Lucene search
K
RedhatcveRecent

206304 matches found

RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•11 views

CVE-2026-49848

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's checkauth userauth branch wrote request-supplied userVariables into the...

4.3CVSS5.4AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•9 views

CVE-2026-49957

Hermes WebUI before version 0.51.296 contains a workspace boundary bypass vulnerability that allows authenticated attackers to circumvent blocked-root path checks by exploiting an early return in the SSH/remote terminal profile workspace resolution logic within remoteterminalworkspacecandidate...

7.7CVSS5.5AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•8 views

CVE-2026-49958

Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use TOCTOU race condition vulnerability in the gitdiscard function within api/workspacegit.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlin...

5CVSS5.6AI score0.00081EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•11 views

CVE-2026-49472

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH includes a vulnerable function, PREFIXprologTok, in...

5.3CVSS5.4AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•7 views

CVE-2026-48560

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7AI score0.00937EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•11 views

CVE-2026-49955

Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options endpoint without completing assertion. Attackers can send unlimited POST requests to the...

6.9CVSS5.5AI score0.00586EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•9 views

CVE-2026-48562

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7AI score0.00505EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•9 views

CVE-2026-48301

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•9 views

CVE-2026-48300

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•8 views

CVE-2026-48304

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:4 p.m.•9 views

CVE-2026-48566

Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•8 views

CVE-2026-48297

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-49843

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...

5.3CVSS5.4AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•11 views

CVE-2026-48280

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-48271

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-48266

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•11 views

CVE-2026-48264

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-48265

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-48299

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•11 views

CVE-2026-48268

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-48251

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•12 views

CVE-2026-48256

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-48250

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•11 views

CVE-2026-47991

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Redirect Open Redirect vulnerability that could lead to account takeover. An attacker could construct a malicious URL that redirects a victim to an attacker-controlled site. Exploitation of this iss...

6.1CVSS5.5AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-48258

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-47986

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•8 views

CVE-2026-47985

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•11 views

CVE-2026-47989

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-47993

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-47987

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•11 views

CVE-2026-47980

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-47978

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•11 views

CVE-2026-47983

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-47982

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-47990

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•8 views

CVE-2026-47981

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-47977

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-47973

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-47962

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•12 views

CVE-2026-47975

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•12 views

CVE-2026-47966

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-47972

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-47961

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interacti...

5.5CVSS5.4AI score0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-47958

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•8 views

CVE-2026-47957

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-47970

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•9 views

CVE-2026-47956

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•8 views

CVE-2026-47974

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•10 views

CVE-2026-47950

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:3 p.m.•7 views

CVE-2026-47948

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00307EPSS
Exploits0References1
Total number of security vulnerabilities206304