Lucene search
K

33 matches found

hivepro
hivepro
added 2026/05/15 2:37 p.m.9 views

The Machine Found It First. The Machine Will Exploit It Next.

& For decades, the question behind every CVE has been "who found it, and how fast can attackers catch up?" As of May 12, 2026, the question has flipped. Machines found the bug. Machines will weaponize the next one. The race is no longer human-versus-human with a stopwatch. Discovery Discovery...

9.8CVSS6.3AI score0.01225EPSS
Exploits2
EUVD
EUVD
added 2026/04/09 12:31 p.m.8 views

EUVD-2026-20884

Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue was fixed...

8.8CVSS6AI score0.0027EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.19 views

PT-2026-31314

Name of the Vulnerable Software and Affected Versions ProSolution WP Client plugin for WordPress versions up to and including 1.9.9 Description The ProSolution WP Client plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation within the proSol...

9.8CVSS6.2AI score0.00578EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/01/19 1:27 p.m.5 views

CVE-2026-0949

PEM versions prior to 9.8.1 are affected by a stored Cross-site Scripting XSS vulnerability that allows users with access to the Manage Charts menu to inject arbitrary JavaScript when creating a new chart, which is then executed by any user accessing the chart. By default only the superuser and...

6.5CVSS5.7AI score0.002EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.4 views

Fedora 42 : pgadmin4 (2025-3c80b660e0)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-3c80b660e0 advisory. Update to pgadmin-9.8. Fixes CVE-2025-9636. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

7.9CVSS5.9AI score0.00213EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/08 12:0 a.m.7 views

PT-2025-32386 · Mitel · Micollab +1

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.8 SP2 9.8.2.12 Description: A vulnerability exists in the NuPoint Unified Messaging NPM component that could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input...

9.8CVSS6.7AI score0.00527EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 5:51 p.m.7 views

CVE-2020-21147

RockOA V1.9.8 is affected by a cross-site scripting XSS vulnerability which allows remote attackers to send malicious code to the administrator and execute JavaScript code, because webmain/flow/input/modeemailmAction.php does not perform strict filtering...

4.8CVSS6AI score0.00624EPSS
Exploits1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

LoLLMs 代码注入漏洞

LoLLMs is a large language and multimodal system by the individual developer Saifeddine ALOUI. A code injection vulnerability exists in LoLLMs version 9.8, which stems from the use of the eval function in the Calculate function and could lead to remote code execution...

8.4CVSS8.6AI score0.00435EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/03/12 8:42 p.m.5 views

WordPress WP Recipe Maker plugin <= 9.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin WP Recipe Maker versions = 9.8.0...

6.4CVSS6.9AI score0.00212EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 5:21 p.m.13 views

CVE-2019-2904

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

9.8CVSS7.3AI score0.14264EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/13 12:0 a.m.5 views

LoLLMS 安全漏洞

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A security vulnerability exists in LoLLMS version 9.8. An attacker exploited the vulnerability to cause service disruption, resource exhaustion, and extended downtime...

7.1CVSS6.8AI score0.00202EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.6 views

PT-2024-29293 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.9.x through 9.9.0 Mattermost versions 9.5.x through 9.5.6 Mattermost versions 9.7.x through 9.7.5 Mattermost versions 9.8.x through 9.8.1 Description: The issue arises from the failure to properly validate synced posts...

7.1CVSS7AI score0.00362EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/07/11 12:0 a.m.6 views

EcoStruxure Foxboro DCS Core Control Services Buffer Error Vulnerability

Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric France. A buffer error vulnerability exists in EcoStruxure Foxboro DCS Core Control Services 9.8 and prior versions, which stems from the presence of an...

7.1CVSS6.9AI score0.00148EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/11 12:0 a.m.6 views

Schneider Electric EcoStruxure Foxboro DCS Input Validation Error Vulnerability

Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric France. An input validation error vulnerability exists in Schneider Electric EcoStruxure Foxboro DCS Core Control Services version 9.8 and prior versions, which...

7.8CVSS6.9AI score0.00241EPSS
Exploits0References2
OSV
OSV
added 2024/07/02 7:15 a.m.4 views

CVE-2024-32854

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to privilege escalation...

6.7CVSS5.8AI score0.00157EPSS
Exploits0References1
OSV
OSV
added 2024/07/01 1:15 p.m.11 views

AZL-43024 CVE-2024-6387 affecting package openssh for versions less than 9.8p1-1

A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period...

8.1CVSS6.9AI score0.99506EPSS
Exploits68References1
NCSC
NCSC
added 2023/11/15 12:0 a.m.6 views

Vulnerabilities fixed in HPE Aruba Access Points

Vulnerabilities have been fixed in HPE Aruba Access Points. The vulnerabilities allow a local malicious party to manipulate data, perform a denial-of-service and execute unauthenticated arbitrary code. The vulnerability with attribute CVE-2023-45616 has received a CVSS score assigned of 9.8. HPE...

9.8CVSS6.7AI score0.02132EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/09/26 2:30 a.m.5 views

Trend Micro Mobile Security vulnerable to cross-site scripting

Overview Trend Micro Incorporated has released a security update for Trend Micro Mobile Security. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN. Impact A cross-site scripting attack may be conducted if a user who is logged in to the...

6.1CVSS6.1AI score0.01798EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/06/26 12:0 a.m.7 views

Trend Micro Mobile Security for Enterprise 安全漏洞

Trend Micro Mobile Security for Enterprise is a mobile antivirus from Trend Micro. A security vulnerability exists in Trend Micro Mobile Security for Enterprise version 9.8 SP5, which stems from a file upload vulnerability that could allow an attacker to create arbitrary files on an affected...

6.5CVSS7.1AI score0.02038EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/06/26 12:0 a.m.6 views

Trend Micro Mobile Security for Enterprise 安全漏洞

Trend Micro Mobile Security for Enterprise is a mobile antivirus from Trend Micro. A security vulnerability exists in Trend Micro Mobile Security for Enterprise version 9.8 SP5, which stems from a file upload vulnerability that could allow an attacker to create arbitrary files on an affected...

6.5CVSS7.1AI score0.02038EPSS
Exploits0References3
Rows per page
Query Builder