Lucene search
+L

507 matches found

CVE
CVE
added 2026/04/01 2:54 p.m.14 views

CVE-2026-4927

CVE-2026-4927 affects Devolutions Server. A flaw in the MFA feature allows users with user-management privileges to obtain other users’ OTP keys via an authenticated API request, exposing sensitive information. Affected versions are 2026.1.6 through 2026.1.11. No remediation details are provided ...

6.5CVSS5.9AI score0.00224EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2026/04/01 12:3 a.m.7 views

@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34574 via parse-server (>=9.6.0-alpha.37 <=9.6.1)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34574 Source advisory: OSV:GHSA-F6J3-W9V3-CQ22...

5.4CVSS5.8AI score0.0021EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29539

Improper access control in the users MFA feature in Devolutions Server allows an authenticated user to bypass administrator-enforced restrictions and remove their own multi-factor authentication MFA configuration via a crafted request. This issue affects Server: from 2026.1.6 through 2026.1.11...

5.9AI score0.00194EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/30 5:40 p.m.8 views

@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34363 via parse-server (>=9.6.0-alpha.37 <=9.6.1)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34363 Source advisory: OSV:GHSA-M983-V2FF-WQ65...

8.2CVSS5.8AI score0.00367EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/29 3:14 p.m.4 views

@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34215 via parse-server (>=9.6.0-alpha.37 <=9.6.1)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34215 Source advisory: SNYK:JS-PARSESERVER-15812212...

8.2CVSS5.8AI score0.00303EPSS
Exploits0
OSV
OSV
added 2026/03/27 5:45 p.m.6 views

BIT-NATS-2026-33247 NATS credentials are exposed in monitoring port via command-line argv

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

7.5CVSS5.9AI score0.00414EPSS
Exploits0References9
vulnersOsv
vulnersOsv
added 2026/03/26 9:53 p.m.7 views

@apollo/server-integration-testsuite (>=5.0.0 <=5.4.0), @commitspark/graphql-api (>=1.0.0-beta.3 <=1.0.0-beta.6) +24 more potentially affected by unknown CVE via @apollo/server (>=5.0.0-rc.0 <=5.4.0)

@apollo/server NPM version =5.0.0-rc.0, =5.0.0, =1.0.0-beta.3, =1.217.0, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.22.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-APOLLOSERVER-15790568...

5.5AI score
Exploits0
NVD
NVD
added 2026/03/25 9:16 p.m.6 views

CVE-2026-2484

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information exposure vulnerability caused by overly verbose error messages...

4.3CVSS0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 8:22 p.m.23 views

CVE-2026-2485 IBM InfoSphere Information Server Cross-Site Scripting

IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

4.8CVSS0.00187EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:20 p.m.7 views

CVE-2026-33223

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header Nats-Request-Info: is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from inbound messages was...

6.4CVSS5.8AI score0.00211EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.9 views

PT-2026-28124

IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

4.8CVSS5.5AI score0.00187EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 7:29 p.m.11 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Undertow

Summary Multiple vulnerabilities in Undertow that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2024-3884 DESCRIPTION: A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the...

9.6CVSS5.8AI score0.01256EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2026/03/24 4:34 p.m.8 views

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-33527 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-33527 Source advisory: OSV:GHSA-JC39-686J-WP6Q...

5.3CVSS5.8AI score0.00255EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 9:48 p.m.14 views

@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-33508 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-33508 Source advisory: OSV:GHSA-6QH5-M6G3-XHQ6...

8.2CVSS5.8AI score0.00345EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 8:45 p.m.7 views

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-33429 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-33429 Source advisory: OSV:GHSA-QPC3-FG4J-8HGM...

6.3CVSS5.8AI score0.00316EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/18 8:22 p.m.8 views

budibase (>=0.0.3 <=0.0.31) potentially affected by CVE-2026-33226 via @budibase/server (>=0.0.1 <=0.0.9)

@budibase/server NPM version =0.0.1, =0.0.3, =0.0.31 Source cves: CVE-2026-33226 Source advisory: SNYK:JS-BUDIBASESERVER-15763528...

8.7CVSS5.8AI score0.00367EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/17 5:40 p.m.8 views

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-32943 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-32943 Source advisory: OSV:GHSA-R3XQ-68WH-GWVH...

3.1CVSS5.8AI score0.00207EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/12 2:20 p.m.9 views

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-32098 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-32098 Source advisory: OSV:GHSA-J7MM-F4RV-6Q6Q...

7.5CVSS5.8AI score0.00288EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/12 2:20 p.m.24 views

@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-32098 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-32098 Source advisory: OSV:GHSA-J7MM-F4RV-6Q6Q...

7.5CVSS5.8AI score0.00288EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/11 12:34 a.m.6 views

@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31872 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31872 Source advisory: SNYK:JS-PARSESERVER-15468853...

8.7CVSS5.8AI score0.00367EPSS
Exploits0
Rows per page
Query Builder