Lucene search
K

126717 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 7:17 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pillow-12.1.0-cp311-cp311-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-25990.

Summary IBM Maximo Application Suite - Monitor Component uses pillow-12.1.0-cp311-cp311-manylinux227x8664.manylinux228x8664.whl which is vulnerable to CVE-2026-25990. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25990 DESCRIPTION: Pillow is...

8.6CVSS6AI score0.00367EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 7:15 a.m.6 views

Security Bulletin: IBM Edge Data Collector uses virtualenv-20.26.6-py3-none-any.whl which is vulnerable to CVE-2026-22702.

Summary IBM Edge Data Collector uses virtualenv-20.26.6-py3-none-any.whl which is vulnerable to CVE-2026-22702. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-22702 DESCRIPTION: virtualenv is a tool for creating isolated virtual python...

4.5CVSS5.8AI score0.00085EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 7:10 a.m.7 views

Security Bulletin: IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2026-22701.

Summary IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2026-22701. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelock is a platform-independent file lock for Python. Prior to...

5.3CVSS5.8AI score0.00115EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 7:4 a.m.6 views

Security Bulletin: IBM Edge Data Collector uses axios-1.12.2.tgz, axios-1.13.2.tgz which is vulnerable to CVE-2026-25639.

Summary IBM Edge Data Collector uses axios-1.12.2.tgz, axios-1.13.2.tgz which is vulnerable to CVE-2026-25639. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25639 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js...

7.5CVSS7.3AI score0.02591EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 7:3 a.m.4 views

Security Bulletin: IBM Edge Data Collector uses PyNaCl-1.4.0-cp35-abi3-manylinux1_x86_64.whl which is vulnerable to CVE-2025-69277.

Summary IBM Edge Data Collector uses PyNaCl-1.4.0-cp35-abi3-manylinux1x8664.whl which is vulnerable to CVE-2025-69277. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-69277 DESCRIPTION: libsodium before ad3004e, in atypical use cases involving...

4.5CVSS6AI score0.00166EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 7:2 a.m.14 views

Security Bulletin: IBM Edge Data Collector uses django-4.2.27-py3-none-any.whl which is vulnerable to CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285, CVE-2026-1287, CVE-2026-1312.

Summary IBM Edge Data Collector uses django-4.2.27-py3-none-any.whl which is vulnerable to CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285, CVE-2026-1287, CVE-2026-1312. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-13473...

8.5CVSS7.3AI score0.09436EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 7:1 a.m.7 views

Security Bulletin: IBM Edge Data Collector uses bytes-1.10.0.crate which is vulnerable to CVE-2026-25541.

Summary IBM Edge Data Collector uses bytes-1.10.0.crate which is vulnerable to CVE-2026-25541. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 to before...

7.5CVSS5.7AI score0.00559EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 6:57 a.m.5 views

Security Bulletin: IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2025-68146.

Summary IBM Edge Data Collector uses filelock-3.12.2-py3-none-any.whl which is vulnerable to CVE-2025-68146. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelock is a platform-independent file lock for Python. In version...

6.5CVSS7.3AI score0.00184EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 5:52 a.m.6 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to rhino

Summary IBM webMethods BPM uses rhino to embed a JavaScript engine for executing internal scripts related to business logic and configuration. Vulnerability Details CVEID:CVE-2025-66453 DESCRIPTION: Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1,...

7.5CVSS6.8AI score0.00231EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2026/03/30 12:0 a.m.127 views

📄 Bludit CMS Shell Upload

Bludit CMS versions prior to 3.18.4 have an unrestricted API file upload vulnerability that allows for remote code execution. Exploit Title: Bludit CMS . The uploadFile function performs no file extension or content validation, allowing upload of PHP webshells that execute as www-data. The API...

