Lucene search
+L

985 matches found

Anthropic
Anthropic
added 2026/04/12 6:11 a.m.15 views

ANT-2026-CN7KX43N · nomad · path-traversal

path-traversal critical CVE-2026-7474 Severity Claude critical · Security research firm critical · Maintainer - Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Doyensec. ANT-2026-CN7KX43N: nomad: path-traversal at...

8.8CVSS6.5AI score0.06892EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.6 views

CVE-2025-62328

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS5.8AI score0.00244EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/03/17 12:30 p.m.7 views

apache-airflow-core (>=3.1.0 <=3.1.7), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +14 more potentially affected by CVE-2026-30911 via apache-airflow (>=3.1.0 <=3.1.7)

apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =12.0.0, =7.0.0, =1.15.0, =0.34.0, =1.9.0, =1.37.0, =1.26.0, =1.26.18rc1 and more Source cves: CVE-2026-30911 Source advisory: OSV:GHSA-8X34-9Q3V-H7G8...

8.1CVSS5.4AI score0.00409EPSS
Exploits0
EUVD
EUVD
added 2026/03/12 12:31 a.m.6 views

EUVD-2025-208603

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS5.8AI score0.00244EPSS
Exploits0References2
NVD
NVD
added 2026/03/11 10:16 p.m.7 views

CVE-2025-62328

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS0.00244EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 10:4 p.m.3 views

CVE-2025-62328

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS5.8AI score0.00244EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/11 10:4 p.m.7 views

CVE-2025-62328 HCL Nomad server on Domino is affected by a missing default frame-ancestors directive

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS5.8AI score0.00244EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 10:4 p.m.14 views

CVE-2025-62328

CVE-2025-62328 affects HCL Nomad server on Domino where the Content-Security-Policy header does not set the frame-ancestors directive by default. This may allow an attacker to obtain sensitive information via unspecified vectors. The CVSS v3.1 base score is 3.7 (LOW) with NETWORK attack vector, H...

3.7CVSS5.8AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 10:4 p.m.29 views

CVE-2025-62328 HCL Nomad server on Domino is affected by a missing default frame-ancestors directive

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.9 views

HCL Nomad Server 安全漏洞

HCL Nomad Server is a server component operated by the Indian company HCL, designed for running enterprise business applications. There is a security vulnerability in HCL Nomad Server on Domino. This vulnerability stems from an improper configuration of the frame-ancestors directive in the...

3.7CVSS5.8AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.7 views

PT-2026-24860

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS5.8AI score0.00244EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/02/05 12:57 p.m.11 views

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions...

10CVSS7AI score0.00627EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/30 10:10 a.m.11 views

CVE-2026-23566

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. Th...

6.5CVSS5.9AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/30 10:10 a.m.8 views

CVE-2026-23568

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked...

8.1CVSS5.9AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/30 10:10 a.m.8 views

CVE-2026-23571

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-RunPkgStatusRequest instruction. Improper input validation allows authenticated attackers with actioner privilege to run elevated arbitrary commands on connected hosts via malicious...

6.8CVSS6AI score0.00659EPSS
Exploits0References1
OSV
OSV
added 2026/01/29 9:16 a.m.6 views

CVE-2026-23566

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. Th...

6.5CVSS5.8AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2026/01/29 9:16 a.m.6 views

CVE-2026-23571

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-RunPkgStatusRequest instruction. Improper input validation allows authenticated attackers with actioner privilege to run elevated arbitrary commands on connected hosts via malicious...

6.8CVSS6AI score0.00659EPSS
Exploits0References1
NVD
NVD
added 2026/01/29 9:16 a.m.8 views

CVE-2026-23571

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-RunPkgStatusRequest instruction. Improper input validation allows authenticated attackers with actioner privilege to run elevated arbitrary commands on connected hosts via malicious...

6.8CVSS0.00659EPSS
Exploits0References1
OSV
OSV
added 2026/01/29 9:16 a.m.7 views

CVE-2026-23564

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...

6.5CVSS5.8AI score0.00134EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/29 8:50 a.m.4 views

CVE-2026-23570 Log timestamp tampering vulnerability in Content Distribution Service

A missing validation of a user-controlled value in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged o...

6.5CVSS5.9AI score0.00696EPSS
Exploits0References1
Rows per page
Query Builder