| المجال | الحدث / CVE | المصدر | الوصف | الاستغلال | الخطورة | الأنظمة المتأثرة | نوع التهديد | الحلول | 📅 تاريخ النشر |
|---|---|---|---|---|---|---|---|---|---|
| Exploit |
CVE-2026-53831
CVE-2026-53831 - OpenClaw < 2026.5.18 - Arbitrary File Read via Shell Expansi… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-53831 Published : June 12, 2026, 10:16 p.m. | 5 hours, 5 minutes ago Desc… | No | 🔴 Critical | Exploit | Refer to CVE-2026-53831 NVD advisory |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Vulnerability |
CVE-2026-53828
CVE-2026-53828 - OpenClaw < 2026.5.6 - Native Command Authorization Bypass vi… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-53828 Published : June 12, 2026, 10:16 p.m. | 5 hours, 5 minutes ago Desc… | No | 🔴 Critical | Exploit | Refer to CVE-2026-53828 NVD advisory |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Vulnerability |
CVE-2026-53609
CVE-2026-53609 - Apostrophe has Server-Side Prototype Pollution in apos.util.set… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-53609 Published : June 12, 2026, 10:16 p.m. | 5 hours, 5 minutes ago Desc… | No | 🔴 Critical | Node.js | Exploit | Update to v4.30.0 |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
| OT/ICS |
CVE-2026-53608
CVE-2026-53608 - @apostrophecms/seo Vulnerable to Stored XSS via Unsanitized Goo… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-53608 Published : June 12, 2026, 10:16 p.m. | 5 hours, 5 minutes ago Desc… | No | 🔴 Critical | Node.js | ICS/OT | Update to v1.4.2 |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
| Vulnerability |
CVE-2026-46716
CVE-2026-46716 - Nezha Monitoring: RoleMember can run shell on every server (cro… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-46716 Published : June 12, 2026, 10:16 p.m. | 5 hours, 5 minutes ago Desc… | No | 🔴 Critical | Exploit | Update to v1.4.0 |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Web |
CVE-2026-44990
CVE-2026-44990 - Apostrophe has default XSS via `xmp` raw-text passthrough in `s… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44990 Published : June 12, 2026, 9:16 p.m. | 6 hours, 5 minutes ago Descr… | No | 🔴 Critical | Node.js | Exploit | Update to v2.17.4 |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
| Web |
CVE-2026-45418
CVE-2026-45418 - ClipBucket: Blind SQL Injection in subtitle_edit.php 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45418 Published : 11 juin 2026 23:16 | 6 heures, 3 minutes ago Descriptio… | No | 🔴 Critical | PHP | Exploit | Update to v5.5.3 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Web |
CVE-2026-45060
CVE-2026-45060 - ClipBucket: Blind SQL Injection in progress_video.php 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45060 Published : 11 juin 2026 23:16 | 6 heures, 3 minutes ago Descriptio… | No | 🔴 Critical | PHP | Exploit | Update to v5.5.3 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-42846
CVE-2026-42846 - ClipBucket: Remote Play URL Command Injection 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42846 Published : 11 juin 2026 23:16 | 6 heures, 3 minutes ago Descriptio… | No | 🔴 Critical | Exploit | Update to v5.5.3 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Web |
CVE-2026-49060
CVE-2026-49060 - WordPress Hippoo Mobile App for WooCommerce plugin 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-49060 Published : 11 juin 2026 22:16 | 7 heures, 2 minutes ago Descriptio… | No | 🔴 Critical | WordPress | Exploit | Refer to CVE-2026-49060 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Web |
CVE-2026-47365
CVSS 9.9 CVE-2026-47365 — Argument injection vulnerability in WordPress Toolkit before 6.… 📄 التفاصيل ← |
NVD | Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, all… | No | 🔴 Critical | WordPress | Exploit | Refer to CVE-2026-47365 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Exploit |
CVE-2026-47367
CVSS 9.9 CVE-2026-47367 — A malicious actor with access to the network and low privileges… 📄 التفاصيل ← |
