Lucene search
K

20172 matches found

Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-56667

Name of the Vulnerable Software and Affected Versions Drupal Clean RESTful versions . Description A security issue exists in Drupal Clean RESTful. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

6.1AI score0.00236EPSS
Exploits0References4
OSV
OSV
added 6 days ago7 views

CVE-2026-55075 Coder vulnerable to OIDC account takeover via email-based user matching and email_verified bypass

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, two flaws in Coder's OIDC login chained into account takeover. Email-based user matching fell back to linking by email without checking for an existing link...

7.4CVSS6AI score0.00479EPSS
Exploits0References9
Drupal
Drupal
added 2026/06/26 12:0 a.m.11 views

Tealium iQ Tag Management - Critical - PHP object injection - SA-CONTRIB-2026-064

The Tealium iQ Tag Management module provides Drupal integration with Tealium iQ. tealiumiq stores some data as PHP-serialized strings. In some situations, malicious data can be written directly to the field. This can lead to an Object Injection vulnerability when the data are unserialized. This...

5.8AI score0.00417EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 5:9 p.m.8 views

DRUPAL-CONTRIB-2026-046

The security team is marking the Composer module for Drupal project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read:...

5.9CVSS5.5AI score0.00153EPSS
Exploits0References1
Drupal
Drupal
added 2026/06/10 12:0 a.m.15 views

Brute force attack protection - Critical - Unsupported - SA-CONTRIB-2026-047

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...

5.2AI score0.00153EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48595

Name of the Vulnerable Software and Affected Versions Drupal Brute force attack protection versions . Description An issue exists in the Brute force attack protection module that allows for a brute force attack. Recommendations At the moment, there is no information about a newer version that...

6.1AI score0.00153EPSS
Exploits0References4
Drupal
Drupal
added 2026/06/10 12:0 a.m.14 views

Composer - Critical - Unsupported - SA-CONTRIB-2026-046

The security team is marking the Composer module for Drupal project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read:...

5.3AI score0.00153EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.14 views

PT-2026-46353

Unauthenticated Local File Inclusion in Preservation = 1.10 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.12 views

PT-2026-46345

Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin = 2.7.2 versions...

8.5CVSS5.7AI score0.00342EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.18 views

PT-2026-46341

Unauthenticated Local File Inclusion in Food Drop = 1.3 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46348

Subscriber Privilege Escalation in Genemy = 1.6.6 versions...

8.8CVSS5.2AI score0.00389EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.14 views

PT-2026-46342

Unauthenticated Local File Inclusion in Fortius = 2.3.0 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.13 views

PT-2026-46379

Unauthenticated Local File Inclusion in ITactics = 1.0 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.21 views

PT-2026-46387

Name of the Vulnerable Software and Affected Versions WP Meta Sort Posts versions prior to 1.0 Description The WP Meta Sort Posts plugin for WordPress is subject to Cross-Site Request Forgery CSRF, a type of attack where an unauthorized user tricks a victim into performing actions they did not...

4.3CVSS5.2AI score0.00128EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46347

Subscriber Broken Access Control in Genemy = 1.6.6 versions...

6.5CVSS5.2AI score0.00299EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46335

Unauthenticated Local File Inclusion in CopyPress = 1.4.5 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46374

Unauthenticated Local File Inclusion in Orpheus = 1.3 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.22 views

PT-2026-46333

Unauthenticated Local File Inclusion in Iona = 1.0.8 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/04/17 1:21 p.m.17 views

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer requires GitHub sign-in, RedSun, an...

7.8CVSS6.4AI score0.06749EPSS
Exploits3
NVD
NVD
added 2026/03/20 4:16 a.m.5 views

CVE-2026-32941

Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...

7.1CVSS0.00298EPSS
Exploits1References1
Rows per page
Query Builder