Lucene search
K
AvleonovRecent

389 matches found

Information Security Automation
Information Security Automation
added 3 days ago3 views

About Cross Site Scripting - Microsoft Exchange (CVE-2026-42897) vulnerability

About Cross Site Scripting - Microsoft Exchange CVE-2026-42897 vulnerability. The vulnerability was fixed on May 14 outside the regular Microsoft Patch Tuesday cycle. Improper neutralization of input during web page generation CWE-79, XSS in Microsoft Exchange Server allows an unauthorized attack...

8.1CVSS7.7AI score0.0564EPSS
Exploits1
Information Security Automation
Information Security Automation
added 2026/06/26 5:0 p.m.4 views

June Linux Patch Wednesday

June Linux Patch Wednesday. A total of 1,888 vulnerabilities 324 in the Linux kernel, and a whopping 728 in Chromium ❗️. For comparison, there were 1,638 vulnerabilities in May. The increase isn't as dramatic as it was from April to May, but it's still a new record. One of the vulnerabilities has...

8.8CVSS7AI score0.01849EPSS
Exploits21
Information Security Automation
Information Security Automation
added 2026/06/17 9:0 a.m.6 views

June "In the Trend of VM" (#28): Linux kernel, Microsoft Defender, and Palo Alto Networks device vulnerabilities

June "In the Trend of VM" 28: Linux kernel, Microsoft Defender, and Palo Alto Networks device vulnerabilities. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. In the previous May edition, we covered four vulnerabilities. This time, there...

9.8CVSS6.9AI score0.93235EPSS
Exploits50
Information Security Automation
Information Security Automation
added 2026/06/17 9:0 a.m.7 views

June Microsoft Patch Tuesday

June Microsoft Patch Tuesday. Last week I was on vacation in Veliky Novgorod, so I'm publishing this overview only now. A total of 202 vulnerabilities were addressed, approximately twice as many as in May. There are currently no vulnerabilities marked as exploited in the wild. However, there are...

9.8CVSS7AI score0.48438EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2026/06/06 12:0 p.m.4 views

About Elevation of Privilege - Microsoft Defender "RedSun" (CVE-2026-41091) vulnerability

About Elevation of Privilege - Microsoft Defender "RedSun" CVE-2026-41091 vulnerability. Microsoft Defender is a built-in security solution developed by Microsoft to protect the Windows operating system and user data from viruses, malware, and other cyber threats in real time. An improper link...

7.8CVSS6.1AI score0.08371EPSS
Exploits2
Information Security Automation
Information Security Automation
added 2026/06/05 10:0 a.m.12 views

About Remote Code Execution - PAN-OS (CVE-2026-0300) vulnerability

About Remote Code Execution - PAN-OS CVE-2026-0300 vulnerability. PAN-OS is an operating system for Palo Alto Networks firewalls and security platforms. User-ID™ Authentication Portal also known as Captive Portal is a non-default PAN-OS feature used to map IP addresses to usernames. By exploiting...

9.8CVSS6.7AI score0.36157EPSS
Exploits6
Information Security Automation
Information Security Automation
added 2026/06/02 11:0 a.m.10 views

May Linux Patch Wednesday

May Linux Patch Wednesday. A total of 1,638 vulnerabilities 474 in the Linux kernel. For comparison, in April there were 1,035 vulnerabilities a record!. And this time it turns out to be a record again, more than one and a half times higher! The acceleration is both impressive and alarming. But w...

9.8CVSS7.8AI score0.96267EPSS
Exploits357
Information Security Automation
Information Security Automation
added 2026/05/28 2:0 p.m.12 views

About Elevation of Privilege - Linux Kernel "Fragnesia" (CVE-2026-46300) vulnerability

About Elevation of Privilege - Linux Kernel "Fragnesia" CVE-2026-46300 vulnerability. The vulnerability was discovered by researcher William Bowling together with the V12 team. Fragnesia belongs to the class of Dirty Frag vulnerabilities. It is an error in the ESP/XFRM subsystem, distinct from...