NVD | A malicious actor with access to the network and low privileges could exploit an Improper Input Vali… | No | 🔴 Critical | Exploit | Refer to CVE-2026-47367 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Exploit |
CVE-2026-47369
CVSS 9.9 CVE-2026-47369 — A malicious actor with access to the network and low privileges… 📄 التفاصيل ← |
NVD | A malicious actor with access to the network and low privileges could exploit an Improper Input Vali… | No | 🔴 Critical | Exploit | Refer to CVE-2026-47369 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Exploit |
CVE-2026-47370
CVSS 9.9 CVE-2026-47370 — A malicious actor with access to the network and low privileges… 📄 التفاصيل ← |
NVD | A malicious actor with access to the network and low privileges could exploit an Improper Input Vali… | No | 🔴 Critical | Exploit | Refer to CVE-2026-47370 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-48611
CVSS 9.8 CVE-2026-48611 — Improper authentication checks in the OAuth implementation allo… 📄 التفاصيل ← |
NVD | Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth i… | No | 🔴 Critical | Exploit | Refer to CVE-2026-48611 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Exploit |
CVE-2026-11849
CVSS 9.8 CVE-2026-11849 — The iRM-IEI Remote Management developed by IEI Integration Cor… 📄 التفاصيل ← |
NVD | The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnera… | No | 🔴 Critical | Exploit | Refer to CVE-2026-11849 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Android |
CVE-2026-10557
CVSS 9.8 CVE-2026-10557 — The Yarbo Android and iOS applications contain hard-coded MQTT … 📄 التفاصيل ← |
NVD | The Yarbo Android and iOS applications contain hard-coded MQTT broker credentials that are identical… | No | 🔴 Critical | Android | Apple iOS | ICS/OT | Refer to CVE-2026-10557 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-47131
CVSS 10 CVE-2026-47131 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, by combining Buffer.call.call… | No | 🔴 Critical | Node.js | Exploit | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-47137
CVSS 10 CVE-2026-47137 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the fix for GHSA-8hg8-63c5-gw… | No | 🔴 Critical | Node.js | Exploit | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-47140
CVSS 10 CVE-2026-47140 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM blocks several dangero… | No | 🔴 Critical | Node.js | Exploit | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-47208
CVSS 10 CVE-2026-47208 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, VM2 suffers from a sandbox br… | No | 🔴 Critical | Node.js | Exploit | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-47210
CVSS 9.8 CVE-2026-47210 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, a sandbox escape vulnerabilit… | No | 🔴 Critical | Node.js | Exploit | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Web |
CVE-2026-53787
CVSS 9.8 CVE-2026-53787 — Amasty Order Attributes for Magento 2 before version 4.0.0 cont… 📄 التفاصيل ← |
NVD | Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary fil… | No | 🔴 Critical | PHP | Malware | Update to v4.0.0 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Web |
CVE-2026-54133
CVSS 9.8 CVE-2026-54133 — jmespath.php allows users to use JMESPath, software for declara… 📄 التفاصيل ← |
NVD | jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elem… | No | 🔴 Critical | PHP | Exploit | Update to v2.9.1 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-6853
CVSS 9.8 CVE-2026-6853 — Improper restriction of excessive authentication attempts vulner… 📄 التفاصيل ← |
NVD | Improper restriction of excessive authentication attempts vulnerability in Başbelen Group Food Cafe … | No | 🔴 Critical | Exploit | Refer to CVE-2026-6853 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-50083
CVSS 9.1 CVE-2026-50083 — The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcod… 📄 التفاصيل ← |
NVD | The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcoded OAuth client credential, which is … | No | 🔴 Critical | Exploit | Refer to CVE-2026-50083 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-50084
