Lucene search
+L

9883 matches found

nuclei
nuclei
added 13 hours ago74 views

Cacti < 1.2.25 Insecure Deserialization

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. id: CVE-2023-30534 info: name: Cacti 1.2.25 Insecure Deserialization author: k0pak4 severity: medium description: | Cacti is an open source...

4.3CVSS6.7AI score0.02569EPSS
Exploits1References5
euvd
euvd
added yesterday3 views

EUVD-2026-44531

HCL BigFix Platform is affected by a user enumeration vulnerability which might allow an attacker, through careful system control and response time monitoring, to perform some level of user enumeration for the BigFix service...

3.1CVSS6.1AI score0.00153EPSS
Exploits0References2
cve
cve
added 2 days ago10 views

CVE-2026-21840

CVE-2026-21840 — HCL BigFix Platform is reported to have a user enumeration vulnerability. The available documents indicate that an attacker could perform some level of user enumeration for the BigFix service by observing system behavior/response times. The CVSS 3.1 metrics show a low base score ...

3.1CVSS6.1AI score0.00153EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago33 views

CVE-2026-21840 HCL BigFix Platform is affected by a user enumeration vulnerability

HCL BigFix Platform is affected by a user enumeration vulnerability which might allow an attacker, through careful system control and response time monitoring, to perform some level of user enumeration for the BigFix service...

3.1CVSS0.00153EPSS
Exploits0References1
nuclei
nuclei
added 2 days ago79 views

Cacti 1.2.24 - SQL Injection

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...

9.8CVSS7.2AI score0.87688EPSS
Exploits2References5
fedora
fedora
added 5 days ago9 views

[SECURITY] Fedora 44 Update: prometheus-3.13.0-1.fc44

The Prometheus monitoring system and time series database...

9.3CVSS6.1AI score0.00397EPSS
Exploits1
fedora
fedora
added 5 days ago8 views

[SECURITY] Fedora 43 Update: prometheus-3.13.0-1.fc43

The Prometheus monitoring system and time series database...

9.3CVSS6.1AI score0.00397EPSS
Exploits1
nvd
nvd
added 6 days ago7 views

CVE-2026-59155

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. Prior to 2.2.5, the GET /api/v1/ddns and GET /api/v1/notification endpoints return full resource objects including plaintext third-party API credentials, including Cloudflare API tokens, TencentCloud...

6.9CVSS0.00304EPSS
Exploits0References3
cve
cve
added 6 days ago11 views

CVE-2026-59155

Nezha Monitoring (self-hosted) had a credential exposure flaw prior to version 2.2.5. The GET endpoints /api/v1/ddns and /api/v1/notification returned full resource objects that included plaintext third-party API credentials (Cloudflare API tokens, TencentCloud SecretKeys, Slack/Discord/Telegram ...

6.9CVSS6.1AI score0.00304EPSS
Exploits0References3
osv
osv
added 6 days ago4 views

CVE-2026-59155 Nezha Monitoring: DDNS and Notification credential exposure via unredacted list API

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. Prior to 2.2.5, the GET /api/v1/ddns and GET /api/v1/notification endpoints return full resource objects including plaintext third-party API credentials, including Cloudflare API tokens, TencentCloud...

6.9CVSS6.1AI score0.00304EPSS
Exploits0References5
redhatcve
redhatcve
added 6 days ago8 views

CVE-2026-58207

A flaw was found in NATS Server. A client with the ability to send account-scoped connection monitoring requests could crash the server. This is achieved by providing pagination offset and limit values that cause an arithmetic overflow, leading to a Denial of Service DoS. Mitigation Upstream...

7.7CVSS6AI score0.0056EPSS
Exploits0References8
ubuntu
ubuntu
added 6 days ago6 views

USN-8492-5: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.6AI score0.00686EPSS
Exploits4
nessus
nessus
added 6 days ago11 views

Kibana 8.x < 8.18.9 / 8.19.x < 8.19.6 / 9.0.x < 9.0.8 / 9.1.x < 9.1.6 Information Disclosure (ESA-2026-50)

The version of Kibana installed on the remote host is 8.x prior to 8.18.9, 8.19.x prior to 8.19.6, 9.0.x prior to 9.0.8, or 9.1.x prior to 9.1.6. It is, therefore, affected by an information disclosure vulnerability: - Insertion of Sensitive Information into Log File CWE-532 in Kibana can lead to...

4.4CVSS6.1AI score0.00211EPSS
Exploits0References2
snyk
snyk
added 2026/07/08 10:38 p.m.4 views

Integer Overflow or Wraparound

Overview github.com/nats-io/nats-server/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the Connz connection monitoring pagination handler, which...

7.7CVSS6.2AI score0.0056EPSS
Exploits0References2
snyk
snyk
added 2026/07/08 10:38 p.m.5 views

Integer Overflow or Wraparound

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the Connz connection monitoring pagination handler, which...

7.7CVSS6.2AI score0.0056EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/08 8:15 p.m.33 views

CVE-2026-58207 NATS Server: Remote crash via integer overflow in Connz pagination

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying Connz pagination Offset and Limit values that overflowed internal...

7.7CVSS0.0056EPSS
Exploits0References5
nvd
nvd
added 2026/07/08 2:16 p.m.8 views

CVE-2026-15034

A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected by this issue is some unknown functionality. Such manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS0.00222EPSS
Exploits0References9
euvd
euvd
added 2026/07/08 1:30 p.m.5 views

EUVD-2026-42238

A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected by this issue is some unknown functionality. Such manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS5.2AI score0.00222EPSS
Exploits0References9
cvelist
cvelist
added 2026/07/08 1:30 p.m.31 views

CVE-2026-15034 flask-dashboard Flask-MonitoringDashboard cross-site request forgery

A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected by this issue is some unknown functionality. Such manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS0.00222EPSS
Exploits0References9
osv
osv
added 2026/07/08 1:30 p.m.3 views

CVE-2026-15034 flask-dashboard Flask-MonitoringDashboard cross-site request forgery

A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected by this issue is some unknown functionality. Such manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS5.5AI score0.00222EPSS
Exploits0References11
Rows per page
Query Builder