Lucene search
K

2325 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 7 : bind-9.11.4-9.P2.0.1.el7.AXS7 (AXSA:2019-4292:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4292:05 advisory. bind: Incorrect documentation of krb5-subdomain and ms-subdomain update policies CVE-2018-5741 Tenable has extracted the preceding description block directly...

6.5CVSS6.9AI score0.03451EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000779)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000779 advisory. fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service...

4.7CVSS6.7AI score0.00369EPSS
Exploits0References10
NVD
NVD
added 2026/01/15 9:16 p.m.13 views

CVE-2026-21905

A Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the SIP application layer gateway ALG of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow...

8.7CVSS0.00367EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/15 8:19 p.m.4 views

EUVD-2026-2687

A Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the SIP application layer gateway ALG of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow...

8.7CVSS6.5AI score0.00367EPSS
Exploits0References3
CVE
CVE
added 2026/01/15 8:19 p.m.35 views

CVE-2026-21905

CVE-2026-21905 affects Juniper Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC. The vulnerability is a loop with an unreachable exit condition in the SIP application layer gateway (ALG) that can be triggered by processing multiple SIP messages over TCP. This causes the flow management...

8.7CVSS6.6AI score0.00367EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:9 p.m.9 views

CVE-2018-18877

In firmware version MS2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page configmain.php that allows manipulation of the device...

8.8CVSS6.9AI score0.01706EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:48 a.m.7 views

CVE-2009-4409

The 1 CHAP and 2 MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator PPPAC function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use the same challenge for each authentication attempt, which allows remote attackers to bypass authentication via a replay attack...

2.6CVSS7.4AI score0.01356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:20 a.m.7 views

CVE-2021-27596

When a user opens manipulated Autodesk 3D Studio for MS-DOS .3DS files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

4.3CVSS6.9AI score0.00716EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.8 views

CVE-2023-4537

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects ERP XL: from 2020.2.2 through 2023.2...

7.4CVSS7.4AI score0.00611EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.13 views

CVE-1999-0360

MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely...

7.2CVSS7.5AI score0.05576EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.5 views

PT-2026-1631

Name of the Vulnerable Software and Affected Versions Mstoic Shortcodes plugin for WordPress versions prior to 2.1 Description The Mstoic Shortcodes plugin for WordPress is susceptible to Stored Cross-Site Scripting. This occurs through the start parameter of the ms youtube embeds shortcode due t...

6.4CVSS6AI score0.00228EPSS
Exploits0References5
CVE
CVE
added 2026/01/01 3:2 p.m.10 views

CVE-2025-15405

PHPEMS has a CSRF vulnerability in versions up to 11.0 due to manipulation of an unknown function, potentially exploitable remotely. Impact is described as high (C) with network attack vector; remediation per PT-2026-1007 is to upgrade to version 11.0 or later.

8.8CVSS6.3AI score0.00211EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/31 11:5 a.m.7 views

CVE-2025-15244

A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to race condition. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is said to be...

6.3CVSS6.2AI score0.0035EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/31 10:9 a.m.6 views

CVE-2025-15242

A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as...

3.1CVSS3.8AI score0.00207EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.8 views

WordPress Master Slider - Responsive Touch Slider plugin <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode vulnerability

WordPress Master Slider - Responsive Touch Slider plugin = 3.10.6 - Authenticated Contributor+ Stored Cross-Site Scripting via mslayer Shortcode vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Master Slider versions = 3.10.6...

6.4CVSS8.4AI score0.00275EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/12/30 10:15 a.m.5 views

CVE-2025-15242

A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as...

2.3CVSS5.2AI score0.00207EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/11/28 1:5 a.m.15 views

CVE-2025-0657

A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver version drvgen5106-01-2380, allows malformed packets to be sent through BACnet MS/TP network causing the devices to enter a fault state. This fault state requires a manual power cycle to return the device to network visibility...

8.8CVSS6.8AI score0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/27 3:30 a.m.6 views

EUVD-2025-199779

A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver version drvgen5106-01-2380, allows malformed packets to be sent through BACnet MS/TP network causing the devices to enter a fault state. This fault state requires a manual power cycle to return the device to network visibility...

8.8CVSS6.3AI score0.00291EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 4:31 p.m.6 views

Malicious code in @postman/pretty-ms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2d31f7cbd143304b0472244ba5f73daa6e96abbc923b854d2736c5ea7807d16 The package @postman/pretty-ms was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/11/24 4:31 p.m.3 views

MAL-2025-190910 Malicious code in @postman/pretty-ms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2d31f7cbd143304b0472244ba5f73daa6e96abbc923b854d2736c5ea7807d16 The package @postman/pretty-ms was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
Rows per page
Query Builder