CVSS 9.6 CVE-2026-50084 — The Aqara Cloud Production API (open-cn.aqara.com/v3.0/open/api… 📄 التفاصيل ← |
NVD | The Aqara Cloud Production API (open-cn.aqara.com/v3.0/open/api) would authorize any valid developer… | No | 🔴 Critical | Exploit | Refer to CVE-2026-50084 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-50086
CVSS 10 CVE-2026-50086 — The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidire… 📄 التفاصيل ← |
NVD | The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the p… | No | 🔴 Critical | Exploit | Refer to CVE-2026-50086 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-50090
CVSS 9.3 CVE-2026-50090 — The Aqara Cloud OAuth Authorization Endpoint (open-cn.aqara.com… 📄 التفاصيل ← |
NVD | The Aqara Cloud OAuth Authorization Endpoint (open-cn.aqara.com/oauth/authorize) is vulnerable to a … | No | 🔴 Critical | Exploit | Refer to CVE-2026-50090 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Android |
CVE-2026-50091
CVSS 9.1 CVE-2026-50091 — Aqara Home Android (com.lumiunited.aqarahome) 6.0.0 (and white-… 📄 التفاصيل ← |
NVD | Aqara Home Android (com.lumiunited.aqarahome) 6.0.0 (and white-label clients embedding the same libl… | No | 🔴 Critical | Android | Exploit | Refer to CVE-2026-50091 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Windows |
CVE-2026-42305
CVE-2026-42305 - Dulwich has an arbitrary file write via NTFS-hostile tree entri… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42305 Published : 10 juin 2026 23:16 | 4 heures, 1 minute ago Description… | No | 🔴 Critical | Microsoft Windows | Exploit | Update to v0.10.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Palo Alto |
CVE-2026-0274
CVE-2026-0274 - Cortex XSOAR: Improper Validation of Credentials in CommvaultSec… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-0274 Published : 10 juin 2026 22:16 | 5 heures, 1 minute ago Description … | No | 🔴 Critical | Exploit | Refer to CVE-2026-0274 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-35273
CVSS 9.8 CVE-2026-35273 — Vulnerability in the PeopleSoft Enterprise PeopleTools product … 📄 التفاصيل ← |
NVD | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Upda… | No | 🔴 Critical | Oracle | Exploit | Update to v8.61 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-7852
CVSS 9.8 CVE-2026-7852 — Unrestricted upload of file with dangerous type vulnerability in… 📄 التفاصيل ← |
NVD | Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allo… | No | 🔴 Critical | Exploit | Refer to CVE-2026-7852 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Web |
CVE-2026-38581
CVSS 9.8 CVE-2026-38581 — SQL Injection vulnerability in damasac thaipalliative_lte throu… 📄 التفاصيل ← |
NVD | SQL Injection vulnerability in damasac thaipalliative_lte through version 3.0 allows remote attacker… | No | 🔴 Critical | PHP | Exploit | Update to v3.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-11839
CVSS 9.9 CVE-2026-11839 — Unrestricted upload of file with dangerous type vulnerability i… 📄 التفاصيل ← |
NVD | Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies … | No | 🔴 Critical | Exploit | Refer to CVE-2026-11839 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-9648
CVSS 9.1 CVE-2026-9648 — The crypton-x509-validation Haskell library fails to enforce X.5… 📄 التفاصيل ← |
NVD | The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS cli… | No | 🔴 Critical | Exploit | Refer to CVE-2026-9648 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-49261
CVSS 10 CVE-2026-49261 — MariaDB server is a community developed fork of MySQL server. V… 📄 التفاصيل ← |
NVD | MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11… | No | 🔴 Critical | MySQL | Exploit | Update to v10.6.1 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-49973
CVSS 9.4 CVE-2026-49973 — Hermes WebUI before version 0.51.358 contains an improper acces… 📄 التفاصيل ← |
NVD | Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows u… | No | 🔴 Critical | Exploit | