Lucene search
K

12174 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

nodejs: Node.js: Certification validation bypass in TLS host verification

A flaw was found in Node.js. An attacker can exploit a vulnerability in the Transport Layer Security TLS host verification process to bypass certification validation. This bypass could allow an attacker to intercept or alter communications, potentially leading to information disclosure or integri...

4.3CVSS6.6AI score0.00258EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday32 views

SolarWinds Web Help Desk < 12.8.8 Hotfix 1 (HF1) - Security Control Bypass

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality. id: CVE-2025-40536 info: name: SolarWinds Web Help Desk 12.8.8 Hotfix 1 HF1 - Security...

9.8CVSS7AI score0.8413EPSS
Exploits4References3
Nuclei
Nuclei
added yesterday34 views

Adobe Experience Manager ≤ 6.5.23.0 - XML Injection

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. id: CVE-2025-54251 info: name: Adobe Experience Manager ≤ 6.5.23.0 - XML Injection author: DhiyaneshDK,assetnote severity: medium description: |...

4.3CVSS6.1AI score0.01609EPSS
Exploits0
Nuclei
Nuclei
added yesterday12 views

Starlette - Improper Validation of Unsafe Equivalence in Input

A flaw was found in Starlette, a lightweight ASGI Asynchronous Server Gateway Interface framework. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP Host request header. This malformed header could cause the request.url to be incorrectly reconstructed, leading...

6.5CVSS6.3AI score0.01438EPSS
Exploits2References2
CVE
CVE
added 2 days ago12 views

CVE-2026-48312

CVE-2026-48312 concerns CAI Content Credentials with improper input validation that enables a security feature bypass and unauthorized write access. The CVSS 3.1 vector indicates a local attack with low attack complexity and no user interaction, resulting in low confidentiality impact and high in...

6.8CVSS6.1AI score0.00163EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48329

ColdFusion is affected by an Insufficient Session Expiration vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user...

2.7CVSS0.00354EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48328

ColdFusion is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user...

7.7CVSS0.00622EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-48332

ColdFusion is affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user...

7.7CVSS0.12002EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48308

Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploit depends on conditions beyond the attacker's control...

5.9CVSS0.00156EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-44552

ColdFusion is affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user...

7.7CVSS6.1AI score0.12002EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-48332 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918)

ColdFusion is affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user...

7.7CVSS0.12002EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-44548

ColdFusion is affected by an Insufficient Session Expiration vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user...

2.7CVSS6.1AI score0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-48329 ColdFusion | Insufficient Session Expiration (CWE-613)

ColdFusion is affected by an Insufficient Session Expiration vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user...

2.7CVSS0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-48328 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user...

7.7CVSS0.00622EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-44543

ColdFusion is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user...

7.7CVSS6.1AI score0.00622EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-48252

Adobe Experience Manager is affected by a Missing Authentication for Critical Function vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not...

8.6CVSS0.00434EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-48000

Adobe Commerce is affected by an Improper Redirect Open Redirect vulnerability that could result in a Security feature bypass. An attacker could construct a malicious URL that redirects a victim to an attacker-controlled site, potentially enabling credential theft and account takeover. Exploitati...

6.1CVSS0.0074EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-47998

Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control...

5.9CVSS0.00612EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-47997

Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control...

5.9CVSS0.00612EPSS
Exploits0References1
NVD
NVD
added 2 days ago3 views

CVE-2026-47988

Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue does not require user interactio...

9.1CVSS0.00542EPSS
Exploits0References1
Rows per page
Query Builder