPSS
Exploits0Affected Software1
ibm
ibm
added 5 hours ago1 views

Security Bulletin: This PowerVM Novalink update is being released to address CVE-2026-14971

Summary A vulnerability on PowerVM Novalink could allow an unintended or unauthorized operations under non-default conditions. PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2026-14971 DESCRIPTION: IBM NovaLink APIs misconfiguration may increase attack surface...

6.1AI score
Exploits0Affected Software1
ibm
ibm
added 5 hours ago1 views

Security Bulletin: Vulnerabilities in IBM WebSphere Application (CVE-2026-50645, CVE-2026-9322, CVE-2026-11541, CVE-2026-4410, CVE-2026-9320, CVE-2026-8646, CVE-2026-11806, CVE-2026-9071, CVE-2026-11546, CVE-2026-5516) affects IBM PowerVM Novalink.

Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain when being deserialized by...

9.8CVSS6.2AI score0.005EPSS
Exploits0Affected Software1
ibm
ibm
added 5 hours ago15 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by uncontrolled resource consumption and denial of service. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain...

7.5CVSS6.1AI score0.0046EPSS
Exploits0Affected Software1
ibm
ibm
added 5 hours ago12 views

Security Bulletin: Multiple Vulnerabilities in IBM Datacap

Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.10 released on December 19, 2025 and IBM Datacap version 9.1.9 Interim Fix 008 released on June 15, 2026 Vulnerability Details CVEID:CVE-2022-23302 DESCRIPTION: JMSSink in all versions of Log4j 1.x is vulnerable to...

9.8CVSS7.2AI score0.66537EPSS
Exploits1Affected Software1
nvd
nvd
added 6 hours ago5 views

CVE-2026-35143

HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability. The application fails to set the "SameSite" attribute on session cookies generated during authentication, which could allow a remote attacker to execute Cross-Site Request Forgery CSRF attacks if additional mitigations,...

3CVSS
Exploits0References1
nvd
nvd
added 7 hours ago8 views

CVE-2026-9494

An information disclosure vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process, the secret bearer token is embedded directly in...

5.5CVSS
Exploits0References1
vulnrichment
vulnrichment
added 7 hours ago3 views

CVE-2026-35143 HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability.

HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability. The application fails to set the "SameSite" attribute on session cookies generated during authentication, which could allow a remote attacker to execute Cross-Site Request Forgery CSRF attacks if additional mitigations,...

3CVSS6.2AI score
Exploits0References1
attackerkb
attackerkb
added 7 hours ago3 views

CVE-2026-35143

HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability. The application fails to set the "SameSite" attribute on session cookies generated during authentication, which could allow a remote attacker to execute Cross-Site Request Forgery CSRF attacks if additional mitigations,...

3CVSS6.2AI score
Exploits0References2
cvelist
cvelist
added 7 hours ago11 views

CVE-2026-35143 HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability.

HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability. The application fails to set the "SameSite" attribute on session cookies generated during authentication, which could allow a remote attacker to execute Cross-Site Request Forgery CSRF attacks if additional mitigations,...

3CVSS
Exploits0References1
cve
cve
added 7 hours ago6 views

CVE-2026-35143

HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability. The application fails to set the "SameSite" attribute on session cookies generated during authentication, which could allow a remote attacker to execute Cross-Site Request Forgery CSRF attacks if additional mitigations,...

3CVSS6.2AI score
Exploits0References1
euvd
euvd
added 7 hours ago3 views

EUVD-2026-44919

HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability. The application fails to set the "SameSite" attribute on session cookies generated during authentication, which could allow a remote attacker to execute Cross-Site Request Forgery CSRF attacks if additional mitigations,...

3CVSS6.2AI score
Exploits0References1
attackerkb
attackerkb
added 8 hours ago3 views

CVE-2026-9494

An information disclosure vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process, the secret bearer token is embedded directly in...

5.5CVSS6.1AI score
Exploits0References2
cve
cve
added 8 hours ago8 views

CVE-2026-9494

An information disclosure vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process, the secret bearer token is embedded directly in...

5.5CVSS6.1AI score
Exploits0References1
cvelist
cvelist
added 8 hours ago10 views

CVE-2026-9494 ubuntu-pro-client Information Disclosure via Cleartext Bearer Token Exposure in Process Command Line

An information disclosure vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process, the secret bearer token is embedded directly in...

5.5CVSS
Exploits0References1
euvd
euvd
added 8 hours ago4 views

EUVD-2026-44910

An information disclosure vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process, the secret bearer token is embedded directly in...

5.5CVSS6.1AI score
Exploits0References1
vulnrichment
vulnrichment
added 8 hours ago3 views

CVE-2026-9494 ubuntu-pro-client Information Disclosure via Cleartext Bearer Token Exposure in Process Command Line

An information disclosure vulnerability exists in Canonical ubuntu-pro-client formerly ubuntu-advantage-tools. The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process, the secret bearer token is embedded directly in...

5.5CVSS6.1AI score
Exploits0References1
ibm
ibm
added 10 hours ago6 views

Security Bulletin: The IBM Common Licensing using IBM® SDK, Java™ Technology Edition affected by multiple vulnerabilities

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2026 Critical Patch Update. For more information please refer to Oracle's April 2026 CPU Advisory and the CVE links referenced below. IBM Common Licensing is...

6.1AI score
Exploits0Affected Software1
ibm
ibm
added 10 hours ago3 views

Security Bulletin: The IBM Common Licensing IBM WebSphere Application Server Liberty could provide weaker than expected security

Summary IBM WebSphere Application Server Liberty could provide weaker than expected security administering security settings when the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0 or appSecurity-5.0 feature is enabled. Vulnerability Details Refer to the security bulletins...

6.1AI score
Exploits0Affected Software1
Rows per page
Query Builder