Lucene search
K

555 matches found

EUVD
EUVD
added 2026/07/02 11:15 a.m.7 views

EUVD-2026-41279

Unauthenticated Cross Site Scripting XSS in Admin and Site Enhancements ASE Pro = 8.8.5 versions...

9.6CVSS5.8AI score0.00269EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 8:50 p.m.20 views

CVE-2026-11594

CVE-2026-11594 affects IBM WebSphere Application Server components (8.5 and 9.0; with related advisories also mentioning 9.1) where the administrative console is vulnerable to cross-site scripting. The core issue is XSS in the administrative console login/page rendering. Public bulletins from IBM...

8.5CVSS5.6AI score0.00337EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/30 8:17 p.m.8 views

CVE-2026-12084

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

7.5CVSS0.00162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.12 views

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 XSS (7277546)

The version of IBM WebSphere Application Server running on the remote host is affected by a XSS vulnerability as referenced in the 7277546 advisory. - IBM WebSphere Application Server is affected by a cross-site scripting vulnerability in the administrative console login page. CWE: CWE-79: Improp...

8.5CVSS5.9AI score0.00337EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/23 2:48 p.m.37 views

CVE-2025-62180 Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs...

7.1CVSS0.00215EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:46 p.m.3 views

CVE-2026-9006

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery SSRF with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure...

7.4CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/17 10:40 a.m.10 views

CVE-2026-35274

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Deployment Package. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

8.2CVSS0.00392EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/16 7:26 p.m.3 views

CVE-2026-35279

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Performance Monitor. Supported versions that are affected are 8.61 and 8.62. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

8.1CVSS5.8AI score0.00392EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 3:21 p.m.5 views

Security Bulletin: IBM WebSphere Application Server is affected by an authentication bypass vulnerability (CVE-2026-10845)

Summary IBM WebSphere Application Server is affected by a an authentication bypass when a JAX-WS application is deployed. Vulnerability Details CVEID:CVE-2026-10845 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to bypass authentication and gain unauthorized access to...

7.3CVSS5.4AI score0.00337EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/16 2:33 p.m.7 views

GHSA-7Q4V-2MR6-5GPX Microsoft Security Advisory CVE-2026-45491 – .NET Tampering Vulnerability

Executive Summary Microsoft is releasing this security advisory to provide information about a vulnerability in System.Formats.Tar. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A tampering vulnerability exists in the...

6.8CVSS5.7AI score0.00388EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 9:17 p.m.9 views

CVE-2026-48883

Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...

7.5CVSS0.00238EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 7:18 p.m.12 views

CVE-2026-48518

Affected software: MultiJuicer (versions 8.0.0–10.0.0) running on a central Kubernetes deployment. Vulnerability: CSRF in the team join endpoint (POST /multi-juicer/api/teams/{team}/join) that accepts any Content-Type, bypassing CORS preflight and enabling a cross-site form to force a victim to j...

4.3CVSS5.2AI score0.00172EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Progress Sitefinity 安全漏洞

Progress Sitefinity is an open-source platform developed by the American company Progress, used for building corporate websites and internal networks. Versions of Progress Sitefinity from 8.0.5700 to 13.3.7652 have security vulnerabilities. These vulnerabilities stem from insufficient credential...

8.7CVSS5.5AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 5:49 p.m.30 views

CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS0.00508EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 5:49 p.m.11 views

CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS6.4AI score0.00508EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 5:49 p.m.15 views

EUVD-2026-33735

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS6.4AI score0.00508EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 2:46 p.m.9 views

CVE-2018-25392 MaxOn ERP Software 8.x-9.x SQL Injection via nomor Parameter

MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the logactivity function. Attackers can send POST requests to /index.php/user/logactivity with malicious SQL code in...

7.1CVSS6.1AI score0.00273EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 7:28 p.m.16 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin CVE-2026-8834, CVE-2026-8852, CVE-2026-8856, CVE-2026-8850, CVE-2026-8854, CVE-2026-8855, CVE-2026-8835,...

9.8CVSS5.9AI score0.00488EPSS
Exploits1Affected Software1
Elastic
Elastic
added 2026/05/28 7:24 p.m.85 views

Kibana 8.19.16 and 9.3.5 Security Update (ESA-2026-30)

Path Traversal in Kibana Leading to Unauthorized Deletion of User Accounts A path traversal vulnerability was identified in Kibana's dashboard management functionality. An authenticated user with limited permissions could create a dashboard with a specially crafted identifier. When an administrat...

4.6CVSS5.7AI score0.00223EPSS
Exploits0
CVE
CVE
added 2026/05/27 2:54 a.m.30 views

CVE-2026-2253

Hitachi Vantara Pentaho Data Integration & Analytics is affected by an XXE issue in XML parsing. Versions before 10.2.0.7 and 11.0.0.0 (including 9.3.x and 8.3.x) do not sufficiently restrict external entities, enabling potential confidentiality impact. CVSSv3.1 base score 7.7 (HIGH) with NETWORK...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder