Lucene search
K

573 matches found

RedHat Linux
RedHat Linux
added 2 days ago5 views

Important: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.4AI score0.0078EPSS
Exploits1References8
NVD
NVD
added 3 days ago7 views

CVE-2026-48286

Adobe Campaign Classic ACC versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS0.00712EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-48286

Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability (CWE-863) that could permit arbitrary code execution in the context of the current user. Exploitation does not require user interaction, and the impact is limited to the use...

10CVSS6.4AI score0.00712EPSS
Exploits0References1Affected Software1
NVD
NVD
added 4 days ago7 views

CVE-2026-57498

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, Coolify's API controllers consistently validate server ownership with Server::whereTeamId$teamId before any operation. However, multiple Livewire web UI components accept...

9.6CVSS0.00223EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 5:45 p.m.46 views

CVE-2026-44020

Docling (USPTO patent XML parsers in the Docling stack) contains an XXE vulnerability in the XML parser used by the USPTO patent formats. From 2.13.0 through 2.74.0, the USPTO patent XML parser used xml.sax.parseString() without protections against external entity references, enabling attackers t...

9.4CVSS6AI score0.00334EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in LibreOffice

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint servers. An additional scheme ‘vnd.libreoffice.command’ specific to LibreOffice was added. In the affected versions of LibreOffice, links using this scheme could be used to invoke internal macr...

6.3CVSS6.8AI score0.04354EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk.Authenticated users can trigger a denial-of-service attack by using specially crafted, overly long pattern matching on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST, and ACL definitions. Matchi...

6.5CVSS6.3AI score0.01009EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 5:7 p.m.6 views

EUVD-2026-37767

In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists...

4.3CVSS5.3AI score0.00217EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/17 1:30 p.m.6 views

WordPress wpDataTables plugin <= 7.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Expatch in WordPress Plugin wpDataTables versions = 7.4...

9.3CVSS6AI score0.00283EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.27 views

CVE-2025-59563 WordPress Sonaar theme <= 4.27.4 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in Sonaar = 4.27.4 versions...

8.8CVSS0.00378EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48929

Name of the Vulnerable Software and Affected Versions NanaZip versions 3.0.1000.0 through 6.0.1697.0 Description A heap out-of-bounds read exists in the Android Verified Boot AVB vbmeta image parser via the upstream 7-Zip AvbHandler. An unsigned integer underflow in a bounds check allows an...

5.4CVSS5.2AI score0.0017EPSS
Exploits0References4
CVE
CVE
added 2026/06/11 2:34 p.m.23 views

CVE-2026-7870

CVE-2026-7870 affects IBM i 7.3–7.6 (5770-SS1). Root cause: an unqualified library call (CWE-427) could let a user’s code run with administrator privileges, enabling privilege escalation. Impact: allows elevated rights, with CVSSv3.1 base score 8.8 (HIGH) — attack vector: network, complexity: low...

8.8CVSS5.5AI score0.00343EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.8 views

CVE-2026-49938

A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 8:59 p.m.22 views

CVE-2026-47938

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-47938) that could lead to arbitrary code execution in the context of the current user without user interaction. CVSSv3.1 base score 10.0 (CRITICAL), vect...

10CVSS5.5AI score0.00449EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 8:59 p.m.32 views

CVE-2026-48303

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability (CWE-863) that could allow arbitrary code execution in the context of the current user. Exploitation does not require user interaction; the CVSS 3.1 vector is AV:N/AC:L/PR:N...

10CVSS6.2AI score0.00553EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 8:59 p.m.8 views

CVE-2026-48303 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS6.2AI score0.00553EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 8:59 p.m.38 views

CVE-2026-48303 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS0.00553EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.12 views

EUVD-2026-35442

A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via...

6.5CVSS5.4AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 2:27 p.m.29 views

CVE-2026-49938

A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via...

6.5CVSS0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-48278

Name of the Vulnerable Software and Affected Versions Adobe Campaign Classic ACC versions prior to 7.4.3 build 9395 Description An incorrect authorization issue exists that could allow arbitrary code execution in the context of the current user. This flaw can be exploited without requiring any us...

10CVSS6.2AI score0.00553EPSS
Exploits0References9
Rows per page
Query Builder