7.8CVSS6.2AI score0.03663EPSS
Exploits11
Information Security Automation
Information Security Automation
added 2026/05/25 5:0 p.m.15 views

May "In the Trend of VM" (#27): high-profile vulnerabilities in Linux, ActiveMQ, SharePoint, and Adobe Acrobat Reader

May "In the Trend of VM" 27: high-profile vulnerabilities in Linux, ActiveMQ, SharePoint, and Adobe Acrobat Reader. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. While the previous April edition featured only one vulnerability, this one...

8.8CVSS7AI score0.96666EPSS
Exploits246
Information Security Automation
Information Security Automation
added 2026/05/19 8:0 a.m.15 views

May Microsoft Patch Tuesday

May Microsoft Patch Tuesday. A total of 119 vulnerabilities, approximately 1.5 times fewer than in April. There are currently no vulnerabilities marked as actively exploited in the wild. However, there is one vulnerability with a public exploit: 🔸 EoP - Windows Kernel CVE-2026-40369. A detailed...

9.9CVSS6.7AI score0.72253EPSS
Exploits39
Information Security Automation
Information Security Automation
added 2026/05/14 10:0 a.m.11 views

About Remote Code Execution - Apache ActiveMQ (CVE-2026-34197) vulnerability

About Remote Code Execution - Apache ActiveMQ CVE-2026-34197 vulnerability. Apache ActiveMQ is a popular open-source message broker written in Java. Its main purpose is to send messages between different services, systems, and microservices without a direct connection between them. This...

8.8CVSS6.8AI score0.96666EPSS
Exploits13
Information Security Automation
Information Security Automation
added 2026/05/13 11:0 a.m.12 views

Про уязвимость Spoofing - Microsoft SharePoint Server (CVE-2026-32201)

About Spoofing - Microsoft SharePoint Server CVE-2026-32201 vulnerability. A vulnerability from the April Microsoft Patch Tuesday. The description provided by Microsoft experts is extremely vague: "Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform...

6.5CVSS5.8AI score0.24172EPSS
Exploits1
Information Security Automation
Information Security Automation
added 2026/05/08 11:0 a.m.8 views

About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" (CVE-2026-43284, CVE-2026-43500) vulnerability

About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" CVE-2026-43284, CVE-2026-43500 vulnerability. According to information from researcher Hyunwoo Kim @v4bel, Dirty Frag is a vulnerability a class of vulnerabilities that allows a local unprivileged attacker to obtain root...

8.8CVSS6.3AI score0.93235EPSS
Exploits33
Information Security Automation
Information Security Automation
added 2026/04/30 6:0 p.m.10 views

About Elevation of Privilege - Linux Kernel "Copy Fail" (CVE-2026-31431) vulnerability

About Elevation of Privilege - Linux Kernel "Copy Fail" CVE-2026-31431 vulnerability. A local privilege escalation vulnerability in the Linux kernel AFALG component, which is caused by a memory handling flaw, allows an unprivileged user to escalate privileges to root. By exploiting this...

7.8CVSS6.1AI score0.96267EPSS
Exploits228
Information Security Automation
Information Security Automation
added 2026/04/28 6:0 p.m.14 views

April "In the Trend of VM" (#26): one Microsoft SharePoint vulnerability

April "In the Trend of VM" 26: one Microsoft SharePoint vulnerability. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. Once again, it is single-vendor, Microsoft-related, and this time it could not be more compact. While the previous Marc...

9.8CVSS5.8AI score0.31109EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2026/04/22 4:0 p.m.19 views

April Linux Patch Wednesday

April Linux Patch Wednesday. In April, Linux vendors addressed 1,035 vulnerabilities - nearly twice as many as in March. One might assume that most of these would again be Linux Kernel vulnerabilities, but that's not the case! Linux Kernel vulnerabilities were relatively few - just 209. The...

9.8CVSS7.8AI score0.96666EPSS
Exploits72
Information Security Automation
Information Security Automation
added 2026/04/17 10:0 a.m.19 views

April Microsoft Patch Tuesday

April Microsoft Patch Tuesday. A total of 167 vulnerabilities, about twice as many as in March. There is one vulnerability already being exploited in the wild: 🔻 Spoofing - Microsoft SharePoint Server CVE-2026-32201. ZDI experts say "Spoofing bugs in SharePoint often manifest as cross-site...

