Lucene search
K

3487 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/22 12:0 a.m.2 views

Vulnerability of the Networking component: Mozilla Firefox, Firefox ESR, and Thunderbird email client’s HTTP browsers allow attackers to bypass existing security restrictions.

The vulnerability of the Networking component: Mozilla Firefox, Firefox ESR, and the email client Thunderbird rely on bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions...

10CVSS5.7AI score0.00459EPSS
Exploits0References16Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/06/10 12:0 a.m.2 views

The vulnerability in the debugging function of the CPython interpreter allows attackers to circumvent security restrictions.

The vulnerability of the debugging function in the CPython interpreter relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...

5.6CVSS6.2AI score0.00132EPSS
Exploits0References7Affected Software2
Redos
Redos
added 2026/06/10 12:0 a.m.8 views

ROS-20260610-73-0008

The vulnerability in Thunderbird is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker who operates remotely to circumvent existing security restrictions...

6.5CVSS5.5AI score0.00191EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.14 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS5.5AI score0.00347EPSS
Exploits1References1
Redos
Redos
added 2026/06/05 12:0 a.m.11 views

ROS-20260605-73-0096

The vulnerability in Firefox is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to circumvent existing security restrictions remotely...

6.5CVSS5.4AI score0.00191EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.24 views

ROS-20260524-73-0027

Vulnerability in docker-ce related to bypassing the authentication procedure by using an alternate path or channel. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions...

8.8CVSS7.3AI score0.08123EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/05/20 1:23 p.m.9 views

CVE-2026-44933

A flaw was found in libzypp. This vulnerability allows a local attacker to bypass security restrictions within the PluginScript component. By exploiting how the system attempts to isolate plugins, an attacker can execute unauthorized programs on the host system with root privileges...

8.5CVSS5.8AI score0.00214EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 9:16 a.m.11 views

node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

A flaw was found in the node-tar library. This vulnerability allows an attacker to craft malicious archives that, when extracted, can bypass intended security restrictions. This leads to arbitrary file overwrite and symlink poisoning, potentially allowing unauthorized modification of files on the...

8.2CVSS6.6AI score0.00334EPSS
Exploits2References6
BDU FSTEC
BDU FSTEC
added 2026/05/18 12:0 a.m.3 views

Vulnerability of the DOM component: The security features of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allow attackers to circumvent existing security restrictions.

Vulnerability of the DOM component: The security of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relies on bypassing authentication using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...

10CVSS5.7AI score0.00309EPSS
Exploits0References9Affected Software4
Veracode
Veracode
added 2026/05/16 5:23 a.m.5 views

Improper Enforcement Of Security Restrictions

github.com/portainer/portainer is vulnerable to improper enforcement of security restrictions. The vulnerability is due to inconsistent enforcement of configured EndpointSecuritySettings on the Docker Swarm service API, which allows an attacker to bypass administrator-defined container security...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References7Affected Software1
Snyk
Snyk
added 2026/05/04 8:11 p.m.15 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the JoinWorkflowSpec process. An attacker can gain unauthorized access to host networking, override service account assignments, modify pod security contexts, add tolerations, or enable service account token...

8.6CVSS5.8AI score0.00424EPSS
Exploits2References2
Snyk
Snyk
added 2026/05/04 8:11 p.m.6 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the JoinWorkflowSpec process. An attacker can gain unauthorized access to host networking, override service account assignments, modify pod security contexts, add tolerations, or enable service account token...

8.6CVSS5.5AI score0.00424EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/04/10 4:3 p.m.2 views

CVE-2026-35655

OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicting tool identity hints from rawInput and metadata. Attackers can spoof tool identities through rawInput parameters to suppress dangerous-tool prompting and bypass security...

6.9CVSS5.8AI score0.00228EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/10 4:3 p.m.5 views

EUVD-2026-21456

OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicting tool identity hints from rawInput and metadata. Attackers can spoof tool identities through rawInput parameters to suppress dangerous-tool prompting and bypass security...

6.9CVSS5.8AI score0.00228EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/10 4:3 p.m.4 views

CVE-2026-35655 OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution

OpenClaw before 2026.3.22 contains an identity spoofing vulnerability in ACP permission resolution that trusts conflicting tool identity hints from rawInput and metadata. Attackers can spoof tool identities through rawInput parameters to suppress dangerous-tool prompting and bypass security...

6.9CVSS5.8AI score0.00228EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2026/03/24 12:0 a.m.7 views

KLA90958 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of...

10CVSS7.2AI score0.01279EPSS
Exploits1References4
CNVD
CNVD
added 2026/03/11 12:0 a.m.5 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13450)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...

9.8CVSS5.8AI score0.00402EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/11 12:0 a.m.3 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-15383)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products, whic...

9.8CVSS5.9AI score0.00229EPSS
Exploits0
CNVD
CNVD
added 2026/03/11 12:0 a.m.4 views

Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2026-13440)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products that...

9.8CVSS5.8AI score0.00483EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome due to insufficient policy enforcement in DevTools, which can be exploited by attackers to bypass security restrictions...

4.3CVSS5.8AI score0.00166EPSS
Exploits0References3
Rows per page
Query Builder