Lucene search
+L

6714 matches found

nuclei
nuclei
added 13 hours ago56 views

FREEDOM Administration - Default Login

The Web GUI configuration panel of Hirsch formerly Identiv and Viscount Enterphone MESH through 2024 ships with default credentials username freedom, password viscount. The administrator is not prompted to change these credentials on initial configuration, and changing the credentials requires ma...

10CVSS7.1AI score0.02329EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2 days ago8 views

PT-2026-57993

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.23 Apache Tomcat versions 10.1.0-M1 through 10.1.56 Apache Tomcat versions 9.0.13 through 9.0.119 Apache Tomcat versions 8.5.38 through 8.5.100 Apache Tomcat versions 7.0.100 through 7.0.109...

9.1CVSS6.1AI score0.00368EPSS
Exploits0References10
nessus
nessus
added 2 days ago6 views

Apache Tomcat 10.1.0.M1 < 10.1.57 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 10.1.57. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.57security-10 advisory. - Improper Handling of URL Encoding Hex Encoding vulnerability in Apache Tomcat's rewrite valve allow...

9.1CVSS6.2AI score0.00376EPSS
Exploits0References5
nessus
nessus
added 2 days ago3 views

Apache Tomcat 9.0.13 < 9.0.120 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.120. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.120security-9 advisory. - Improper Handling of URL Encoding Hex Encoding vulnerability in Apache Tomcat's rewrite valve allowe...

9.1CVSS6.2AI score0.00376EPSS
Exploits0References5
nuclei
nuclei
added 5 days ago110 views

XStream 1.4.18 - Remote Code Execution

XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the...

8.5CVSS7.1AI score0.98124EPSS
Exploits6References5
cisco
cisco
added 2026/07/08 4:0 p.m.29 views

Cisco Advance Notification for Publication of July 15, 2026, Security Advisories

On July 15, 2026, the Cisco Product Security Incident Response Team PSIRT published the following advisories: Cisco Security Advisory CVE ID Security Impact Rating CVSS Base Score Cisco RoomOS Security Hardening Release: July 2026...

8.8CVSS6.1AI score
Exploits0References1
euvd
euvd
added 2026/07/06 9:35 a.m.7 views

EUVD-2026-41865

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the issue...

7.3CVSS5.9AI score0.00399EPSS
Exploits0References1
patchstack
patchstack
added 2026/07/02 12:0 p.m.5 views

WordPress Reviews Widgets for Google, TripAdvisor, Yelp & Recommendations plugin <= 2.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Ilkeggs in WordPress Plugin Trust.Reviews versions = 2.7.3...

6.4CVSS5.9AI score0.00193EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2026/07/02 10:12 a.m.17 views

CVE-2026-44740

A flaw was found in Billy, an interface filesystem abstraction for Go. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing crafted or malformed input. The issue arises from insufficient validation and missing safety mechanisms when processing untrusted...

7.5CVSS6AI score0.00295EPSS
Exploits0References6
redhat
redhat
added 2026/07/01 11:58 p.m.9 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-insights-engine-rhel9 container image

A new satellite/iop-insights-engine-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services,...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References7
susecve
susecve
added 2026/07/01 3:15 a.m.6 views

SUSE CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

6.5CVSS5.9AI score0.00413EPSS
Exploits0References3
nessus
nessus
added 2026/07/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-49434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entrie...

7.5CVSS6AI score0.00659EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/30 9:54 a.m.39 views

CVE-2026-49432 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: STOMP negative content-length enables denial of service

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

0.00844EPSS
Exploits0References1
nvd
nvd
added 2026/06/29 9:16 p.m.9 views

CVE-2026-50229

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...

6.1CVSS0.02569EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/06/29 8:36 p.m.17 views

CVE-2026-50229

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, fro...

5.7AI score0.02569EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.22 views

PT-2026-50976

Name of the Vulnerable Software and Affected Versions CedarJava versions prior to 2.3.6 CedarJava versions prior to 3.4.1 CedarJava versions prior to 4.9.0 Description Improper input handling in the toCedarExpr method on Cedar Value types allows for Cedar-expression injection. The method fails to...

8.8CVSS6.2AI score0.00294EPSS
Exploits0References4
redhat
redhat
added 2026/06/16 11:53 a.m.8 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-insights-engine-rhel9 container image

A new satellite/iop-insights-engine-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services,...

8.9CVSS5.2AI score0.0068EPSS
Exploits0References7
redhat
redhat
added 2026/06/16 8:52 a.m.9 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-advisor-frontend-rhel9 container image

A new satellite/iop-advisor-frontend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services...

10CVSS6.3AI score0.00808EPSS
Exploits10References16
redhat
redhat
added 2026/06/16 8:46 a.m.11 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-remediations-rhel9 container image

A new satellite/iop-remediations-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, an...

7.5CVSS6AI score0.00492EPSS
Exploits1References6
nvd
nvd
added 2026/06/12 10:16 a.m.12 views

CVE-2026-50645

There is no restriction on the amount of attachment headers that a message can contain when being deserialized by Apache CXF, which can lead to uncontrolled resource consumption or a denial of service attack. Users are recommended to upgrade to versions 4.2.2 or 4.1.7, which fix this issue by...

7.5CVSS0.0046EPSS
Exploits0References2
Rows per page
Query Builder