Lucene search
K

544 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 7:47 p.m.6 views

CVE-2026-7539

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability...

7.3CVSS6AI score0.00096EPSS
Exploits0References2
NCSC
NCSC
added 2026/06/24 9:1 a.m.6 views

The vulnerabilities in libssh2 are addressed through libssh.

LibSSH has vulnerabilities in libssh2, including versions up to 1.11.1. The first vulnerability involves a denial-of-service attack during the pre-authentication phase, within the SSHMSGEXTINFO handler. A malicious SSH server can send a specially constructed extensioncount value, causing the clie...

9.2CVSS6.2AI score0.00732EPSS
Exploits10References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52085

Name of the Vulnerable Software and Affected Versions HP Accessory WMI Provider installer affected versions not specified Description A security issue exists in the HP Accessory WMI Provider installer used for certain HP Docking Stations. This flaw could allow an attacker to achieve escalation of...

7.3CVSS6AI score0.00096EPSS
Exploits0References5
NCSC
NCSC
added 2026/06/19 12:42 p.m.36 views

Vulnerabilities in Splunk Enterprise and Splunk Cloud Platform

Splunk has identified several vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These vulnerabilities concern various components of Splunk Enterprise and Splunk Cloud Platform. Splunk has classified the vulnerability with the identifier CVE-2026-20253 as a critical vulnerability in...

9.8CVSS6.9AI score0.88171EPSS
Exploits6References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

This issue was resolved by removing the origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4; iOS 15.7.4 and iPadOS 15.7.4; tvOS 16.4; and watchOS 9.4. A website may be able to track sensitive user information...

6.5CVSS6.8AI score0.00926EPSS
Exploits0References2
NCSC
NCSC
added 2026/06/11 8:18 a.m.12 views

Vulnerabilities present in Adobe Acrobat Reader

Adobe has identified vulnerabilities in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651, and earlier versions. These vulnerabilities include an out-of-bounds write vulnerability and multiple Use After Free errors. These errors occur when processing certain malformed or maliciously...

7.8CVSS7.6AI score0.00285EPSS
Exploits0References1
NCSC
NCSC
added 2026/06/05 9:38 a.m.12 views

Kwetsbaarheid verholpen in Cisco SD-WAN Manager

Cisco has identified a vulnerability in SD-WAN Manager, previously known as SD-WAN vManage. A malicious individual could exploit this vulnerability by uploading a specially crafted file to the affected system and thereby elevating their privileges to root user status. Cisco indicates that active...

7.8CVSS5.5AI score0.25323EPSS
Exploits2References1
NCSC
NCSC
added 2026/05/26 7:50 a.m.39 views

Kwetsbaarheid verholpen in Cisco Secure Workload

Cisco has identified a vulnerability in Cisco Secure Workload. This vulnerability resides within the internal REST APIs of Cisco Secure Workload. Unauthorized malicious actors with access to the internal infrastructure can obtain Site Admin privileges through inadequate validation and...

10CVSS5.9AI score0.00835EPSS
Exploits1References1
NCSC
NCSC
added 2026/05/15 12:7 p.m.19 views

Vulnerabilities found in F5 BIG-IP and BIG-IQ products

F5 has identified several vulnerabilities in the BIG-IP and BIG-IQ products, including components such as iControl REST, iControl SOAP, TMOS Shell, Traffic Management Microkernel TMM, Configuration Utility, Advanced WAF, ASM, PEM, DNS, Access Policy Manager APM, and SSL Orchestrator. The...

9.1CVSS6.1AI score0.00886EPSS
Exploits0References41
Cisco
Cisco
added 2026/05/06 4:0 p.m.13 views

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory

Following the initial publication of the Security Advisory about a denial of service DoS condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator NSO, additional information has been made available to the Cisco Product Security Incident Response Team PSIRT. Upon...

5.8AI score
Exploits0References1
NCSC
NCSC
added 2026/04/10 2:28 p.m.11 views

Vulnerability fixed in Cisco Smart Software Manager On-Prem

Cisco has fixed a vulnerability in Cisco Smart Software Manager On-Prem. A malicious party could exploit this vulnerability by inadvertently making an internal service component in Cisco Smart Software Manager On-Prem SSM On-Prem externally accessible. This allows a remote attacker to execute...

