Lucene search
K

975 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-51926

An issue in docuForm GmbH FSM Client v.11.11c allows a remote attacker to obtain sensitive information via the login.php component. A vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid...

7.5CVSS6AI score0.0036EPSS
Exploits0References3
CVE
CVE
added 4 days ago16 views

CVE-2026-51923

The CVE-2026-51923 entry concerns docuForm GmbH Client v.11.11c with an Insecure Direct Object Reference (IDOR) vulnerability in the user settings component. The technical detail provided states that a remote attacker can execute arbitrary code and modify or retrieve sensitive data associated wit...

8.1CVSS6.3AI score0.00382EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:7 p.m.11 views

CVE-2026-13054

A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025.1...

8.6CVSS5.9AI score0.00459EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-10109

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling...

9.8CVSS0.0086EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 7:42 p.m.6 views

EUVD-2026-40393

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns...

6.5CVSS5.8AI score0.0042EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 10:59 p.m.7 views

EUVD-2026-39492

pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File Path Traversal...

7.3CVSS5.8AI score0.0027EPSS
Exploits1References2
Redos
Redos
added 2026/06/23 12:0 a.m.5 views

ROS-20260623-73-0014

Vulnerability in Python 3.11 related to the lack of measures taken to clean data at the management level. Exploitation of this vulnerability allows a remote attacker to execute arbitrary commands...

7.1CVSS6.2AI score0.0029EPSS
Exploits0
NVD
NVD
added 2026/06/17 10:54 a.m.11 views

CVE-2026-46914

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

7.1CVSS0.0015EPSS
Exploits0References1
OSV
OSV
added 2026/06/17 10:8 a.m.9 views

RHSA-2026:26461 Red Hat Security Advisory: redhat-ds:11 security update

Bulletin has no description...

7.5CVSS4.9AI score0.00815EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.27 views

CVE-2025-69160 WordPress Gita theme <= 1.11 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Gita = 1.11 versions...

8.1CVSS0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.22 views

CVE-2025-69159 WordPress Printo theme <= 1.11 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Printo = 1.11 versions...

8.1CVSS0.00435EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 1:47 p.m.11 views

EUVD-2026-36246

A HTTP request smuggling and desynchronization vulnerability affects Kong Gateway Enterprise 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 series. The vulnerability is caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic...

7CVSS5.5AI score0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 10:32 a.m.11 views

CVE-2026-8464 Path traversal in Neuron Soft Golem OEE MES

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS5.5AI score0.00204EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 10:32 a.m.24 views

CVE-2026-8464

CVE-2026-8464 : Golem OEE MES is affected by an unauthenticated path-traversal vulnerability that could allow an attacker in the same local network to read arbitrary files from the server by manipulating HTTP request paths. The issue is fixed in version 11.6.0. Affected product: Golem OEE MES; vu...

8.3CVSS5.5AI score0.00204EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/07 12:43 a.m.15 views

CVE-2026-45776

OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, a flaw in Open XDMoD's access control logic allows an attacker to submit a crafted HTTPS POST request that sets a session variable used for authorization decisions. If an installation of Open XDMoD...

5.3CVSS5.4AI score0.00236EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.11 views

CVE-2025-61308

A reflected cross-site scripted XSS vulnerability in the dfm-menumaintenance.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS5.7AI score0.00236EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-61306

A reflected cross-site scripted XSS vulnerability in the dfm-menucoveragealerts.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable valu...

6.1CVSS5.7AI score0.00236EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-1343

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 allows an attacker to contact internal authentication endpoints which are...

7.2CVSS5.5AI score0.00198EPSS
Exploits0References1
Chainguard
Chainguard
added 2026/06/05 7:18 p.m.11 views

GHSA-XVMR-9P7M-JMWV vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk, openjdk-11-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-21-openj9...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/05 7:18 p.m.8 views

GHSA-Q4WQ-4WHJ-CXHX vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-21-openj9...

6.1AI score
Exploits0
Rows per page
Query Builder