Lucene search
K

14756 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.8 views

CVE-2025-59874

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

8.1CVSS5.3AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.10 views

CVE-2026-6149

A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation of the argument BRANCHID can lead to sql injection. The attack may be performed from remote. The...

7.5CVSS7AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.12 views

CVE-2026-39410

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a discrepancy between browser cookie parsing and parse handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to th...

4.8CVSS5.4AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.9 views

CVE-2026-44886

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devices.php route accepts requests from unauthenticated users when the action URL parameter is set to...

8.7CVSS5.6AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:49 p.m.11 views

CVE-2024-42206

HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...

3.1CVSS5.4AI score0.00151EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/04 4:15 p.m.10 views

PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions

A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...

7.5CVSS5.7AI score0.00337EPSS
Exploits0References5
NVD
NVD
added 2026/06/04 2:16 p.m.13 views

CVE-2025-59874

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

8.1CVSS0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 12:14 p.m.12 views

EUVD-2025-210064

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

8.1CVSS5.7AI score0.00268EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:14 p.m.19 views

CVE-2025-59874

CVE-2025-59874 affects HCL Hive Telco Observability. The issue is identified as a missing CSP directive in the web application’s Keycloak component, with missing essential directives leaving the site vulnerable. The CVSS v3.1 base metrics indicate a high-severity, network-exploitability risk (AV:...

8.1CVSS5.7AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/04 11:57 a.m.17 views

CVE-2026-30923

A flaw was found in libModSecurity3, a component of the ModSecurity web application firewall WAF. An attacker can exploit a segmentation fault by sending a specially crafted query string parameter containing a single character, which is then processed by a rule using the t:hexDecode transformatio...

8.2CVSS5.7AI score0.00435EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.26 views

PT-2026-46217

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

8.1CVSS5.7AI score0.00268EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/03 9:40 a.m.41 views

CVE-2025-14773 Stored Cross-Site Scripting in ABB T-MAC Plus web application

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8CVSS0.00181EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 9:40 a.m.34 views

CVE-2025-14773

CVE-2025-14773 is a stored cross-site scripting (XSS) vulnerability in ABB T-MAC Plus web application, affecting T-MAC Plus 4.0-24. The issue stems from improper neutralization of input during web page generation. CVSS metrics from ABB indicate a HIGH severity (CVSS v4.0 base 7.2; v3.1 base 8.0),...

8CVSS5.8AI score0.00181EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/03 9:40 a.m.7 views

CVE-2025-14773 Stored Cross-Site Scripting in ABB T-MAC Plus web application

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8CVSS5.8AI score0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/03 9:25 a.m.8 views

CVE-2025-14772 Broken Access Control in ABB T-MAC Plus web application

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8.8CVSS5.8AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 9:25 a.m.38 views

CVE-2025-14772 Broken Access Control in ABB T-MAC Plus web application

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8.8CVSS0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 9:16 a.m.43 views

CVE-2025-14771 File Disclosure in ABB T-MAC Plus web application and in ABB T-MAC plus Server - Default IIS Web Site

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

9.9CVSS0.00347EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 9:16 a.m.16 views

CVE-2025-14771

Technical details (affected components, versions, impact, remediation) are not publicly available in the provided documents. Monitor for updates on ABB T-MAC Plus CVE-2025-14771.

9.9CVSS5.8AI score0.00347EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/06/03 12:2 a.m.93 views

eCPPT-Penetration-Testing-Reports

eCPPT Penetration Testing Reports Penetration testing lab rep...

9.8CVSS7.3AI score0.94618EPSS
Exploits7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

school-management-system 安全漏洞

School-Management-System is a PHP-based school management system developed by Shubham Kumar, an individual developer. The School-Management-System has a security vulnerability, which stems from the use of predictable password generation methods. This vulnerability may allow attackers to easily...

6.9CVSS5.4AI score0.00249EPSS
Exploits0References2
Rows per page
Query Builder