Lucene search
K

1819 matches found

Qualys Blog
Qualys Blog
added 2026/04/07 3:0 p.m.8 views

Signals from the Cloud Security Forecast 2026: Cloud Risk Is Scaling through Design, Not Disruption

Key Takeaways Identity and permissions now determine what is reachable, making them the primary drivers of cloud risk. Runtime exposure, not individual findings, determines how low-risk issues combine into real impact. SaaS and OAuth integrations extend the control plane and amplify blast radius...

6AI score
Exploits0
EUVD
EUVD
added 2026/04/04 12:31 a.m.3 views

EUVD-2018-21728

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

9.8CVSS6.7AI score0.00817EPSS
Exploits0References3
NVD
NVD
added 2026/04/03 10:16 p.m.4 views

CVE-2018-25237

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

9.8CVSS0.00817EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/03 9:22 p.m.3 views

CVE-2018-25237 Hirschmann HiSecOS Buffer Overflow via HTTPS Login

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

9.8CVSS6.7AI score0.00817EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/03 9:22 p.m.1 views

CVE-2018-25237

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

9.8CVSS6.7AI score0.00817EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.7 views

Belden Hirschmann HiSecOS 安全漏洞

Belden Hirschmann HiSecOS is an industrial network security device operating system developed by the American company Belden. Versions of Belden Hirschmann HiSecOS prior to 05.3.03 contained security vulnerabilities. These vulnerabilities stemmed from buffer overflows in the HTTPS login interface...

9.8CVSS6.2AI score0.00817EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.3 views

PT-2026-30247

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

9.8CVSS6.7AI score0.00817EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/04/02 3:31 p.m.7 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +160 more potentially affected by CVE-2026-4636 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.6)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-4636 Source advisory: OSV:GHSA-F2HX-5FX3-HMCVhttps://vulners.com/osv/OSV:GHSA-F2HX-5FX3-...

8.1CVSS5.5AI score0.00346EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/02 3:31 p.m.7 views

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +160 more potentially affected by CVE-2026-4325 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.6)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-4325 Source advisory: OSV:GHSA-RX66-HJ7G-28H7https://vulners.com/osv/OSV:GHSA-RX66-HJ7G-...

5.3CVSS5.4AI score0.0025EPSS
Exploits0
Akamai Blog
Akamai Blog
added 2026/04/02 12:0 p.m.5 views

Compliance Won’t Save Healthcare: Reducing the Blast Radius Will

...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/30 1:9 p.m.143 views

Exploit for Improper Enforcement of Message Integrity During Transmission in a Communication Channel in Freeradius

RADIUS / FreeRADIUS Security Analysis & PoC Systematic securi...

9CVSS7.1AI score0.14859EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/03/26 9:31 p.m.8 views

com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.4.10 <=1.4.11) +62 more potentially affected by CVE-2026-3190 via org.keycloak:keycloak-model-jpa (>=1.0-alpha-1-12062013 <=26.5.5)

org.keycloak:keycloak-model-jpa MAVEN version =1.0-alpha-1-12062013, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =5.1.0-26.1, =2.5.6-24.0, =0.1.1, =0.1.1-rc3 and more Source cves: CVE-2026-3190 Source advisory:...

4.3CVSS5.4AI score0.00319EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 5:4 p.m.6 views

CVE-2026-25344

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through = 2.2.6...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.3 views

CVE-2026-29521

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS5.6AI score0.0011EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.4 views

CVE-2026-4306

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 5:16 p.m.5 views

CVE-2026-25344

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through = 2.2.6...

6.5CVSS0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.29 views

CVE-2026-25344 WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through = 2.2.6...

6.5CVSS0.0027EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-25026 WordPress Team plugin <= 5.0.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through = 5.0.11...

7.5CVSS5.9AI score0.00278EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/24 6:13 p.m.7 views

WordPress WP Job Portal plugin <= 2.4.8 - Unauthenticated SQL Injection via 'radius' Parameter vulnerability

Unauthenticated SQL Injection via 'radius' Parameter vulnerability discovered by Leonid Semenenko lsemenenko in WordPress Plugin WP Job Portal versions = 2.4.8...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References1Affected Software1
Akamai Blog
Akamai Blog
added 2026/03/24 12:0 p.m.4 views

Microsegmentation and Zero Trust: Control the Blast Radius by Design

...

5.8AI score
Exploits0
Rows per page
Query Builder