Lucene search
+L

718 matches found

OSV
OSV
added 2026/05/28 12:0 a.m.11 views

ALSA-2026:21754 Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.117 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
CVE
CVE
added 2026/05/27 8:6 p.m.21 views

CVE-2026-47272

pam_usb for Linux allows local authentication bypass before version 0.9.0 due to pusb_pad_compare() only checking the user-side pad (~/.pamusb/device.pad) and not requiring the system-side pad on the USB device to be present. A local user can delete or obscure their own device.pad to bypass the U...

7.1CVSS5.9AI score0.00119EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.17 views

CVE-2026-48151

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for all paths matching /api/webhooks/schema. As a result, an unauthenticated caller can update the bo...

7.5CVSS0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 4:52 p.m.43 views

CVE-2026-48153

Budibase: CVE-2026-48153 affects Budibase before 3.39.0. The OAuth2 SDK’s fetchToken makes a POST to a builder-supplied URL using plain node-fetch and bypasses the isBlacklisted outbound-fetch path check, and the OAuth2 URL Joi schema has no scheme/host restrictions. This enables SSRF to reach in...

8.5CVSS5.8AI score0.00174EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/27 10:44 a.m.20 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/26 7:43 p.m.8 views

CVE-2026-44836 view_component: Preview Route Can Dispatch Inherited Helper Methods

viewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the preview route derives an example name from the URL and calls it with publicsend. The code does not verify that the requested method is one of the preview...

6.5CVSS5.9AI score0.00343EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 6:16 p.m.26 views

CVE-2026-8856

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

9.1CVSS0.00197EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 5:16 p.m.16 views

CVE-2026-8852

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modfastcgi module...

7.5CVSS0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 5:15 p.m.21 views

EUVD-2026-31921

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 5:10 p.m.21 views

EUVD-2026-31917

IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...

8CVSS6.4AI score0.0026EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 4:58 p.m.53 views

CVE-2026-8855

IBM HTTP Server versions 8.5 and 9.0 are affected by CVE-2026-8855, with remote code execution and denial of service when TLS mutual authentication is configured. The issue is documented by IBM and reflected in NVD with high-severity vectors (NETWORK, no user interaction). The IBM PSIRT bulletin ...

9.8CVSS6.5AI score0.00456EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/26 4:58 p.m.11 views

CVE-2026-8854 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modmemcache...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 4:56 p.m.39 views

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

7.7CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 4:56 p.m.24 views

CVE-2026-8856

IBM HTTP Server 8.5 and 9.0 are affected by CVE-2026-8856, a denial-of-service condition triggered when an attacker with write access to parts of the server configuration can consume resources. The IBM Security Bulletin lists this CVE among multiple vulnerabilities in IBM HTTP Server (bundled wit...

9.1CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/26 4:56 p.m.14 views

EUVD-2026-31896

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modfastcgi module...

7.5CVSS5.8AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 4:54 p.m.13 views

CVE-2026-8850

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modibmupload...

7.5CVSS5.8AI score0.0038EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/26 4:54 p.m.16 views

EUVD-2026-31894

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modibmupload...

7.5CVSS5.8AI score0.0038EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 4:54 p.m.39 views

CVE-2026-8850 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modibmupload...

7.5CVSS0.0038EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/26 6:46 a.m.14 views

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (April 2026)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

5.8AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.12 views

PT-2026-43325

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod fastcgi module...

6.2CVSS5.8AI score0.00197EPSS
Exploits0References2
Rows per page
Query Builder