9.8CVSS6.4AI score0.5585EPSS
Exploits9
Information Security Automation
Information Security Automation
added 2026/04/14 3:0 p.m.8 views

About Remote Code Execution - Adobe Reader (CVE-2026-34621) vulnerability

About Remote Code Execution - Adobe Reader CVE-2026-34621 vulnerability. Adobe Acrobat Reader from 2003 to 2015, "Adobe Reader" is a free PDF viewer developed by Adobe. Versions are available for Windows, macOS, Android, and iOS. The remote code execution vulnerability in Adobe Acrobat for Window...

8.6CVSS8.2AI score0.07086EPSS
Exploits4
Information Security Automation
Information Security Automation
added 2026/04/03 5:0 p.m.7 views

About Remote Code Execution - Microsoft SharePoint (CVE-2026-20963) vulnerability

About Remote Code Execution - Microsoft SharePoint CVE-2026-20963 vulnerability. This vulnerability was fixed in the January MSPT. At the time of the MSPT release on January 13, VM vendors did not highlight this vulnerability in their reviews, and Microsoft reported no evidence of exploitation in...

9.8CVSS6.4AI score0.31109EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2026/03/30 8:0 p.m.15 views

March Linux Patch Wednesday

MarchLinux Patch Wednesday. In March, Linux vendors began addressing 575 vulnerabilities, which is 57 fewer than in February. Of these, 93 are in the Linux Kernel ⬇️ a significant decrease - there were 305 in February. There are two vulnerabilities with signs of in-the-wild exploitation: 🔻 RCE -...

10CVSS7AI score0.02EPSS
Exploits36
Information Security Automation
Information Security Automation
added 2026/03/22 9:0 a.m.10 views

March "In the Trend of VM" (#25): once again, vulnerabilities are only in Microsoft products

March "In the Trend of VM" 25: once again, vulnerabilities are only in Microsoft products. I present the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. As in February, it turned out to be quite compact and focused on a single vendor. 🗞 Post on Habr rus...

8.8CVSS7.2AI score0.25835EPSS
Exploits8
Information Security Automation
Information Security Automation
added 2026/03/16 12:16 p.m.7 views

About the Remote Code Execution Vulnerability - n8n (CVE-2025-68613)

About Remote Code Execution Vulnerability - n8n CVE-2025-68613. n8n is a workflow automation platform available under a fair-code license. Improper Control of Dynamically-Managed Code Resources CWE-913 in the n8n workflow expression evaluation system allows a remote authenticated attacker without...

9.9CVSS7.8AI score0.97875EPSS
Exploits29
Information Security Automation
Information Security Automation
added 2026/03/12 3:14 p.m.12 views

About Elevation of Privilege - Desktop Window Manager (CVE-2026-21519) vulnerability

About Elevation of Privilege - Desktop Window Manager CVE-2026-21519 vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Desktop Window Manager is a compositing window manager included in Windows starting with Windows Vista. A Type Confusion error CWE-843 in Desktop...

7.8CVSS6AI score0.0242EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2026/03/12 9:6 a.m.13 views

About Elevation of Privilege - Windows RDS (CVE-2026-21533) vulnerability

About Elevation of Privilege - Windows RDS CVE-2026-21533 vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Remote Desktop Services RDS is a component of Microsoft Windows that allows a user to initiate and control an interactive session on a remote computer or virtua...

7.8CVSS6AI score0.03846EPSS
Exploits5
Information Security Automation
Information Security Automation
added 2026/03/11 7:20 p.m.11 views

March Microsoft Patch Tuesday

March Microsoft Patch Tuesday. A total of 79 vulnerabilities, about one and a half times more than in February. What's truly unusual is that this time there were no vulnerabilities with signs of exploitation in the wild or a public exploit! 🤔 At least not yet. 😏 The following vulnerabilities can ...

8.8CVSS7.2AI score0.04491EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2026/03/09 10:59 p.m.13 views

About Remote Code Execution – Windows Shell (CVE-2026-21510) vulnerability

About Remote Code Execution - Windows Shell CVE-2026-21510 vulnerability. A vulnerability from the February Microsoft Patch Tuesday. The Windows Shell is the primary interface through which users interact with the Windows operating system. It includes visible elements such as the Desktop, Taskbar...

