Lucene search
K

5298762 matches found

Packet Storm News
Packet Storm News
added 2026/09/10 12:0 a.m.220 views

IServ Schoolserver User Enumeration

IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added in 11 minutes0 views

Security Bulletin: WebSphere Application Server traditional shipped with IBM Tivoli System Automation Application Manager is vulnerable to a server-side request forgery (SSRF) vulnerability (CVE-2026-9006)

Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager. Vulnerability Details CVEID:CVE-2026-9006 DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery...

9.1CVSS6.1AI score0.00221EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added now0 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2026-10845)

Summary IBM WebSphere Application Server used by IBM Tivoli System Automation Application Manager is affected by an authentication bypass when a JAX-WS application is deployed. Vulnerability Details CVEID:CVE-2026-10845 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 could allow a remot...

7.3CVSS6.1AI score0.00337EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 1 minute ago0 views

Security Bulletin: IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager is vulnerable to a denial of service

Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application ManagerCVE-2026-9320, CVE-2026-8646,CVE-2026-9071 Vulnerability Details CVEID:CVE-2026-9320 DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 and...

9.1CVSS6AI score0.00338EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 minutes ago0 views

Security Bulletin: WebSphere Application Server traditional shipped with IBM Tivoli System Automation Application Manager is affected by remote code execution and denial of service (CVE-2026-10852, CVE-2026-8858, CVE-2026-9072)

Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2026-10852 DESCRIPTION: IBM WebSphere...

9.8CVSS6.4AI score0.00409EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 10 minutes ago27 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00385EPSS
Exploits0References11Affected Software9
BDU FSTEC
BDU FSTEC
added 10 minutes ago17 views

The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.

The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...

7.7CVSS5.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 10 minutes ago15 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS6.1AI score0.02603EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 10 minutes ago16 views

The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.

The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

7CVSS6.1AI score0.0013EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 10 minutes ago14 views

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...

9.1CVSS6.1AI score0.00648EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 10 minutes ago18 views

The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...

8.5CVSS6.1AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 10 minutes ago9 views

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6AI score0.00127EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 10 minutes ago17 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00456EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 10 minutes ago14 views

The vulnerability of the MmMapIoSpace() function in the ThrottleBlood.sys driver allows a hacker to escalate their privileges, execute arbitrary code, or cause a service failure.

The vulnerability of the MmMapIoSpace function in the ThrottleBlood.sys driver, as part of the ThrottleStop utility, is related to open IOCTLs with insufficient access control. Exploiting this vulnerability could allow an attacker to enhance their privileges, execute arbitrary code, or cause...

7.5CVSS6AI score0.06702EPSS
Exploits8References3Affected Software1
BDU FSTEC
BDU FSTEC
added 10 minutes ago23 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS7.2AI score0.00709EPSS
Exploits1References11Affected Software9
BDU FSTEC
BDU FSTEC
added 10 minutes ago15 views

The vulnerability of the Directum RX ECM system, related to deficiencies in access control, allows a perpetrator to compromise data integrity.

The vulnerability of the Directum RX ECM system is related to deficiencies in access control. Exploiting this vulnerability could allow a remote attacker to compromise data integrity...

5CVSS5.8AI score
Exploits0Affected Software1
NVD
NVD
added 36 minutes ago2 views

CVE-2026-40633

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, versions 9.11.0.0 through 9.13.0.2 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure...

7.8CVSS
Exploits0References1
The Hacker News
The Hacker News
added 45 minutes ago3 views

Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday

Security researcher Chaotic Eclipse aka Nightmare-Eclipse has released a new proof-of-concept PoC exploit called LegacyHive. It has been described as a Windows User Profile Service arbitrary hive load elevation of privileges vulnerability. The Windows User Profile Service, also referred to as...

9.8CVSS6.7AI score
Exploits0
The Hacker News
The Hacker News
added 57 minutes ago2 views

Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution

Open a repository in Cursor on Windows and, if a file named git.exe is sitting in the project root, Cursor runs it. No click, no approval dialog, no warning that anything in the folder is about to execute. Whatever that binary does, it does as you, with your source, your SSH keys and your cloud...

6.5AI score
Exploits0
GithubExploit
GithubExploit
added 59 minutes ago3 views

Exploit for CVE-2026-53359

CVE-2026-53359 A 16-year-old bug in the Linux kernel lets a re...

7AI score0.00176EPSS
Exploits4
Rows per page
Query Builder