Lucene search
K

1484361 matches found

Ivanti
Ivanti
added 2026/12/05 2:3 p.m.24 views

May 2026 Security Advisory Ivanti Virtual Traffic Manager (vTM) (CVE-2026-8051)

Summary Ivanti has released updates for Ivanti Virtual Traffic Manager which addresses one High severity vulnerability. Successful exploitation could lead to admin authenticated remote code execution. We are not aware of any customers being exploited by this vulnerability at the time of disclosur...

7.2CVSS6.1AI score0.01914EPSS
Exploits0
Ivanti
Ivanti
added 2026/12/05 2:2 p.m.38 views

May 2026 Security Advisory Ivanti Secure Access Client (CVE-2026-7431, CVE-2026-7432)

Update 22 May: CVE-2026-8992 has been added to Vulnerability Details Summary Ivanti has released updates for the Ivanti Secure Access Client which addresses one medium severity vulnerability and two High severity vulnerabilities. We are not aware of any customers being exploited by these...

8.8CVSS6.2AI score0.00564EPSS
Exploits0
Ivanti
Ivanti
added 2026/12/05 2:0 p.m.23 views

Security Advisory - Ivanti Xtraction (CVE-2026-8043)

Summary Ivanti has released an update for Ivanti Xtraction which addresses one Critical severity vulnerability. Successful exploitation could lead to sensitive information disclosure and client-side attacks. We are not aware of any customers being exploited by this vulnerability at the time of...

9.6CVSS5.9AI score0.00869EPSS
Exploits0
Ivanti
Ivanti
added 2026/12/05 1:59 p.m.32 views

Security Advisory Ivanti Endpoint Manager (EPM) May 2026

Security Advisory Ivanti Endpoint Manager EPM CVE-2026-8109, CVE-2026-8110, CVE-2026-811 Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one Medium severity and two High severity vulnerabilities. Successful exploitation could lead to information disclosure, privile...

8.8CVSS6.3AI score0.00883EPSS
Exploits0
Ivanti
Ivanti
added 2026/10/03 9:26 a.m.36 views

Security Advisory Ivanti DSM (CVE-2026-3483)

Security Advisory Ivanti DSM CVE-2026-3483 Summary Ivanti has released an update for Ivanti Desktop and Server Management DSM which addresses one high severity vulnerability. Successful exploitation could allow an attacker to elevate their local privileges. We are not aware of any customers being...

7.8CVSS5.8AI score0.00397EPSS
Exploits0
Ivanti
Ivanti
added 2026/09/06 1:58 p.m.20 views

Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-10727)

Update 11 June: FAQ Updated Summary Ivanti has released updates for Ivanti Endpoint Manager Mobile EPMM which addresses one high severity vulnerability. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details CVE Number | Descriptio...

7.2CVSS6.1AI score0.01634EPSS
Exploits0
Ivanti
Ivanti
added 2026/09/02 8:55 p.m.35 views

Security Advisory EPM February 2026 for EPM 2024

Update 18 Feb: Added FAQ on patching Agents. Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one high severity vulnerability and one medium severity vulnerability. Successful exploitation could allow a remote authenticated attacker to leak arbitrary data or...

8.6CVSS6.4AI score0.81089EPSS
Exploits0
NVD
NVD
added 1 hour ago2 views

CVE-2026-55436

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy aibridgeproxyd created a goproxy server whose default transport set InsecureSkipVerify: true and only assigned a...

7.4CVSS
Exploits0References5
EUVD
EUVD
added 2 hours ago4 views

EUVD-2026-42124

DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million placeholders. DBI version 1.650 sets a hard limit of 99,999 placeholders...

6.1AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 hours ago2 views

CVE-2026-55436

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy aibridgeproxyd created a goproxy server whose default transport set InsecureSkipVerify: true and only assigned a...

7.4CVSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2 hours ago8 views

CVE-2026-55436 Coder's AI Bridge Proxy skips TLS certificate verification in default configuration

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy aibridgeproxyd created a goproxy server whose default transport set InsecureSkipVerify: true and only assigned a...

7.4CVSS
Exploits0References5
CVE
CVE
added 2 hours ago11 views

CVE-2026-55436

The CVE-2026-55436 issue affects Coder’s AI Bridge Proxy (aibridgeproxyd) in versions prior to 2.32.7, 2.33.8, and 2.34.2. The root cause is that the proxy’s default goproxy transport uses InsecureSkipVerify: true and only switches to a secure transport if an upstream proxy is configured; thus ou...

7.4CVSS6AI score
Exploits0References5
NVD
NVD
added 2 hours ago4 views

CVE-2026-55079

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.24.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, NewDataBuilder in provisionersdk/proto/dataupload.go allocated a byte slice using the client-supplied FileSize from a...

4.9CVSS
Exploits0References6
GithubExploit
GithubExploit
added 2 hours ago9 views

Exploit for CVE-2026-49777

!AMN SECURITYhttps://img.shields.io/badge/AMN-SECURITY-000000...

10CVSS6.2AI score0.01656EPSS
Exploits3
GithubExploit
GithubExploit
added 2 hours ago9 views

Exploit for CVE-2026-8206

🛡️ AMN SECURITY 🛡️ !CVE-2026-8206https://img.shields.io/ba...

9.8CVSS5.9AI score0.0126EPSS
Exploits5
GithubExploit
GithubExploit
added yesterday13 views

Exploit for Command Injection in Litellm

─── CVE-2026-42271 ─── 🛡️ AMN SECURITY 🛡️ مركز أ...

8.8CVSS6.5AI score0.80188EPSS
Exploits2
CVE
CVE
added yesterday9 views

CVE-2026-55079

Coder’s GO-based provisioner vulnerability arises from NewDataBuilder allocating a byte slice using client-supplied FileSize without an upper bound. The DRPC wire limit is 4 MiB, but FileSize could be much larger, causing memory exhaustion and potential denial of service when an authenticated use...

4.9CVSS6AI score
Exploits0References6
Cvelist
Cvelist
added yesterday5 views

CVE-2026-55079 Coder's unbounded memory allocation in provisioner file upload allows authenticated denial of service

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.24.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, NewDataBuilder in provisionersdk/proto/dataupload.go allocated a byte slice using the client-supplied FileSize from a...

4.9CVSS
Exploits0References6
Github Security Blog
Github Security Blog
added yesterday2 views

Flask-Security-Too: WebAuthn reauthentication freshness bypass via cross-user assertion

Summary Flask-Security-Too 5.8.0 and 5.8.1 mark a session as reauthentication-fresh after processing a WebAuthn assertion whose proven credential belongs to a different user than the currently authenticated session user. The check that GHSA-97r5-pg8x-p63p added on the OAuth reauthentication path...

Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added yesterday2 views

Goploy: Arbitrary File Read via Path Traversal in /deploy/fileDiff allows Remote Server Compromise

Click here to jump to the Simplified Chinese version 点击跳转到简体中文版本 Goploy System Arbitrary File Read Vulnerability Basic Information - Vulnerability Name: Goploy Endpoints Arbitrary File Read via Path Traversal - Vulnerability Type: Path Traversal CWE-22 / Arbitrary File Read - Affected Product:...

Exploits0References2Affected Software1
Rows per page
Query Builder