9.8CVSS6AI score0.00914EPSS
Exploits0References1
NCSC
NCSC
added 2026/04/03 10:34 a.m.6 views

Vulnerabilities fixed in Cisco Integrated Management Controller

Cisco has fixed several vulnerabilities in Cisco Integrated Management Controller IMC. The vulnerabilities are in Cisco IMC's Web-based management interface. An unauthorized remote attacker can bypass authentication through password change functionality by sending specially formatted HTTP request...

9.8CVSS6.1AI score0.01094EPSS
Exploits0References4
NCSC
NCSC
added 2026/03/26 9:50 a.m.5 views

Vulnerabilities fixed in Cisco IOS XE Software

Cisco has fixed vulnerabilities in Cisco IOS XE Software, specifically for several products such as Catalyst 9000 Series Switches, Catalyst CW9800 Family, and Cisco Meraki. The vulnerabilities include several issues, such as a memory leak in the IKEv2 implementation, vulnerabilities in the DHCP...

8.6CVSS5.8AI score0.00354EPSS
Exploits0References11
NCSC
NCSC
added 2026/03/20 3:56 p.m.10 views

Vulnerability fixed in Oracle Identity Manager and Oracle Web Services Manager

Oracle has fixed a vulnerability in two components of Fusion Middleware, Oracle Identity Manager and Oracle Web Services Manager. The vulnerability comes from insufficient access controls within Oracle Identity Manager and Oracle Web Services Manager, allowing unauthenticated remote attackers to...

9.8CVSS6.3AI score0.01008EPSS
Exploits1References2
NCSC
NCSC
added 2026/03/12 6:49 a.m.8 views

Vulnerabilities fixed in Adobe Commerce

Adobe has fixed vulnerabilities in Adobe Commerce up to version 2.4.9-alpha3. The vulnerabilities include improper input validation that can cause a denial-of-service without user interaction, and multiple improper authorization issues that allow attackers to bypass security mechanisms and gain...

8.7CVSS5.8AI score0.00636EPSS
Exploits0References1
NCSC
NCSC
added 2026/03/11 9:19 a.m.8 views

Vulnerabilities fixed in Fortinet FortiManager and FortiAnalyzer

Fortinet has fixed vulnerabilities in FortiAnalyzer and FortiManager including cloud variants. The vulnerability with reference CVE-2025-54820 is in FortiManager. This vulnerability allows a remote unauthenticated malicious person to execute unauthorized commands via a stack-based buffer overflow...

8.1CVSS6.3AI score0.0087EPSS
Exploits0References7
NCSC
NCSC
added 2026/03/05 9:5 a.m.8 views

Vulnerabilities fixed in Cisco Secure Firewall systems

Cisco has fixed several vulnerabilities in Cisco Secure Firewall including ASA and FTD software. The vulnerabilities include SQL injection, privilege escalation, denial-of-service, cross-site scripting, and improper management of entries in various Cisco Secure Firewall components. Authenticated...

8.6CVSS5.9AI score0.00705EPSS
Exploits0References26
Cisco
Cisco
added 2026/03/04 4:0 p.m.11 views

Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface and REST API of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. For more information about these vulnerabilities, see the Detai...

8.1CVSS6AI score0.0034EPSS
Exploits0References1
Cisco
Cisco
added 2026/02/25 4:0 p.m.13 views

Cisco Catalyst SD-WAN Vulnerabilities

Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information, and overwrite arbitrary files. For more information about these vulnerabilities, see the...

9.8CVSS7.4AI score0.10245EPSS
Exploits0References1
NCSC
NCSC
added 2026/02/25 10:39 a.m.10 views

Vulnerabilities fixed in SolarWinds Serv-U

SolarWinds has fixed vulnerabilities in Serv-U. The vulnerabilities are in how Serv-U controls access and processes data types. Attackers with administrative privileges can exploit these vulnerabilities to gain unauthorized system access and execute arbitrary code with elevated privileges. This c...

9.1CVSS6.1AI score0.0057EPSS
Exploits0References1
Rows per page
Query Builder