Lucene search
K

54897 matches found

Hewlett-Packard
Hewlett-Packard
added 2026/05/15 12:0 a.m.21 views

Nuvoton ECHD Key Security Update

Nuvoton has informed HP of a potential security vulnerability identified in Nuvoton TPM NPCT7xx models used in certain HP PC products, which might allow information disclosure. Nuvoton has released firmware mitigation for the potential vulnerability. HP has identified affected platforms and...

3.8CVSS5.8AI score0.00117EPSS
Exploits0Affected Software64
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.13 views

PT-2026-41399

Name of the Vulnerable Software and Affected Versions simplesamlphp-module-casserver versions prior to 7.0.3 Description The software builds file paths for the file-based CAS ticket store by directly concatenating the configured ticket directory with an attacker-controlled ticket identifier. Publ...

8.6CVSS5.5AI score0.00422EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.18 views

PT-2026-41296

PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Execution due to lack of "data" parameter sanitization. An unauthenticated attacker can inject the malicious JavaScript code to the parameter whose value is processed by Node.js and subsequently executed...

10CVSS6AI score0.00648EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Crypt::DSA 安全漏洞

Crypt::DSA is a Perl cryptography module developed by TIMLEGGE’s individual developers, which supports the generation and verification of DSA digital signatures. Versions of Crypt::DSA prior to 1.19 contained security vulnerabilities; these vulnerabilities stemmed from the use of the 2-args open...

6.5CVSS5.8AI score0.00318EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.10 views

PT-2026-41292

Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.5CVSS5.8AI score0.00082EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Crypt::DSA 安全特征问题漏洞

Crypt::DSA is a Perl cryptography module developed by TIMLEGGE’s individual developers, which supports the generation and verification of DSA digital signatures. Versions of Crypt::DSA prior to version 1.20 had security vulnerabilities. These vulnerabilities stemmed from the use of the Perl...

7.3CVSS5.8AI score0.00355EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system developed by Huawei Technologies Co., Ltd. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in HUAWEI HarmonyOS, which stems from issues with the permission control of the...

5.9CVSS5.8AI score0.0008EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system developed by Huawei Technologies Co., Ltd. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in HUAWEI HarmonyOS, which stems from issues with the permission control of the...

5.9CVSS5.8AI score0.00078EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.10 views

PT-2026-41289

Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability...

5.9CVSS5.8AI score0.0008EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.15 views

DHTMLX Diagram 路径遍历漏洞

DHTMLX Diagram is a JavaScript chart component developed by DHTMLX Corporation that supports interactive organizational charts, flowcharts, mind maps, and other chart types. Versions of DHTMLX Diagram prior to 1.1.1 had a path traversal vulnerability. This vulnerability stemmed from path traversa...

9.2CVSS5.8AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.14 views

PT-2026-41283

Permission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

3.6CVSS5.8AI score0.00077EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.14 views

PT-2026-41288

Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability...

5.9CVSS5.8AI score0.00078EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.12 views

Fedora 42 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2026-38623b4fed)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-38623b4fed advisory. nginx-mod-vts: - Rebuild for 1.30.1 nginx-mod-fancyindex: - Rebuild for 1.30.1 nginx-mod-naxsi: - Rebuild for 1.30.1 nginx-mod-headers-more: - Rebui...

9.2CVSS6.1AI score0.61469EPSS
Exploits41References7
SUSE Linux
SUSE Linux
added 2026/05/14 10:33 p.m.10 views

Security update for go1.26

This update for go1.26 fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" does not...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References48
OSV
OSV
added 2026/05/14 10:33 p.m.7 views

SUSE-SU-2026:1861-1 Security update for go1.26

This update for go1.26 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: 'go tool pack' does...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References25
GithubExploit
GithubExploit
added 2026/05/14 8:21 p.m.139 views

Exploit for CVE-2026-42945

AI-Assisted Rediscovery of CVE-2026-42945 in nginx This repos...

9.2CVSS6.2AI score0.61469EPSS
Exploits40
OSV
OSV
added 2026/05/14 8:12 p.m.11 views

CLSA-2026-1778789558 httpd: Fix of CVE-2022-36760

CVE-2022-36760: modproxyajp: fix possible request smuggling via invalid Transfer-Encoding...

9CVSS7AI score0.01879EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.13 views

CVE-2026-45227

Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions by using object-graph introspection primitives. Attackers can use Python introspection techniques to recover the unrestricted...

8.8CVSS6.1AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2026/05/14 7:15 p.m.11 views

CLSA-2026-1778769697 kernel: Fix of 31 CVEs

net: skbuff: propagate shared-frag marker through pskbcopy - HID: ignore non-functional sensor in HP 5MP Camera CVE-2025-21992 - net: fix crash when config small gsomaxsize/gsoipv4maxsize CVE-2024-50258 - ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow CVE-2024-53042 - ALSA:...

7.8CVSS6.5AI score0.00272EPSS
Exploits2References1
EUVD
EUVD
added 2026/05/14 7:3 p.m.9 views

EUVD-2026-30416

Fleet is open source device management software. Prior to version 4.80.1, a vulnerability in Fleet's IP extraction logic allows unauthenticated attackers to bypass API rate limiting by spoofing client IP headers. This may allow brute-force login attempts or other abuse against Fleet instances...

6.9CVSS5.8AI score0.00276EPSS
Exploits0References2
Rows per page
Query Builder