Lucene search
K

6706 matches found

Vulnrichment
Vulnrichment
added 2026/06/01 4:53 p.m.13 views

CVE-2026-45282 Nextcloud: Logged-in user bypasses share password and download restrictions on Text attachments via documentId leads to unauthorized file access

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authenticated attacker can access attachments of link shares when knowing the share token, circumventing password protection or download...

6.5CVSS5.7AI score0.00294EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/01 4:52 p.m.14 views

EUVD-2026-33706

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, with the knowledge of other users’ principal URL an attacker could possibly send a request to gain full access to their calendar. Therefore, the...

8.1CVSS5.7AI score0.00284EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45473

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a malicious user has access to a file share of a user, they could use this share token to also access the chunking upload directly and see...

6.3CVSS5.7AI score0.00231EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 9:3 a.m.12 views

Security Bulletin: There is a vulnerability in netty-codec-http2-4.1.130.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-33871)

Summary There is a vulnerability in netty-codec-http2-4.1.130.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to...

8.7CVSS6.8AI score0.01125EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 3:2 p.m.12 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses picomatch-2.3.1.tgz, picomatch-4.0.3.tgz which is vulnerable to CVE-2026-33671, CVE-2026-33672

Summary IBM Maximo Application Suite - Visual Inspection component uses picomatch-2.3.1.tgz, picomatch-4.0.3.tgz which is vulnerable to CVE-2026-33671, CVE-2026-33672 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-33671...

7.5CVSS6.1AI score0.00412EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2026/05/26 12:20 p.m.120 views

Exploit for CVE-2007-2447

🛡️ Metasploitable2 Vulnerability Assessment Author: Jaden Julius...

6CVSS7.7AI score0.49759EPSS
Exploits16
ICS
ICS
added 2026/05/26 12:0 a.m.33 views

Hitachi Energy RTU500

SUMMARY Hitachi Energy is aware of vulnerabilities that affect RTU500 product versions listed in this document. If exploited, these vulnerabilities primarily impact product availability, with potential secondary impacts on confidentiality and integrity. Please refer to the Recommended Immediate...

6.2AI score
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.18 views

PT-2026-43079

Name of the Vulnerable Software and Affected Versions Apache Syncope versions 3.0 through 3.0.16 Apache Syncope versions 4.0 through 4.0.5 Apache Syncope version 4.1.0 Description An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL Java Expression Language...

4.9CVSS5.8AI score0.00436EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/05/24 1:16 a.m.80 views

Database-Exploitation-Manual

🛡️ SecDB Auditor - Database Security Compiling Suite & Manual...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/21 10:0 p.m.105 views

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2026-40369: Defensive Analysis of the 12-Byte Windows Kern...

7.8CVSS5.7AI score0.04725EPSS
Exploits4
Snyk
Snyk
added 2026/05/12 9:20 p.m.8 views

Denial of Service (DoS)

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Denial of Service DoS through the handling of system resources. An attacker can cause the application to become unresponsive by sending specially crafted requests that...

8.7CVSS5.8AI score0.2255EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/12 3:17 p.m.8 views

CVE-2026-42498

Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.2 through 9.0.117, from 8.5.24 through 8.5.100, from 7.0.83 through...

7.3CVSS5.8AI score0.00548EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.8 views

An Automated Framework for Cybersecurity Policy Compliance Assessment against Security Control Standards

Organizational cybersecurity policies are often examined to determine whether they adequately comply standard security controls. This task is difficult because control statements are abstract, whereas policy documents describe governance practices in varied natural language. As a result,...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/07 3:56 p.m.19 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-puptoo-rhel9 container image

A new satellite/iop-puptoo-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and...

8.9CVSS6.9AI score0.02667EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/07 3:46 p.m.17 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-host-inventory-frontend-rhel9 container image

A new satellite/iop-host-inventory-frontend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running...

9.8CVSS6.6AI score0.01735EPSS
Exploits0References7
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.28 views

Injection in Confluence Data Center

This High severity Injection vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Injection vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N...

7.5CVSS5.8AI score0.00498EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.31 views

BASM (Broken Authentication & Session Management) in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0,...

9.1CVSS5.8AI score0.00715EPSS
Exploits2
GithubExploit
GithubExploit
added 2026/05/05 6:56 a.m.112 views

vulnhub-writeups

VulnHub Writeups Author: Roman Mares Company: Delt...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:4 p.m.8 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-39304)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-39304 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-39304 DESCRIPTION: Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ...

7.5CVSS5.8AI score0.00896EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.10 views

PT-2026-37096

Name of the Vulnerable Software and Affected Versions PhpSpreadsheet versions prior to 1.30.3 PhpSpreadsheet versions 2.0.0 through 2.1.14 PhpSpreadsheet versions 2.2.0 through 2.4.3 PhpSpreadsheet versions 3.3.0 through 3.10.3 PhpSpreadsheet versions 4.0.0 through 5.5.0 Description When the...

10CVSS6.4AI score0.00712EPSS
Exploits1References16
Rows per page
Query Builder