Lucene search
+L

1407 matches found

nuclei
nuclei
added yesterday74 views

Cacti < 1.2.25 Insecure Deserialization

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. id: CVE-2023-30534 info: name: Cacti 1.2.25 Insecure Deserialization author: k0pak4 severity: medium description: | Cacti is an open source...

4.3CVSS6.7AI score0.02569EPSS
Exploits1References5
nvd
nvd
added 5 days ago8 views

CVE-2026-56238

Capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST globalstats endpoint that allows unauthenticated attackers to read sensitive financial and operational metrics using only the public apikey. Remote attackers can query the /rest/v1/globalstats endpoin...

8.7CVSS0.00368EPSS
Exploits0References2
euvd
euvd
added 5 days ago10 views

EUVD-2026-43223

Capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST globalstats endpoint that allows unauthenticated attackers to read sensitive financial and operational metrics using only the public apikey. Remote attackers can query the /rest/v1/globalstats endpoin...

8.7CVSS6.1AI score0.00368EPSS
Exploits0References2
osv
osv
added 5 days ago2 views

CVE-2026-56238 Capgo - Unauthenticated Information Disclosure via PostgREST global_stats Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST globalstats endpoint that allows unauthenticated attackers to read sensitive financial and operational metrics using only the public apikey. Remote attackers can query the /rest/v1/globalstats endpoin...

8.7CVSS6.1AI score0.00368EPSS
Exploits0References4
cgr
cgr
added 2026/06/26 8:22 p.m.9 views

GHSA-RM3J-F69W-WQMQ vulnerabilities

Vulnerabilities for packages: backup-restore-operator, gitlab-runner-fips, amazon-ssm-agent-fips, crossplane-provider-keycloak, aactl, crossplane-provider-aws-kendra-fips, prometheus-podman-exporter, flux-source-controller, crossplane-provider-azure-sql, nerdctl, docker-machine-driver-linode,...

6.1AI score
Exploits0
cgr
cgr
added 2026/06/26 8:22 p.m.21 views

GHSA-Q4H4-GMJ2-QVW2 vulnerabilities

Vulnerabilities for packages: backup-restore-operator, gitlab-runner-fips, amazon-ssm-agent-fips, crossplane-provider-keycloak, aactl, crossplane-provider-aws-kendra-fips, prometheus-podman-exporter, flux-source-controller, crossplane-provider-azure-sql, nerdctl, docker-machine-driver-linode,...

6.1AI score
Exploits0
attackerkb
attackerkb
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53257

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: enforce HE/EHT cap/oper consistency Xiang Mei reports that mac80211 could crash if ehtcap is set but ehtoper isn't. Rather than fixing that for the individual users, enforce that both HE/EHT have consistent elemen...

5.8AI score0.00104EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2026/06/18 12:0 a.m.11 views

Siemens RUGGEDCOM RST2428P Stack-based Buffer Overflow (CVE-2025-6170)

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...

2.5CVSS6.5AI score0.00202EPSS
Exploits0References3
thn
thn
added 2026/06/16 11:30 a.m.10 views

Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive

Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms. Yet despite this abundance of information, many organizations...

5.5AI score
Exploits0
impervablog
impervablog
added 2026/06/15 8:58 a.m.29 views

Best WAAP Solutions for Enterprise Application Security: How to Choose the Right Platform in 2026

Key Takeaways The major enterprise WAAP solutions evaluated in this guide are Akamai, Cloudflare, F5, Fastly, Fortinet, Imperva, and Radware. In the most recent independent benchmarks, Akamai, Cloudflare, and Imperva were named Leaders in the Forrester Wave: Web Application Firewall Solutions, Q1...

5.8AI score
Exploits0
redhatcve
redhatcve
added 2026/06/10 2:59 a.m.13 views

CVE-2026-44754

The Remote Function Call RFC modules of the Operational Data Provisioning Data Replication API ODP-RFC are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which...

6.6CVSS5.5AI score0.00219EPSS
Exploits0References1
thn
thn
added 2026/06/09 11:30 a.m.21 views

The Hidden Security Risk in Modern Networks: The Work Between Tools

Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant...

5.8AI score
Exploits0
nvd
nvd
added 2026/06/09 1:16 a.m.19 views

CVE-2026-44754

The Remote Function Call RFC modules of the Operational Data Provisioning Data Replication API ODP-RFC are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which...

6.6CVSS0.00219EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/09 12:21 a.m.8 views

CVE-2026-44754

The Remote Function Call RFC modules of the Operational Data Provisioning Data Replication API ODP-RFC are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which...

6.6CVSS5.5AI score0.00219EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.16 views

PT-2026-47537

The Remote Function Call RFC modules of the Operational Data Provisioning Data Replication API ODP-RFC are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which...

6.6CVSS5.5AI score0.00219EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2026/06/08 12:0 a.m.8 views

AI Assurance in UK Defence: Challenges in Operationalising JSP 936

This report examines practical challenges in operationalising JSP 936 Part 1 for AI assurance in UK Defence. Using a structured interpretive review of the directive's requirements, the analysis identifies eight thematic challenge areas adequacy of evidence and argument, management of human...

5.5AI score
Exploits0
redhatcve
redhatcve
added 2026/06/05 7:51 p.m.12 views

CVE-2025-62345

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

2.7CVSS5.4AI score0.00218EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:50 p.m.10 views

CVE-2026-7780

A weakness has been identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function udmstateoperational of the file /src/udm/udm-sm.c of the component smf-registrations Endpoint. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The...

5.3CVSS5.1AI score0.00276EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:31 p.m.13 views

CVE-2026-33570

PowerSYSTEM Center REST API endpoint for devices allows a low privilege authenticated user to access information normally limited by operational permissions...

6.9CVSS5.4AI score0.00161EPSS
Exploits0References1
cisa
cisa
added 2026/06/05 12:0 p.m.63 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-28318link is external SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability This type of vulnerability is a frequent attack vector for malicious...

7.5CVSS5.4AI score0.10659EPSS
In wildExploits2References6
Rows per page
Query Builder