Lucene search
+L

13576 matches found

cve
cve
added 3 days ago5 views

CVE-2026-47632

Azure Monitor Agent Metrics Extension is affected by CVE-2026-47632 due to improper certificate validation, enabling elevation of privileges for an unauthenticated attacker on an adjacent network. Exploitation details are not provided in the connected documents. CVSSv3.1 base score 8.8 (High): AV...

8.8CVSS6.1AI score0.0032EPSS
Exploits0References1Affected Software1
mscve
mscve
added 3 days ago13 views

Active Directory Federation Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Active Directory Federation Services AD FS allows an authorized attacker to perform spoofing over a network...

4.8CVSS6.1AI score0.0038EPSS
Exploits0
mscve
mscve
added 3 days ago9 views

Active Directory Certificate Services Elevation of Privilege Vulnerability

Improper authorization in Active Directory Certificate Services AD CS allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.1AI score0.00802EPSS
Exploits0
osv
osv
added 2026/07/08 2:58 p.m.4 views

SUSE-SU-2026:2799-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions bsc1266290. - CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. - CVE-2025-40341:...

9.8CVSS6.8AI score0.93235EPSS
Exploits50References351
mscve
mscve
added 2026/07/03 2:0 p.m.8 views

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Improper input validation in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.8CVSS6.1AI score0.00479EPSS
Exploits0
cvelist
cvelist
added 2026/07/03 12:56 p.m.40 views

CVE-2026-56015 Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length

Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add passes the prefix string to the trie builder addPrefixToTrie without checking it against the address width. addPrefixToTrie then walks the prefix buffer by prefixlength bits, reading...

0.00537EPSS
Exploits0References2
nvd
nvd
added 2026/07/02 10:16 a.m.10 views

CVE-2026-8482

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS0.00212EPSS
Exploits0References1
euvd
euvd
added 2026/07/02 8:42 a.m.8 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/02 8:42 a.m.44 views

CVE-2026-8482 Information leak in NSRPC client history

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS0.00212EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/07/02 12:0 a.m.12 views

PT-2026-55318

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description M365 Copilot contains an open redirect issue, which occurs when an application redirects users to an untrusted external site. This flaw allows an unauthorized attacker to elevate...

9.3CVSS6AI score0.00531EPSS
Exploits0References9
nvd
nvd
added 2026/07/01 4:16 p.m.13 views

CVE-2026-8480

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...

4.3CVSS0.00087EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/01 2:52 p.m.35 views

CVE-2026-8480 Connection possible to the Administration portal with a revoked certificate

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...

4.3CVSS0.00087EPSS
Exploits0References1
mscve
mscve
added 2026/06/27 8:6 a.m.6 views

batman-adv: v: stop OGMv2 on disabled interface

...

9.8CVSS5.8AI score0.00122EPSS
Exploits0
nessus
nessus
added 2026/06/27 12:0 a.m.7 views

Oracle Linux 9 : thunderbird (ELSA-2026-29940)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-29940 advisory. 140.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.12.0 - Add OpenELA debranding 140.12.0-1 - Update to 140.12.0 ESR Tenab...

9.6CVSS6.1AI score0.00476EPSS
Exploits0References30
nvd
nvd
added 2026/06/26 11:16 a.m.12 views

CVE-2025-7958

A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...

8.5CVSS0.00197EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/26 10:15 a.m.9 views

CVE-2025-7958

A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/26 10:15 a.m.32 views

CVE-2025-7958

Summary (CVE-2025-7958): A code injection vulnerability exists in Trellix Network Security CM and NX. A locally authenticated admin user can trigger arbitrary code execution via the web interface and Alert artifact details. The issue is described as enabling remote-like control within the device ...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/26 10:15 a.m.37 views

CVE-2025-7958

A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...

8.5CVSS0.00197EPSS
Exploits0References1
euvd
euvd
added 2026/06/26 10:15 a.m.7 views

EUVD-2025-210348

A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/25 8:16 a.m.10 views

CVE-2026-12318

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

7.3CVSS5.8AI score0.00263EPSS
Exploits0References5
Rows per page
Query Builder