Lucene search
K

276237 matches found

CNNVD
CNNVD
added 2026/02/05 12:0 a.m.8 views

Drive Software Free Desktop Clock 安全漏洞

Drive Software Free Desktop Clock is a clock software developed by the Drive Software company. Version 3.0 of Drive Software Free Desktop Clock contains a security vulnerability. This vulnerability stems from a stack overflow issue when entering time zone names, which may lead to the execution of...

9.8CVSS6.1AI score0.00551EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.9 views

PT-2026-7184

Name of the Vulnerable Software and Affected Versions FUXA versions prior to 1.2.10 Description FUXA is a web-based Process Visualization software. A flaw exists that allows a remote, unauthenticated attacker to gain administrative access and execute arbitrary code on the server. This is possible...

10CVSS6.1AI score0.00677EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.5 views

PT-2026-6523

EVE: SSH as Root Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...

8.8CVSS5.4AI score0.0016EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.6 views

PT-2026-6662

Name of the Vulnerable Software and Affected Versions FUXA versions through 1.2.9 Description FUXA is a web-based Process Visualization software. An authorization bypass allows a remote attacker to modify device tags via WebSockets. Exploitation bypasses role-based access controls, enabling...

9.3CVSS5.4AI score0.00479EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.11 views

Mitsubishi Electric FREQSHIP-mini 安全漏洞

Mitsubishi Electric FREQSHIP-mini is an automatic power supply shutdown software developed by Mitsubishi Electric, a Japanese company. There are security vulnerabilities in the versions of Mitsubishi Electric FREQSHIP-mini from 8.0.0 to 8.0.2. These vulnerabilities stem from improper default...

8.8CVSS7.3AI score0.00148EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.7 views

PT-2026-6581

Name of the Vulnerable Software and Affected Versions 10-Strike Network Inventory Explorer version 9.03 Description The software contains a buffer overflow issue in the file import functionality that enables remote attackers to run code without authorization. An attacker can create a specially...

9.8CVSS6.5AI score0.0063EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.8 views

GCafé 代码问题漏洞

GCafé is a software developed by the GCafé company. Version 3.0 of GCafé has code vulnerabilities; these vulnerabilities stem from service paths in the gbClientService that are not properly quoted. This could allow local attackers to execute arbitrary code and gain elevated privileges...

8.5CVSS7.7AI score0.0015EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1412)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1412 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expecte...

8.9CVSS5.9AI score0.01141EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.9 views

Tanium Deploy 安全漏洞

Tanium Deploy is a software management module developed by the American company Tanium. Tanium Deploy has a security vulnerability, which stems from improper input validation...

8.8CVSS5.8AI score0.00339EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/02/05 12:0 a.m.131 views

📄 Online Admission Software 2.6 Insecure Direct Object Reference

Online Admission Software version 2.6 suffers from an insecure direct object reference vulnerability. ============================================================================================================================================= | Title : Online Admission Software 2.6 IDOR...

5.3AI score
Exploits0
OSV
OSV
added 2026/02/05 12:0 a.m.1 views

OPENSUSE-SU-2026:10150-1 cockpit-subscriptions-14.4-2.1 on GA media

These are all security issues fixed in the cockpit-subscriptions-14.4-2.1 package on the GA media of openSUSE Tumbleweed...

8.2CVSS5.9AI score0.01535EPSS
Exploits0References1
Amazon
Amazon
added 2026/02/05 12:0 a.m.7 views

Important: python-pip

Issue Overview: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression...

8.9CVSS5.5AI score0.02667EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.6 views

PT-2026-6872

Name of the Vulnerable Software and Affected Versions tracker-extract version 3.7.1-1ubuntu0.1 tracker-miner-fs version 3.7.1-1ubuntu0.1 Description The software can crash when processing specific malformed MP3 files. This could lead to a denial of service or potentially allow for arbitrary code...

5.8AI score0.00246EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Oracle Linux 9 : python3.12-wheel (ELSA-2026-1939)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1939 advisory. 0.41.2-3.1 - Security fix for CVE-2026-24049 Resolves: RHEL-143652 Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.1CVSS6.6AI score0.00311EPSS
Exploits2References2
OSV
OSV
added 2026/02/04 11:15 p.m.3 views

DEBIAN-CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS8.3AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 11:15 p.m.29 views

CVE-2019-25276 Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path

Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Rockwell Software\FactoryTalk...

8.5CVSS0.0019EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/04 11:15 p.m.6 views

CVE-2019-25276

Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Rockwell Software\FactoryTalk...

8.5CVSS5.6AI score0.0019EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/04 11:15 p.m.2 views

CVE-2019-25267 Wing FTP Server 6.0.7 - Unquoted Service Path

Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launche...

8.5CVSS5.9AI score0.00222EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/04 9:21 p.m.3 views

CVE-2024-51451 Multiple Vulnerabilities in IBM Concert Software

IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking...

6.5CVSS5.6AI score0.00219EPSS
Exploits0References1
CVE
CVE
added 2026/02/04 9:18 p.m.11 views

CVE-2024-43181

IBM Concert Software versions 1.0.0–2.1.0 do not invalidate sessions after logout, enabling an authenticated user to impersonate another user. Red Hat and ENISA entries confirm this behavior across multiple feeds. Root cause: insufficient session invalidation on logout. Impact: potential account ...

6.3CVSS5.8AI score0.00225EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder