Lucene search
K

210 matches found

RedHat Linux
RedHat Linux
added yesterday10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.27 security and extras update

Red Hat OpenShift Container Platform release 4.20.27 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.9AI score0.00656EPSS
Exploits0References2
NVD
NVD
added 2 days ago9 views

CVE-2026-13742

Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, leading to the replacement of downloaded file with a malicious one. Honeywell also recommends...

5.8CVSS0.00083EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/19 2:21 p.m.5 views

NPM: undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

NPM: undici vulnerable to HTTP header injection via Set-Cookie percent-decoding vulnerability discovered by ? in WordPress Npm undici versions 6.27.0...

5.9CVSS5.8AI score0.00257EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/18 4:16 p.m.9 views

CVE-2025-52465

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web pa...

7.2CVSS0.00353EPSS
Exploits0References4
NVD
NVD
added 2026/06/18 4:16 p.m.12 views

CVE-2025-27511

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.27.0 of the GeoServer DB2 DataStore Extension, an administrator can perform a JNDI attack through specially crafted DB2 jdbc url leading to to Remote Code Execution RCE. Version 2.27.0 fixes...

7.2CVSS0.00582EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.27 views

CVE-2025-59563 WordPress Sonaar theme <= 4.27.4 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in Sonaar = 4.27.4 versions...

8.8CVSS0.00378EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.9 views

EUVD-2026-36832

Unauthenticated Sensitive Data Exposure in Bookly = 27.4 versions...

7.5CVSS5.2AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/13 11:25 a.m.9 views

CVE-2026-5513 Online Scheduling and Appointment Booking System – Bookly <= 27.2 - Unauthenticated Stored Cross-Site Scripting via 'bookly-customer-full-name' Cookie

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.5AI score0.00312EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.12 views

PT-2026-48892

Name of the Vulnerable Software and Affected Versions OpenTelemetry-cpp versions prior to 1.27.0 Description The OTLP HTTP exporters for traces, metrics, and logs read the complete HTTP response into an in-memory vector of bytes without implementing a size limit. This can lead to memory exhaustio...

5.3CVSS5.9AI score0.00206EPSS
Exploits0References6
CBLMariner
CBLMariner
added 2026/06/10 2:46 a.m.9 views

CVE-2026-39833 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-39833 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

9.1CVSS5.4AI score0.0036EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/09 3:51 a.m.9 views

CVE-2026-41850 Spring Framework Algorithmic Denial of Service via SpEL Expressions

Applications that evaluate user-supplied Spring Expression Language SpEL expressions are vulnerable to an Algorithmic Denial of Service DoS. By providing a specially crafted expression, an attacker can trigger excessive resource consumption during evaluation, leading to application degradation or...

7.5CVSS5.5AI score0.0036EPSS
Exploits0References1
OSV
OSV
added 2026/06/07 3:45 p.m.6 views

MINI-GP4V-27VP-M8R8

Bulletin has no description...

5.3CVSS5.2AI score0.00313EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/07 12:0 a.m.8 views

erlang27-27.1.3-2.1 on GA media (moderate)

erlang27-27.1.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:10947-1 Rating: moderate Cross-References: CVE-2025-4748 CVE-2025-48038 CVE-2025-48039 CVE-2026-21620 CVE-2026-23941 CVE-2026-23942 CVE-2026-23943 CVE-2026-28808 CVE-2026-28810 CVE-2026-32144 CVE-2026-32147 CVE-2026-42789...

9.1CVSS6.4AI score0.00644EPSS
Exploits0
OSV
OSV
added 2026/06/04 12:21 p.m.4 views

MINI-6Q27-3PQQ-VVP2

Bulletin has no description...

9.1CVSS5.7AI score0.00338EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.9 views

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2026:1964-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1964-1 advisory. This update for rmt-server fixes the following issues - CVE-2026-26961: rack: mismatch in header handling can allow to smuggle...

7.5CVSS5.9AI score0.0043EPSS
Exploits0References32
OSV
OSV
added 2026/05/14 3:47 p.m.3 views

MINI-H5CG-27MG-25MH

Bulletin has no description...

6.5CVSS5.7AI score0.00295EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/04/29 2:46 p.m.113 views

Threatswarm

27 scope-enforced AI agents that run the full pentest kill-cha...

10CVSS7.5AI score0.99999EPSS
Exploits347
OSV
OSV
added 2026/04/10 7:4 a.m.1 views

SUSE-SU-2026:1242-1 Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.110 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

7.8CVSS5.8AI score0.00204EPSS
Exploits0References13
Patchstack
Patchstack
added 2026/04/09 11:53 p.m.6 views

WordPress Online Scheduling and Appointment Booking System - Bookly plugin <= 27.0 - Unauthenticated Price Manipulation via 'tips' vulnerability

WordPress Online Scheduling and Appointment Booking System - Bookly plugin = 27.0 - Unauthenticated Price Manipulation via 'tips' vulnerability discovered by Youssef Elouaer in WordPress Plugin Bookly versions = 27.0...

5.3CVSS5.9AI score0.00452EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 12:28 p.m.1 views

CVE-2026-2519 Online Scheduling and Appointment Booking System – Bookly <= 27.0 - Unauthenticated Price Manipulation via 'tips'

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due to the plugin trusting a user-supplied input without server-side validation against the configure...

5.3CVSS5.7AI score0.00452EPSS
Exploits0References6
Rows per page
Query Builder