Lucene search
K

4232 matches found

OSV
OSV
added 2026/06/09 5:29 a.m.16 views

MGASA-2026-0180 Updated packagekit packages fix security vulnerability

PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root. CVE-2026-41651...

8.8CVSS7.5AI score0.0046EPSS
Exploits10References7
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-47688

The WPForms WordPress plugin before 1.10.0.5 does not verify the authenticity of incoming PayPal webhook events before processing them, allowing unauthenticated attackers to forge webhook payloads and manipulate the payment state of arbitrary transactions...

5.6AI score0.00197EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.9 views

FreeBSD -- Insufficient response validation in the ldns stub resolver

Problem Description: When used as a stub resolver over UDP, ldns failed to verify that a received response belonged to the outstanding query. It did not check that the response source address and port matched the query destination, that the transaction ID matched, or that the question section of...

8.2CVSS5.6AI score0.00147EPSS
Exploits0
OSV
OSV
added 2026/06/08 11:2 p.m.10 views

GHSA-XMV7-R254-6Q78 Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Summary Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning Kaminsky attack. Details Two factors contribute to this vulnerability in...

6.8CVSS5.5AI score0.00256EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 9:20 p.m.13 views

Security Bulletin: Security Vulnerabilities have been identified in IBM WebSphere Application Server bundled with IBM Financial Transaction Manager v3

Summary IBM WebSphere Application Server is bundled with IBM Financial Transaction Manager v3. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9CVSS6.2AI score0.00508EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/08 3:16 p.m.14 views

CVE-2026-11521

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS0.00272EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/08 2:15 p.m.43 views

CVE-2026-11521 Mohammed-eid35 bank-management-system-springboot Transaction Endpoint TransactionController.java improper authorization

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS0.00272EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 2:15 p.m.9 views

CVE-2026-11521 Mohammed-eid35 bank-management-system-springboot Transaction Endpoint TransactionController.java improper authorization

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS6.1AI score0.00272EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 2:15 p.m.10 views

CVE-2026-11521

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS6.1AI score0.00272EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 2:15 p.m.13 views

EUVD-2026-35075

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS6.1AI score0.00272EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 2:15 p.m.24 views

CVE-2026-11521

Mohammed-eid35 bank-management-system-springboot (Transaction Endpoint) has a vulnerability in TransactionController.java leading to improper authorization. A remote attacker could exploit it, and public PoCs exist per the CVE metrics. Affected version details are not provided due to rolling rele...

6.5CVSS6.1AI score0.00272EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/08 10:1 a.m.13 views

bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

A flaw was found in BIND. A remote attacker can exploit this vulnerability by sending maliciously-constructed packets to BIND servers configured for TKEY-based authentication via GSS-API Generic Security Service Application Program Interface tokens. This can lead to excessive memory consumption,...

7.5CVSS5.5AI score0.01047EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.24 views

PT-2026-47609

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.135.Final Netty versions prior to 4.2.15.Final Description The DNS resolver in the io.netty.resolver.dns module uses a predictable Pseudo-Random Number Generator PRNG for generating DNS transaction IDs and defaults ...

6.8CVSS5.2AI score0.00256EPSS
Exploits0References54
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Bank Management System 安全漏洞

Bank Management System is a banking management system developed by Alien developers. There is a security vulnerability in Bank Management System, which stems from operations in the TransactionEndpoint component file...

6.5CVSS6.3AI score0.00272EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.25 views

PT-2026-47295

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS6.1AI score0.00272EPSS
Exploits0References7
OSV
OSV
added 2026/06/06 6:0 a.m.12 views

RLSA-2026:23360 Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.9 views

CVE-2026-34067

nimiq-transaction provides the transaction primitive to be used in Nimiq's Rust implementation. Prior to version 1.3.0, HistoryTreeProof::verify panics on a malformed proof where history.len != positions.len due to asserteq!history.len, positions.len. The proof object is derived from untrusted p2...

6.5CVSS5.4AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.9 views

CVE-2026-10294

A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function gfiletest of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclose...

5.3CVSS5AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.14 views

CVE-2026-34064

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

8.2CVSS5.4AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.12 views

CVE-2026-40880

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and zebra-consensus version 5.0.2, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By carefully submitting a transaction that is valid for height H+1 bu...

8.1CVSS5.5AI score0.00261EPSS
Exploits0References1
Rows per page
Query Builder