8.8CVSS6.1AI score0.01919EPSS
Exploits4
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.3 views

Study of Post Quantum Status of Widely Used Protocols

The advent of quantum computing poses significant threats to classical public-key cryptographic primitives such as RSA and elliptic-curve cryptography. As many critical network and security protocols depend on these primitives for key exchange and authentication, there is an urgent need to...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.22 views

Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities: Resource Estimates and Mitigations

This whitepaper seeks to elucidate implications that the capabilities of developing quantum architectures have on blockchain vulnerabilities and mitigation strategies. First, we provide new resource estimates for breaking the 256-bit Elliptic Curve Discrete Logarithm Problem, the core of modern...

6AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/30 12:0 a.m.131 views

📄 Forcepoint One Endpoint macOS 25.08.5008 DLP Bypass

Forcepoint One Endpoint DLP Endpoint for macOS version 25.08.5008 with DLP Policy Engine version 10.2.0.298 allows a local standard non-admin user to bypass DLP content inspection and policy enforcement by sending SIGSTOP to user-owned browser helper processes Websense Endpoint Helper,...

6.5CVSS6.6AI score0.00952EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.7 views

PT-2026-36070

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description A crash in the dissection engine during LZ77 decompression can lead to a denial of service. LZ77 is a lossless data compression algorithm that replaces...

7.5CVSS6AI score0.00195EPSS
Exploits17References103
Packet Storm
Packet Storm
added 2026/03/30 12:0 a.m.122 views

📄 Ghost CMS 6.19.0 SQL Injection

Ghost CMS versions 3.24.0 through 6.19.0 suffer from a remote SQL injection vulnerability via the content API. Exploit Title: Ghost CMS Unauthenticated SQLi via Content API Date: 2026-03-30 Exploit Author: Maksim Rogov Exploit Licence: GPL-3.0 Software Link: https://ghost.org/ Version: Ghost =...

9.4CVSS6AI score0.69996EPSS
Exploits7
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/30 12:0 a.m.7 views

Security update for obs-service-recompress, obs-service-tar_scm (moderate)

openSUSE Security Update: Security update for obs-service-recompress, obs-service-tarscm Announcement ID: openSUSE-SU-2026:0109-1 Rating: moderate References: 1076410 1082696 1105361 1107507 1107944 1127353 1127907 1138377 1168573 1212476 1216361 927120 967265 Cross-References: CVE-2018-12473...

9.8CVSS6.6AI score0.01817EPSS
Exploits0References13
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/29 11:41 p.m.10 views

Security Bulletin: IBM Content Navigator is affected by Apache Xerces2

Summary IBM Content Navigator is affected by multiple vulnerabilities in the Apache Xerces2 Java XML parser library. CVE-2009-2625 and CVE-2022-23437 describe infinite loop conditions triggered by malformed XML input, leading to application hang or denial of service. CVE-2012-0881 allows CPU...

7.8CVSS6.7AI score0.3038EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/29 11:39 p.m.6 views

Security Bulletin: IBM Content Navigator is affected by CVE-2025-46392

Summary IBM Content Navigator is affected by CVE-2025-46392, an Uncontrolled Resource Consumption vulnerability CWE-400 in Apache Commons Configuration 1.x commons-configuration-1.7.jar. Vulnerability Details CVEID:CVE-2025-46392 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in...

6.5CVSS7AI score0.01663EPSS
Exploits0Affected Software1
Anthropic
Anthropic
added 2026/03/29 8:40 p.m.11 views

ANT-2026-VS18SA90 · nginx · Arbitrary File Write

arbitrary-file-write critical CVE-2026-27654 Severity Claude critical · Security research firm critical · Maintainer - Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Calif. ANT-2026-VS18SA90: unauthenticated remot...

8.8CVSS6.5AI score0.21621EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/03/29 6:7 p.m.168 views

Exploit for Out-of-bounds Read in Microsoft

!CVEhttps://img.shields.io/badge/CVE-2025--60709-FF0000?styl...

7.8CVSS6.6AI score0.00503EPSS
Exploits2
Rows per page
Query Builder