Lucene search
K

93049 matches found

GithubExploit
GithubExploit
added 1 hour ago4 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

─── CVE-2026-0257 ─── 🏴 AMN SECURITY 🏴 مركز أبح...

9.1CVSS6.2AI score0.86678EPSS
Exploits11
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a denial of service vulnerability due to Eclipse Parsson (CVE-2026-9563)

Summary IBM WebSphere Application Server Liberty is affected by a denial of service with the jsonp-2.1 feature enabled. Vulnerability Details CVEID:CVE-2026-9563 DESCRIPTION: In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maxim...

7.5CVSS5.9AI score0.00366EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by an authorization bypass vulnerability (CVE-2026-11714)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by an authorization bypass vulnerability with the apiDiscovery-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS5.9AI score0.00203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by an authorization bypass vulnerability (CVE-2026-11714)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by an authorization bypass vulnerability with the apiDiscovery-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

9.8CVSS5.9AI score0.00203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an authorization bypass vulnerability (CVE-2026-11714)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an authorization bypass vulnerability with the apiDiscovery-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS5.9AI score0.00203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability (CVE-2026-11546)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

9.8CVSS5.9AI score0.00222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a server-side request forgery vulnerability (CVE-2026-11546)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS5.9AI score0.00222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a server-side request forgery vulnerability (CVE-2026-11546)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

9.8CVSS5.9AI score0.00222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an arbitrary file read vulnerability (CVE-2026-11806)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS6AI score0.00472EPSS
Exploits0Affected Software1
NVD
NVD
added yesterday4 views

CVE-2026-48954

Improper validation leads to a generic XSS vector in the language override feature...

8.4CVSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by uncontrolled resource consumption and denial of service. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain...

7.5CVSS6AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.1.0 Vulnerability Details CVEID:CVE-2016-1000027 DESCRIPTION: Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution RCE issue if used for Java deserialization of untrusted data...

9.8CVSS7.5AI score0.51547EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v10.0.8.10 Vulnerability Details CVEID:CVE-2026-33244 DESCRIPTION: React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improper neutralization of the...

8.1CVSS7.1AI score0.00838EPSS
Exploits3Affected Software1
RedHat Linux
RedHat Linux
added yesterday4 views

jastow: Jastow Cross-Site Scripting attack due to unsanitized URI

A flaw was found in Jastow. Jastow is vulnerable to Cross-Site Scripting XSS attack. If using a set of combined configuration to allow unescaped characters in URL with embedded Undertow and Jastow, a server might be vulnerable to improper input handling...

6.5CVSS5.9AI score
Exploits0References4
RedHat Linux
RedHat Linux
added yesterday4 views

jastow: Jastow Cross-Site Scripting attack due to unsanitized URI

A flaw was found in Jastow. Jastow is vulnerable to Cross-Site Scripting XSS attack. If using a set of combined configuration to allow unescaped characters in URL with embedded Undertow and Jastow, a server might be vulnerable to improper input handling...

6.5CVSS5.9AI score
Exploits0References4
RedHat Linux
RedHat Linux
added yesterday4 views

jastow: Jastow Cross-Site Scripting attack due to unsanitized URI

A flaw was found in Jastow. Jastow is vulnerable to Cross-Site Scripting XSS attack. If using a set of combined configuration to allow unescaped characters in URL with embedded Undertow and Jastow, a server might be vulnerable to improper input handling...

6.5CVSS5.9AI score
Exploits0References4
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2026-48954 Joomla! Core - [20260708] - XSS through language overrides

Improper validation leads to a generic XSS vector in the language override feature...

8.4CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added yesterday4 views

CVE-2026-48954 Joomla! Core - [20260708] - XSS through language overrides

Improper validation leads to a generic XSS vector in the language override feature...

8.4CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-48954

Improper validation leads to a generic XSS vector in the language override feature...

8.4CVSS5.9AI score
Exploits0References2Affected Software1
EUVD
EUVD
added yesterday3 views

EUVD-2026-42059

Improper validation leads to a generic XSS vector in the language override feature...

8.4CVSS5.9AI score
Exploits0References1
Rows per page
Query Builder