Lucene search
K

12479 matches found

Vulnrichment
Vulnrichment
added 2026/05/25 7:25 a.m.11 views

CVE-2026-9490 Acer Care Center creates a Named Pipe with a weak Security Descriptor

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message message type 0x03 to the pipe, causing the service ...

6.8CVSS5.8AI score0.00173EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.17 views

PT-2026-43021

Name of the Vulnerable Software and Affected Versions Acer Care Center affected versions not specified Description The ACCSvc service creates a Named Pipe with a weak Security Descriptor. This allows an authenticated local user to connect and send a specially crafted message of type 0x03 to the...

6.8CVSS5.5AI score0.00173EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/24 12:0 a.m.22 views

mcphost-0.34.0-5.1 on GA media (moderate)

mcphost-0.34.0-5.1 on GA media Announcement ID: openSUSE-SU-2026:10845-1 Rating: moderate Cross-References: CVE-2026-33814 CVE-2026-39827 CVE-2026-39831 CVE-2026-39832 CVE-2026-39835 CVSS scores: CVE-2026-33814 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-39827 SUSE : 6.5...

8.7CVSS5.8AI score0.00781EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: HikariCP (UTSA-2026-016726)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016726 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

5.9CVSS7AI score0.99999EPSS
Exploits20References4
Fedora
Fedora
added 2026/05/21 12:57 a.m.12 views

[SECURITY] Fedora 44 Update: pgadmin4-9.15-1.fc44

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

9.9CVSS5.8AI score0.01444EPSS
Exploits1
Cisco
Cisco
added 2026/05/20 4:0 p.m.10 views

Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability

A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input. An...

4.7CVSS6.2AI score0.00438EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 10:9 a.m.11 views

RHSA-2026:19027 Red Hat Security Advisory: grafana security update

Bulletin has no description...

7.5CVSS7.2AI score0.00728EPSS
Exploits0References11
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/20 6:21 a.m.18 views

Movable Type vulnerable to missing authorization

Overview Movable Type provided by Six Apart Ltd. contains the following vulnerability. Missing authorization CWE-862 - CVE-2026-44392 Six Apart Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Six Apart Ltd. coordinated under the Information...

5.3CVSS5.8AI score0.00249EPSS
Exploits0References5
Rosalinux
Rosalinux
added 2026/05/19 1:32 p.m.13 views

Advisory ROSA-SA-2026-3272

software: harfbuzz 7.0.1 OS: ROSA-CHROME unaffected versions = harfbuzz-7.0.1-3 affected versions harfbuzz-7.0.1-3 CVE-ID: CVE-2026-22693 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A null pointer dereferencing vulnerability in HarfBuzz is related to a lack of validation of the hbmalloc return value...

5.3CVSS5.7AI score0.00377EPSS
Exploits1
SUSE Linux
SUSE Linux
added 2026/05/18 7:51 a.m.10 views

Security update for valkey

This update for valkey fixes the following issues CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243:...

7.7CVSS6.5AI score0.02995EPSS
Exploits4References12
Photon
Photon
added 2026/05/16 12:0 a.m.13 views

Moderate Photon OS Security Update - PHSA-2026-4.0-1020

Updates of 'curl' packages of Photon OS have been released...

5.3CVSS5.8AI score0.00471EPSS
Exploits1
OSV
OSV
added 2026/05/15 10:15 a.m.13 views

RHSA-2026:17689 Red Hat Security Advisory: firefox security update

Bulletin has no description...

7.5CVSS6AI score0.04938EPSS
Exploits1References153
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/15 4:57 a.m.12 views

Multiple vulnerabilities in "Musetheque V4 Information Disclosure for IPKNOWLEDGE"

Overview Musetheque V4 Information Disclosure for IPKNOWLEDGE provided by Fujitsu Japan Limited contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2026-24662 Cross-site request forgery CWE-352 - CVE-2026-28761 Nozomi Iimura, Sho Odagiri of GMO Cybersecurity by Ierae...

8.5CVSS6.6AI score0.00134EPSS
Exploits0References6
Cisco
Cisco
added 2026/05/14 4:0 p.m.42 views

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability...

10CVSS6.2AI score0.88496EPSS
Exploits4References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/14 7:16 a.m.15 views

WPS Office improper access restriction to its named pipe

Overview WPS Office provided by WPS SOFTWARE PTE. LTD. contains a service program running background and providing certain functionalities to the other programs. This service program uses a named pipe to communicate with the other programs. The named pipe above is not properly protected and any...

7.8CVSS7.3AI score0.00336EPSS
Exploits2References4
Fedora
Fedora
added 2026/05/14 4:3 a.m.21 views

[SECURITY] Fedora 42 Update: python-django5-5.2.14-1.fc42

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

9.8CVSS5.8AI score0.00769EPSS
Exploits1
EUVD
EUVD
added 2026/05/13 9:32 p.m.9 views

EUVD-2026-30106

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The...

7.1CVSS5.9AI score0.00278EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:53 p.m.8 views

CVE-2026-44379

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, MISP Collections did not enforce RFC 4122 UUID validation on the uuid field. As a result, a user able to create or modify Collection records could submit malformed UUID values, potentially causing integrity issues o...

5.3CVSS5.9AI score0.00178EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/12 10:24 p.m.18 views

CVE-2026-43685

CVE-2026-43685 is a Remote Code Execution vulnerability in Claris FileMaker Cloud. An Admin Console user can inject arbitrary operating system commands via unsanitized input in the External ODBC Data Source connection test feature. The issue is fixed in FileMaker Cloud 2.22.0.5. Documents provide...

7.2CVSS6AI score0.00457EPSS
Exploits0References1Affected Software1
Intel
Intel
added 2026/05/12 12:0 a.m.14 views

Intel® EMA Software Advisory

Summary: A potential security vulnerability in the Intel® Endpoint Management Assistant EMA software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35990 Description: Improper input validation...

8.7CVSS5.7AI score0.00188EPSS
Exploits0
Rows per page
Query Builder