8.8CVSS6.6AI score0.25835EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2026/03/02 10:4 p.m.10 views

About Remote Code Execution – Microsoft Word (CVE-2026-21514) vulnerability

About Remote Code Execution - Microsoft Word CVE-2026-21514 vulnerability. This vulnerability is from February Microsoft Patch Tuesday. Reliance on Untrusted Inputs in a Security Decision CWE-807 in Microsoft Office Word allows an unauthenticated attacker to bypass OLE security features when...

7.8CVSS6.2AI score0.01517EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2026/02/20 4:20 p.m.20 views

February Linux Patch Wednesday

FebruaryLinux Patch Wednesday. In February, Linux vendors addressed 632 vulnerabilities - 1.5× fewer than in January, including 305 in the Linux Kernel. Two vulnerabilities show signs of in-the-wild exploitation: 🔻 RCE - Chromium CVE-2026-2441 🔻 InfDisc - MongoDB "MongoBleed" CVE-2025-14847 Publi...

10CVSS5.5AI score0.83007EPSS
Exploits72
Information Security Automation
Information Security Automation
added 2026/02/12 10:19 p.m.9 views

February “In the Trend of VM” (#24): vulnerabilities in Microsoft products

February "In the Trend of VM" 24: vulnerabilities in Microsoft products. A traditional monthly roundup of trending vulnerabilities. This time, compact and all-Microsoft. 🗞 Post on Habr rus 🗒 Digest on the PT website rus In total, two vulnerabilities: 🔻 RCE - Microsoft Office CVE-2026-21509 🔻...

7.8CVSS8.4AI score0.72152EPSS
Exploits17
Information Security Automation
Information Security Automation
added 2026/02/11 11:8 a.m.14 views

February Microsoft Patch Tuesday

February Microsoft Patch Tuesday. A total of 55 vulnerabilities, half as many as in January. There are as many as six ❗️ vulnerabilities being exploited in the wild: 🔻 SFB/RCE - Windows Shell CVE-2026-21510 🔻 SFB/RCE - Microsoft Word CVE-2026-21514 🔻 SFB - MSHTML Framework CVE-2026-21513 🔻 EoP -...

8.8CVSS6.9AI score0.25835EPSS
Exploits18
Information Security Automation
Information Security Automation
added 2026/02/05 4:58 p.m.7 views

I released Vulristics 1.0.11: added Server-Side Request Forgery (SSRF) as a distinct vulnerability type

I releasedVulristics 1.0.11: added Server-Side Request Forgery SSRF as a distinct vulnerability type. I try to use a very small set of base vulnerability types around 20 in Vulristics and map everything else to them. With a few exceptions, these are the same types Microsoft uses - and Microsoft...

5.9AI score
Exploits0
Information Security Automation
Information Security Automation
added 2026/01/27 7:4 a.m.10 views

About Remote Code Execution – Microsoft Office (CVE-2026-21509) vulnerability

About Remote Code Execution - Microsoft Office CVE-2026-21509 vulnerability. The vulnerability was urgently fixed on January 26, outside the regular Microsoft Patch Tuesday. Microsoft classified it as a Security Feature Bypass, but in fact, it is more of a Remote Code Execution. The vulnerability...

7.8CVSS8.6AI score0.72152EPSS
Exploits12
Information Security Automation
Information Security Automation
added 2026/01/26 1:52 p.m.12 views

January “In the Trend of VM” (#23): vulnerabilities in Windows, React and MongoDB

January "In the Trend of VM" 23: vulnerabilities in Windows, React and MongoDB. Traditional monthly roundup of trending vulnerabilities. Launching the 2026 season. 🙂 🗞 Post on Habr rus 🗒 Digest on the PT website rus In total, three vulnerabilities: 🔻 EoP - Windows Cloud Files Mini Filter Driver...

10CVSS6.7AI score0.99562EPSS
Exploits413
Information Security Automation
Information Security Automation
added 2026/01/24 9:19 p.m.11 views

January Linux Patch Wednesday

JanuaryLinux Patch Wednesday. In January, Linux vendors started fixing 918 vulnerabilities, one and a half times more than in December. Of these, 616 are in the Linux Kernel. Three show signs of exploitation in the wild: 🔻 AuthBypass - GNU Inetutils telnetd CVE-2026-24061 🔻 RCE - Safari...

