Lucene search
+L

1604 matches found

nuclei
nuclei
added 8 hours ago16 views

Apache Tomcat Tribes EncryptInterceptor Bypass - Remote Code Execution

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. id: CVE-2026-34486 info: name: Apache Tomcat Tribes EncryptInterceptor Bypass - Remote...

7.5CVSS7AI score0.21691EPSS
Exploits6References3
nvd
nvd
added 2 days ago3 views

CVE-2026-55019

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00377EPSS
Exploits0References1
nvd
nvd
added 2 days ago4 views

CVE-2026-50497

Off-by-one error in Windows Remote Desktop Protocol allows an unauthorized attacker to disclose information over a network...

6.5CVSS0.00887EPSS
Exploits0References1
cve
cve
added 2 days ago5 views

CVE-2026-50370

CVE-2026-50370 is a heap-based buffer overflow in the Windows DHCP Server service that could allow an unauthenticated attacker on an adjacent network to execute code. The vulnerability is listed among the July 2026 Patch Tuesday disclosures and is included in Microsoft’s security updates (KB50995...

8.8CVSS6.3AI score0.00505EPSS
Exploits0References1
cve
cve
added 2 days ago4 views

CVE-2026-50306

CVE-2026-50306 is a Windows TCP/IP use-after-free vulnerability that allows an authorized, local attacker to elevate privileges. Affected component is the Windows TCP/IP stack; impact is local privilege escalation with high severity (CVSS 3.1: 7.8). Microsoft has released updates (KB5095051, KB50...

7.8CVSS6AI score0.00245EPSS
Exploits0References1
cve
cve
added 2 days ago6 views

CVE-2026-49181

The CVE-2026-49181 entry describes an Integer underflow in the Windows DHCP Client that can allow an unauthorized attacker to elevate privileges over a network. Affected component: Windows DHCP Client (network stack on Windows). Root cause: wrap/underflow in the DHCP client handling. Impact: priv...

7.5CVSS6.1AI score0.00755EPSS
Exploits0References1
cve
cve
added 2 days ago27 views

CVE-2026-50663

CVE-2026-50663 affects Age of Empires II: Definitive Edition. The vulnerability is a relative path traversal in the game that could allow an unauthorized attacker to execute code over the network. The current documents specify the impact as remote code execution with high severity (CVSS 3.1: AV:N...

8.8CVSS6.2AI score0.0065EPSS
Exploits0References1
mscve
mscve
added 2 days ago4 views

Windows Event Logging Service Remote Code Execution Vulnerability

Insufficient granularity of access control in Windows Event Logging Service allows an authorized attacker to execute code over a network...

8CVSS6.2AI score0.00613EPSS
Exploits0
mscve
mscve
added 2 days ago5 views

Windows Network Policy Server SNMP Information Disclosure Vulnerability

Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network...

7.5CVSS6.1AI score0.00754EPSS
Exploits0
ptsecurity
ptsecurity
added 2 days ago5 views

PT-2026-58698

Name of the Vulnerable Software and Affected Versions .NET versions prior to 8.0.29 .NET versions prior to 9.0.18 .NET versions prior to 10.0.10 Description Improper verification of cryptographic signatures allows an unauthenticated attacker to remotely bypass security protections over a network...

8.1CVSS6.1AI score0.00201EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2 days ago8 views

PT-2026-60293

Name of the Vulnerable Software and Affected Versions Zoom Workplace for Windows versions prior to 7.0.0 Description An issue allows unauthenticated account takeover over the network. Recommendations Update Zoom Workplace for Windows to version 7.0.0...

6.1AI score
Exploits0References5
nvd
nvd
added 2026/07/08 9:16 p.m.7 views

CVE-2026-58525

Improper access control in Microsoft Edge Chromium-based allows an unauthorized attacker to bypass a security feature over a network...

8.2CVSS0.00362EPSS
Exploits0References1
nessus
nessus
added 2026/07/08 12:0 a.m.5 views

Juniper Junos OS Vulnerability (JSA110082)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110082 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX with SPC3 and SRX Series allo...

8.2CVSS6.1AI score0.00405EPSS
Exploits0References2
redhat
redhat
added 2026/07/07 1:5 p.m.4 views

389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

7.6CVSS6.2AI score0.0067EPSS
Exploits0References5
cve
cve
added 2026/07/06 8:9 p.m.26 views

CVE-2026-25268

The CVE-2026-25268 issue is a stack-based buffer overflow in WLAN Host caused by memory corruption when processing invalid HT40 channel layouts during dynamic channel switching. Affects WLAN Host with a Local attack vector, requiring Low privileges and no user interaction, and with a changed scop...

8.8CVSS6AI score0.00072EPSS
Exploits0References1Affected Software1
mscve
mscve
added 2026/07/03 2:0 p.m.7 views

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS6.1AI score0.00438EPSS
Exploits0
mscve
mscve
added 2026/07/03 2:0 p.m.5 views

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Improper authorization in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS6.1AI score0.00405EPSS
Exploits0
mscve
mscve
added 2026/07/03 2:0 p.m.11 views

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score0.00429EPSS
Exploits0
nessus
nessus
added 2026/07/03 12:0 a.m.11 views

Security Updates for Windows App Client for Windows Desktop (June 2026)

The Windows app installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. CVE-2026-42908 - Heap-based buffer overflow in Remote Deskt...

8.8CVSS7.4AI score0.01001EPSS
Exploits0References16
euvd
euvd
added 2026/07/02 2:50 p.m.6 views

EUVD-2026-41395

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...

8.6CVSS5.8AI score0.00382EPSS
Exploits0References1
Rows per page
Query Builder