Lucene search
K

545 matches found

NCSC
NCSC
added 2026/02/25 10:39 a.m.10 views

Vulnerabilities fixed in SolarWinds Serv-U

SolarWinds has fixed vulnerabilities in Serv-U. The vulnerabilities are in how Serv-U controls access and processes data types. Attackers with administrative privileges can exploit these vulnerabilities to gain unauthorized system access and execute arbitrary code with elevated privileges. This c...

9.1CVSS6.1AI score0.0057EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2026/02/25 12:0 a.m.6 views

VulnCheck KEV: CVE-2022-20775

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted...

7.8CVSS6.1AI score0.12475EPSS
In wildExploits2References9
RedhatCVE
RedhatCVE
added 2026/02/14 7:22 p.m.9 views

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

5.1CVSS5AI score0.00126EPSS
Exploits0References1
NVD
NVD
added 2026/02/13 3:15 p.m.17 views

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

5.1CVSS0.00126EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/13 2:56 p.m.6 views

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

5.1CVSS5AI score0.00126EPSS
Exploits0References2
CVE
CVE
added 2026/02/13 2:56 p.m.21 views

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting (XSS) when using an outdated version on mobile devices. The issue is being addressed with updates from HP. According to the provided CVE entry, the vulnerability is associated with an initial update path and a MEDIUM severity (C...

5.1CVSS5AI score0.00126EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.7 views

PT-2026-7994

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

5.1CVSS5AI score0.00126EPSS
Exploits0References2
Hewlett-Packard
Hewlett-Packard
added 2026/02/10 12:0 a.m.11 views

AMD Graphics Driver February 2026 Security Update

AMD has informed HP of potential vulnerabilities in some AMD Graphics Driver for Windows, which might allow arbitrary code execution, loss of confidentiality, loss of integrity, loss of availability, kernel memory corruption, denial of service, or information disclosure. AMD is releasing software...

8.8CVSS5.9AI score0.0016EPSS
Exploits0Affected Software246
NCSC
NCSC
added 2026/02/06 9:20 a.m.6 views

Vulnerability fixed in Cisco TelePresence Collaboration Endpoint

Cisco has fixed a vulnerability in Cisco TelePresence Collaboration Endpoint and RoomOS Software. The vulnerability is in how the text viewer system does not perform sufficient input control. This can be exploited by unauthenticated remote attackers, leading to a denial-of-service DoS and affecti...

7.5CVSS5.5AI score0.0037EPSS
Exploits0References1
NCSC
NCSC
added 2026/01/23 8:54 a.m.7 views

Vulnerability fixed in BIND 9

ICS has fixed a vulnerability in BIND 9. The vulnerability is located in certain versions of BIND 9, where malformed BRID/HHIT records can lead to the unexpected termination of the named service, which is critical for DNS resolution. This vulnerability allows attackers to crash the service throug...

7.5CVSS5.6AI score0.08219EPSS
Exploits0References1
NCSC
NCSC
added 2026/01/21 10:10 a.m.11 views

Vulnerabilities fixed in Oracle Analytics

Oracle has fixed vulnerabilities in Oracle Business Intelligence Enterprise Edition. The vulnerabilities allow unauthenticated attackers to cause a Denial-of-Service, or can lead to unauthorized access and modification of critical data. Oracle has released updates to fix the vulnerability. See...

9.8CVSS6.5AI score0.06215EPSS
Exploits1References1
NCSC
NCSC
added 2026/01/09 11:14 a.m.7 views

Vulnerabilities fixed in Trend Micro Apex Central

Trend Micro has fixed vulnerabilities in Trend Micro Apex Central. The vulnerabilities are in the way Trend Micro Apex Central handles certain input. An attacker can cause a denial-of-service DoS without authentication by using an unverified NULL return value. In addition, malicious actors can ga...

9.8CVSS8AI score0.0322EPSS
Exploits3References1
NCSC
NCSC
added 2025/12/27 11:38 a.m.9 views

Vulnerability fixed in MongoDB

MongoDB developers have fixed a vulnerability in MongoDB. The vulnerability with reference CVE-2025-14847 allows an unauthenticated remote attacker to read uninitialized heap memory. It is caused by improperly processing length parameters in Zlib-compressed protocol headers. Misuse of the...

8.7CVSS6.7AI score0.83007EPSS
Exploits39References2
NCSC
NCSC
added 2025/12/10 1:35 p.m.12 views

Vulnerabilities fixed in Adobe Acrobat Reader

Adobe has fixed vulnerabilities in several versions of Acrobat Reader. The vulnerabilities include an untrusted search path that allows attackers to execute arbitrary code by manipulating the application's search paths. In addition, there are vulnerabilities related to the improper verification o...

7.8CVSS8.1AI score0.00427EPSS
Exploits0References1
NCSC
NCSC
added 2025/12/10 1:34 p.m.10 views

Vulnerabilities fixed in Adobe ColdFusion

Adobe has fixed vulnerabilities in ColdFusion Specifically for versions 25.4, 23.16, 21.22 and earlier. The vulnerabilities are in the way ColdFusion handles file uploads, input validation, and data access. Users with high privileges can execute unauthorized code or access sensitive data without...

9.1CVSS7.3AI score0.08453EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/06 9:37 p.m.61 views

CVE-2025-13426

A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution. It is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute...

8.7CVSS8.4AI score0.00368EPSS
Exploits0References1
NCSC
NCSC
added 2025/11/28 9:53 a.m.39 views

Vulnerabilities fixed in Mattermost

Mattermost has fixed vulnerabilities in versions 11.0.x through 11.0.3, 10.12.x through 10.12.1, 10.11.x through 10.11.4 and 10.5.x through 10.5.12. The vulnerabilities allow an authenticated attacker to take over an account via a carefully crafted email address during the authentication process...

9.9CVSS7AI score0.0031EPSS
Exploits0References1
NCSC
NCSC
added 2025/11/21 4:3 p.m.13 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in Oracle Fusion Middleware components. The vulnerabilities allow unauthenticated attackers to access critical data over HTTP, which can lead to partial denial-of-service. The severity of these vulnerabilities is underscored by CVSS scores of 7.5, indicating...

9.8CVSS6.9AI score0.88312EPSS
Exploits10References1
NCSC
NCSC
added 2025/11/18 9:1 a.m.8 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome Specifically for versions prior to 142.0.7444.175. The vulnerabilities are in Google Chrome's V8 engine and allow remote attackers to exploit heap corruption via specially crafted HTML pages, which can lead to unauthorized actions, such as access to...

8.8CVSS6.9AI score0.04835EPSS
Exploits1References1
NCSC
NCSC
added 2025/11/12 11:56 a.m.9 views

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Adobe Illustrator Specifically for versions 28.7.10, 28.8.2 and earlier, as well as Illustrator on iPad versions 3.0.9 and earlier. The vulnerabilities are in how Adobe Illustrator and Illustrator on iPad handle specially crafted files. These vulnerabilities can...

7.8CVSS7.9AI score0.0027EPSS
Exploits0References2
Rows per page
Query Builder