Lucene search
K

78 matches found

CVE
CVE
added 2026/05/27 12:18 p.m.22 views

CVE-2026-1718

IBM Db2 is vulnerable to a denial of service when autonomous transactions are enabled, affecting Db2 Server releases 11.5.0–11.5.9 and 12.1.0–12.1.4. The root cause is CWE-770 (Allocation of Resources Without Limits or Throttling). A specially crafted query can trigger the issue. Remediation invo...

7.5CVSS5.8AI score0.00362EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/22 11:27 p.m.3 views

CVE-2026-4917

IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...

4.9CVSS5.9AI score0.00356EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/22 11:23 p.m.4 views

CVE-2026-4919 IBM Guardium Data Protection is affected by multiple vulnerabilities

IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

4.8CVSS5.5AI score0.00185EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.8 views

PT-2026-27115

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores administrative authentication material in the ecos pw cookie using a reversible Base64-encoded format with a static suffix. An attacker who obtains or derives this cookie value can forge a valid administrative session and gai...

8.7CVSS5.8AI score0.00281EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.10 views

Copeland XWEB PRO 操作系统命令注入漏洞

Copeland XWEB PRO is an advanced commercial and industrial refrigeration monitoring and management system developed by the American company Copeland. Versions of Copeland XWEB PRO prior to 1.12.1 contained a vulnerability related to operating system command injection. This vulnerability stemmed...

8.8CVSS6.2AI score0.01934EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.13 views

PT-2026-21358

Name of the Vulnerable Software and Affected Versions Swiper versions 6.5.1 through 12.1.1 Description Swiper is a free and mobile touch slider with hardware accelerated transitions and native behavior. A prototype pollution issue exists in the shared/utils.mjs file, specifically at line 94, wher...

9.4CVSS5.8AI score0.00397EPSS
Exploits2References16
CVE
CVE
added 2026/02/17 7:11 p.m.21 views

CVE-2025-13108

CVE-2025-13108 affects IBM Db2 Merge Backup for Linux, UNIX and Windows, version 12.1.0.0. The root cause is a buffer not properly cleared, which could allow an attacker to access sensitive information stored in memory. The vulnerability is documented across multiple sources (IBM, Red Hat, NVD, e...

7.5CVSS5.7AI score0.0018EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.9 views

IBM DB2 Merge Backup 安全漏洞

IBM DB2 Merge Backup is a database-assisted backup tool developed by IBM. Version 12.1.0.0 of IBM DB2 Merge Backup contains a security vulnerability. This vulnerability stems from buffer overflows allocated at the stack level, which could allow authenticated users to cause the program to crash...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/02/13 12:24 a.m.8 views

SUSE CVE-2026-25990

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...

7.5CVSS6.6AI score0.00367EPSS
Exploits1References4
OSV
OSV
added 2026/01/27 8:40 p.m.4 views

SUSE-SU-2026:20170-1 Security update for cockpit-subscriptions

This update for cockpit-subscriptions fixes the following issues: Update to version 12.1: - CVE-2025-64718: js-yaml: fixed prototype pollution in merge bsc1255425...

5.3CVSS6.3AI score0.00414EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:56 a.m.5 views

CVE-2018-4387

A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1...

2.4CVSS5.3AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/23 1:18 p.m.5 views

CVE-2025-67291

A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...

6.1CVSS5.6AI score0.00175EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.6 views

PT-2025-52684

Name of the Vulnerable Software and Affected Versions Piranha CMS version 12.1 Description A stored cross-site scripting XSS issue exists in the Page Settings module. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Excerpt field...

6.1CVSS5.8AI score0.00175EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.7 views

PT-2025-52685

Name of the Vulnerable Software and Affected Versions Piranha CMS version 12.1 Description A stored cross-site scripting XSS issue exists in the Media module. An attacker can inject a crafted payload into the Name field to execute arbitrary web scripts or HTML. Recommendations At the moment, ther...

6.1CVSS5.8AI score0.00175EPSS
Exploits1References7
NVD
NVD
added 2025/12/09 4:18 p.m.9 views

CVE-2025-67591

Cross-Site Request Forgery CSRF vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.This issue affects JNews Paywall: from n/a through 12.0.1...

4.3CVSS0.00102EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:14 p.m.26 views

CVE-2025-67591 WordPress JNews Paywall plugin < 12.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.This issue affects JNews Paywall: from n/a through 12.0.1...

4.3CVSS0.00102EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/06 4:24 p.m.5 views

WordPress JNews Paywall plugin < 12.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin JNews Paywall versions 12.0.1...

4.3CVSS7AI score0.00102EPSS
Exploits0Affected Software1
CBLMariner
CBLMariner
added 2025/11/14 10:3 p.m.3 views

CVE-2025-40107 affecting package kernel for versions less than 6.6.112.1-2

CVE-2025-40107 affecting package kernel for versions less than 6.6.112.1-2. An upgraded version of the package is available that resolves this issue...

6.8AI score0.00183EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/23 12:0 a.m.8 views

PT-2025-43535

Name of the Vulnerable Software and Affected Versions Piranha CMS versions 12.0 and 12.1 Description A stored cross-site scripting XSS issue exists in the /manager/pages component of Piranha CMS. This allows attackers to execute arbitrary web scripts or HTML by creating a page and injecting a...

6.1CVSS5.5AI score0.00263EPSS
Exploits1References16
CNNVD
CNNVD
added 2025/06/11 12:0 a.m.4 views

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium...

6.7CVSS6.5AI score0.00124EPSS
Exploits0References2
Rows per page
Query Builder