9.8CVSS7.2AI score0.98871EPSS
Exploits90
Information Security Automation
Information Security Automation
added 2026/01/24 10:32 a.m.6 views

Our PR team awarded me the “The Best Positive Speaker 2025” metal pin for public speaking, articles, and media commentary

Our PR team awarded me the “The Best Positive Speaker 2025” metal pin for public speaking, articles, and media commentary. Huge thanks to my colleagues for this! I’m very pleased. 😇 The collection is growing. 😉 This time, the pin is styled like the Friends sitcom logo. It’s made of metal, coated...

5.5AI score
Exploits0
Information Security Automation
Information Security Automation
added 2026/01/24 9:40 a.m.9 views

About Information Disclosure – Desktop Window Manager (CVE-2026-20805) vulnerability

About Information Disclosure - Desktop Window Manager CVE-2026-20805 vulnerability. Desktop Window Manager is a compositing window manager that has been part of Windows since Windows Vista. Exploitation of the vulnerability, which was addressed in the January Microsoft Patch Tuesday, allows a loc...

5.5CVSS6.1AI score0.05028EPSS
Exploits5
Information Security Automation
Information Security Automation
added 2026/01/23 10:22 p.m.8 views

About Authentication Bypass – GNU Inetutils (CVE-2026-24061) vulnerability

About Authentication Bypass - GNU Inetutils CVE-2026-24061 vulnerability. GNU Inetutils is a collection of common network programs, including, among other things, a Telnet server telnetd. A vulnerability in GNU Inetutils telnetd allows a remote attacker to obtain a root shell on the host without...

9.8CVSS7.9AI score0.98871EPSS
Exploits60
Information Security Automation
Information Security Automation
added 2026/01/19 1:55 p.m.10 views

About Information Disclosure – MongoDB “MongoBleed” (CVE-2025-14847) vulnerability

About Information Disclosure - MongoDB "MongoBleed" CVE-2025-14847 vulnerability. MongoDB is a popular NoSQL database that stores data as JSON-like documents with an optional schema. The project is licensed under the SSPL. A flaw in MongoDB’s handling of the data length parameter during zlib...

8.7CVSS5.6AI score0.83007EPSS
Exploits39
Information Security Automation
Information Security Automation
added 2025/11/26 11:24 a.m.14 views

About SQL Injection – Django (CVE-2025-64459) vulnerability

About SQL Injection - Django CVE-2025-64459 vulnerability. Django is a free and open-source high-level Python web framework. The vulnerability allows attackers to manipulate database query logic by injecting internal query parameters connector and negated when applications pass user-controlled...

9.1CVSS8.4AI score0.19396EPSS
Exploits10
Information Security Automation
Information Security Automation
added 2025/11/21 4:21 p.m.20 views

November Linux Patch Wednesday

NovemberLinux Patch Wednesday. In November, Linux vendors began fixing 516 vulnerabilities, one and a half times fewer than in October. Of these, 232 are in the Linux Kernel. One vulnerability is exploited in the wild: MemCor - Chromium CVE-2025-13223. Added to CISA KEV on November 19. For 64 mor...

10CVSS6.8AI score0.66535EPSS
Exploits36
Information Security Automation
Information Security Automation
added 2025/11/14 8:44 p.m.15 views

November “In the Trend of VM” (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux

November "In the Trend of VM" 21: vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux. The usual monthly roundup. After several months, here's a big one. Post on Habr rus Post on SecurityLab rus Digest on the PT website rus A total of nine vulnerabilities: RCE -...

9.9CVSS8.6AI score0.99962EPSS
Exploits103
Information Security Automation
Information Security Automation
added 2025/11/14 7:49 p.m.11 views

November Microsoft Patch Tuesday

November Microsoft Patch Tuesday. A total of 65 vulnerabilities. I'm not comparing this with the October report because I've decided to cover only MSPT-day vulnerabilities. The thing is, Microsoft has started massively adding Linux-product vulnerabilities to their official website, and these...

