Lucene search
K

5389 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.8 views

Fedora 43 : vim (2026-75b5ddf8c3)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-75b5ddf8c3 advisory. keep GTK4 in rawhide for now ---- switch to GTK4 for GVim Fix CVE-2026-46483 Tenable has extracted the preceding description block directly from the...

7CVSS5.8AI score0.00552EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/02 11:27 p.m.12 views

CVE-2026-9732

The EmergencyWP – Dead Man's switch & legacy deliverance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the formsettingsui settings save handler, procedural include scope functio...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/06/02 11:39 a.m.247 views

Exploit for CVE-2026-46243

CIFSwitch Checker - CVE-2026-46243 Checker para Linux que p...

7.8CVSS5.8AI score0.00353EPSS
Exploits4
GithubExploit
GithubExploit
added 2026/06/02 11:39 a.m.114 views

Exploit for CVE-2026-46243

CIFSwitch Checker - CVE-2026-46243 Checker para Linux que p...

7.8CVSS5.8AI score0.00353EPSS
Exploits4
Patchstack
Patchstack
added 2026/06/02 11:0 a.m.14 views

WordPress EmergencyWP – Dead Man's switch & legacy deliverance plugin <= 1.4.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by swat in WordPress Plugin EmergencyWP – Dead Man's switch & legacy deliverance versions = 1.4.2...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.20 views

PT-2026-45888

Name of the Vulnerable Software and Affected Versions EmergencyWP – Dead Man's switch & legacy deliverance versions prior to 1.4.3 Description The plugin is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation in the form settings ui function. This allows...

4.3CVSS5.7AI score0.00128EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/01 7:4 a.m.18 views

Malicious code in @emcd-vue/auth (npm)

Part of a coordinated multi-package supply-chain attack impersonating EMCD emcd.io, a legitimate Russian cryptocurrency exchange and mining pool. The attacker registered the @emcd-vue npm scope to pose as an internal Vue.js front-end tooling package from "EMCD Platform Engineering." The package...

6AI score
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

WezTerm MCP Server 操作系统命令注入漏洞

WezTerm MCP Server is a terminal control and interaction tool developed by Kentaro Hiraishi. Version 0.1.0 of WezTerm MCP Server contains a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations in the switchpane/writetospecificpane...

6.5CVSS6.5AI score0.01088EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/31 12:30 a.m.15 views

EUVD-2026-33476

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS6.7AI score0.00419EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/31 12:30 a.m.11 views

CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS6.7AI score0.00419EPSS
Exploits0References7
CVE
CVE
added 2026/05/31 12:30 a.m.25 views

CVE-2026-10157

Open5GS up to 2.7.6 is affected by a vulnerability in the NGAP PathSwitchRequest Message Handler (src/amf/ngap-handler.c). The issue arises from a manipulation that leads to improper authentication. The attack can be initiated remotely, and a public exploit exists. A patch is available with ident...

7.5CVSS6.7AI score0.00419EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/31 12:30 a.m.42 views

CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS0.00419EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.13 views

PT-2026-45161

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS6.7AI score0.00419EPSS
Exploits0References8
NVD
NVD
added 2026/05/29 8:16 p.m.18 views

CVE-2026-34127

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS0.00239EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 6:59 p.m.13 views

EUVD-2026-33420

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:4 a.m.13 views

openvswitch: vport: fix self-deadlock on release of tunnel ports

...

5.5CVSS5.4AI score0.00099EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 12:0 a.m.13 views

Malicious code in @t-in-one/application_id_storage_key_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

TP-Link TL-SG108PE 安全漏洞

The TP-Link TL-SG108PE is an 8-port Gigabit Ethernet intelligent managed PoE switch from TP-Link Corporation. The TP-Link TL-SG108PE v5 has a security vulnerability, which stems from improper cleaning of SYSNAM configuration parameters during the file configuration import process in the web...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 12:0 a.m.15 views

Malicious code in @t-in-one/safe_local_storage_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.18 views

PT-2026-44972

Name of the Vulnerable Software and Affected Versions TP-Link TL-SG108PE v5 affected versions not specified Description A stored cross-site scripting XSS issue exists in the web management interface. This occurs because the SYSNAM configuration parameter is not properly sanitized during the...

5.3CVSS5.7AI score0.00239EPSS
Exploits0References6
Rows per page
Query Builder