Lucene search
K

19025 matches found

Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.7 views

PT-2026-36747

CVE-2025-12993 - Apache HTTP Server Cross-Site Scripting Vulnerability CVE ID :CVE-2025-12993 Published : May 1, 2026, 9:16 p.m. | 54 minutes ago Description :Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67968. Reason: This candidate is a reservation duplicate of...

9.9CVSS6AI score0.00525EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.7 views

RHEL 10 / 8 / 9 : Red Hat JBoss Web Server 6.2.2 (RHSA-2026:12194)

The remote Redhat Enterprise Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:12194 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised ...

9.1CVSS6AI score0.00494EPSS
Exploits0References10
OSV
OSV
added 2026/05/01 10:22 a.m.5 views

RHSA-2026:12194 Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.2 release and security update

Bulletin has no description...

7.3CVSS5.7AI score0.00494EPSS
Exploits0References19
ATTACKERKB
ATTACKERKB
added 2026/05/01 4:45 a.m.2 views

CVE-2026-7554

A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitatio...

6.3CVSS4.6AI score0.01097EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/05/01 4:45 a.m.28 views

CVE-2026-7554 D-Link M60 httpd password recovery

A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitatio...

6.3CVSS0.01097EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

Bandit 环境问题漏洞

Bandit is a high-performance HTTP and WebSocket server from the individual developer Mat Trudel. An environmental issue vulnerability exists in Bandit versions prior to 1.11.0, which stems from inconsistent handling of duplicate Content-Length headers and could lead to HTTP request entrapment...

6.3CVSS5.8AI score0.00518EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.3 views

Cisco Adaptive Security Appliance (ASA) Software VPN DoS (cisco-sa-asaftd-vpn-dos-SpOFF2Re)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability. - A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacke...

8.6CVSS5.9AI score0.00358EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.10 views

PT-2026-36301

A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitatio...

6.3CVSS5.4AI score0.01097EPSS
Exploits1References6
NVD
NVD
added 2026/04/30 3:16 p.m.6 views

CVE-2026-36957

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...

7.5CVSS0.00344EPSS
Exploits2References2
NVD
NVD
added 2026/04/30 3:16 p.m.11 views

CVE-2026-36958

A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the...

7.5CVSS0.00344EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2026/04/30 2:2 p.m.8 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.2 release and security update

Red Hat JBoss Web Server 6.2.2 is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.1CVSS7.5AI score0.00494EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/30 1:58 p.m.14 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.2 release and security update

Red Hat JBoss Web Server 6.2.2 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CV...

9.1CVSS7.7AI score0.00981EPSS
Exploits0References6
NVD
NVD
added 2026/04/30 12:16 p.m.7 views

CVE-2026-41882

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server...

7.5CVSS0.00401EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/30 11:5 a.m.8 views

CVE-2026-41882

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server...

7.4CVSS5.3AI score0.00401EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/30 11:5 a.m.5 views

EUVD-2026-26368

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server...

7.4CVSS5.3AI score0.00401EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 11:5 a.m.8 views

CVE-2026-41882

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server...

7.4CVSS5.3AI score0.00401EPSS
Exploits0References2
CVE
CVE
added 2026/04/30 11:5 a.m.17 views

CVE-2026-41882

CVE-2026-41882 affects JetBrains IntelliJ IDEA prior to 2024.3.7.1 and versions 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, and 2026.1.1. The issue enables reading arbitrary local files via the built‑in web server. The root cause details are not provided in the given documents. A patch is indicated by th...

7.5CVSS5.3AI score0.00401EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/30 11:5 a.m.29 views

CVE-2026-41882

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server...

7.4CVSS0.00401EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 12:0 a.m.9 views

CVE-2026-36957

The affected device is the Dbit Router, firmware V1.0.0 (Dbit N300 T1 Pro Easy Setup Wireless Wi‑Fi Router). The vulnerability is in the Boa web server URI handler, which can be exploited by sending a high-volume flood of HTTP GET requests to non-existent URIs, causing resource exhaustion (file d...

7.5CVSS5.4AI score0.00344EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.5 views

PT-2026-36103

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...

7.5CVSS5.4AI score0.00344EPSS
Exploits2References3
Rows per page
Query Builder