9.8CVSS6.9AI score0.061EPSS
Exploits6
Information Security Automation
Information Security Automation
added 2025/11/13 1:56 p.m.13 views

About Remote Code Execution – Microsoft SharePoint “ToolShell” (CVE-2025-49704) vulnerability

About Remote Code Execution - Microsoft SharePoint "ToolShell" CVE-2025-49704 vulnerability. This vulnerability is from the Microsoft's July Patch Tuesday. SharePoint is a web application developed by Microsoft for corporate intranet portals, document management, and collaborative work...

9.8CVSS8.3AI score0.99982EPSS
Exploits41
Information Security Automation
Information Security Automation
added 2025/11/10 9:45 p.m.10 views

About Elevation of Privilege – Windows Remote Access Connection Manager (CVE-2025-59230) vulnerability

About Elevation of Privilege - Windows Remote Access Connection Manager CVE-2025-59230 vulnerability. A vulnerability from the October Microsoft Patch Tuesday. The Windows Remote Access Connection Manager RasMan service is a core Windows component that manages dial-up and Virtual Private Network...

7.8CVSS8.2AI score0.02615EPSS
Exploits1
Information Security Automation
Information Security Automation
added 2025/11/05 2:14 p.m.9 views

About Remote Code Execution – Windows LNK File (CVE-2025-9491) vulnerability

About Remote Code Execution - Windows LNK File CVE-2025-9491 vulnerability. A vulnerability in the Microsoft Windows shortcut .LNK handling mechanism allows malicious command-line arguments to be hidden in the Target field using whitespace characters, making them invisible to standard tools...

7.8CVSS7.4AI score0.63102EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2025/11/03 12:37 p.m.11 views

About Remote Code Execution – XWiki Platform (CVE-2025-24893) vulnerability

About Remote Code Execution - XWiki Platform CVE-2025-24893 vulnerability. XWiki is a free and open-source wiki platform written in Java, with a strong focus on extensibility. It supports WYSIWYG visual editing, importing and exporting documents in OpenDocument format, adding annotations and tags...

9.8CVSS8.3AI score0.99898EPSS
Exploits50
Information Security Automation
Information Security Automation
added 2025/10/31 10:12 a.m.7 views

About Elevation of Privilege – Linux Kernel (CVE-2025-38001) vulnerability

About Elevation of Privilege - Linux Kernel CVE-2025-38001 vulnerability. It affects the Linux HFSC network scheduler module. An authenticated attacker can exploit this flaw to gain root privileges. This vulnerability is from the June Linux Patch Wednesday. In the Vulristics report, it was no...

5.5CVSS6.8AI score0.00369EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2025/10/28 7:52 p.m.8 views

About Remote Code Execution – Redis “RediShell” (CVE-2025-49844) vulnerability

About Remote Code Execution - Redis "RediShell" CVE-2025-49844 vulnerability. Redis is a popular in-memory key–value database, used as a distributed cache and message broker, with optional durability. This vulnerability allows a remote authenticated attacker to execute arbitrary code via a...

9.9CVSS8.7AI score0.86767EPSS
Exploits14
Information Security Automation
Information Security Automation
added 2025/10/27 7:20 p.m.10 views

About Elevation of Privilege – Windows Agere Modem Driver (CVE-2025-24990) vulnerability

About Elevation of Privilege - Windows Agere Modem Driver CVE-2025-24990 vulnerability. The vulnerability is from Microsoft's October Patch Tuesday. Agere Modem Driver ltmdm64.sys is a software component that allows a computer to communicate with an Agere or LSI modem for dial‑up or fax...

7.8CVSS8.2AI score0.05793EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2025/10/26 9:35 p.m.11 views

About Cross Site Scripting – Zimbra Collaboration (CVE-2025-27915) vulnerability

About Cross Site Scripting - Zimbra Collaboration CVE-2025-27915 vulnerability. Zimbra Collaboration is a collaboration software suite, somewhat similar to Microsoft Exchange. Exploiting this vulnerability in the web mail client Classic Web Client allows an unauthenticated attacker to execute...

5.4CVSS7.2AI score0.04241EPSS
Exploits1
Total number of security vulnerabilities389