Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

93 matches found

RedhatCVE
RedhatCVEadded 2026/06/03 4:2 p.m.5 views

CVE-2026-7312

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00343EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/03 4:2 p.m.6 views

CVE-2026-7195

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to...

8.8CVSS5.8AI score0.00366EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/02 1:9 p.m.17 views

CVE-2026-7312

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00343EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/02 1:9 p.m.8 views

CVE-2026-7312 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00343EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/02 1:4 p.m.10 views

EUVD-2026-33918

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00367EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/02 12:0 a.m.9 views

PT-2026-45762

Name of the Vulnerable Software and Affected Versions Progress Sitefinity versions 14.0.7700 through 14.4.8152 Progress Sitefinity versions 15.0.8200 through 15.0.8234 Progress Sitefinity versions 15.1.8300 through 15.1.8335 Progress Sitefinity versions 15.2.8400 through 15.2.8441 Progress...

10CVSS5.8AI score0.00343EPSS
Exploits0References12
Positive Technologies
Positive Technologiesadded 2026/06/02 12:0 a.m.9 views

PT-2026-45759

Name of the Vulnerable Software and Affected Versions Progress Sitefinity versions 14.1.x through 14.3.x Progress Sitefinity versions prior to 14.4.8152 Progress Sitefinity versions prior to 15.0.8234 Progress Sitefinity versions prior to 15.1.8335 Progress Sitefinity versions prior to 15.2.8441...

8.8CVSS5.4AI score0.00366EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/06/02 12:0 a.m.11 views

PT-2026-45763

Name of the Vulnerable Software and Affected Versions Progress Sitefinity versions 8.0.5700 through 13.3.7652 Description Insufficiently protected credentials in web services allow a remote authenticated attacker to obtain plain-text credentials used to connect to the Sitefinity Insight service...

8.7CVSS5.8AI score0.003EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/05/22 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: lighttpd (UTSA-2026-016637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016637 advisory. In lighttpd 1.4.46 through 1.4.63, the modextforwardForwarded function of the modextforward plugin has a stack-based buffer overflow 4 bytes representing -1, as...

5.9CVSS6.6AI score0.08969EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2026/05/08 7:16 a.m.5 views

CVE-2026-44916

In OpenStack Ironic before 35.0.2 in a certain non-default configuration, instanceinfo'kstemplate' is rendered without sandboxing...

3CVSS5.8AI score0.00336EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/07 12:0 a.m.5 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016495 advisory. In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the...

8.1CVSS5.9AI score0.00247EPSS
Exploits0References4
OSV
OSVadded 2026/04/28 6:30 a.m.5 views

GHSA-WQPV-C3PP-3M58 OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

OpenStack Ironic through 25.0.0 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.9AI score0.0057EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2026/04/28 6:30 a.m.4 views

OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

OpenStack Ironic through 25.0.0 allows ipmitool execution in a non-default configuration that has a console interface...

7.2CVSS5.9AI score0.0057EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2026/04/28 6:16 a.m.2 views

DEBIAN-CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

7.2CVSS5.6AI score0.0057EPSS
Exploits0References1
NVD
NVDadded 2026/04/28 6:16 a.m.1 views

CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

7.2CVSS0.0057EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/28 4:53 a.m.1 views

CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.4AI score0.0057EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/28 4:53 a.m.30 views

CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS0.0057EPSS
Exploits0References2
CVE
CVEadded 2026/04/28 4:53 a.m.7 views

CVE-2026-42510

CVE-2026-42510 affects OpenStack Ironic in configurations that are non-default but expose a console interface. OpenStack Ironic prior to 35.0.1 permits ipmitool execution under such configurations, per provided descriptions. The root cause, as stated, is the ability to run ipmitool when a console...

7.2CVSS5.5AI score0.0057EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCveadded 2026/04/28 12:0 a.m.2 views

CVE-2026-42510

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

6.6CVSS5.9AI score0.0057EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/28 12:0 a.m.1 views

PT-2026-35657

CVE-2026-42510 OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface. https://t.co/7WlPP7580G...

6.6CVSS5.5AI score0.0057EPSS
Exploits0References3
Rows per page
Query Builder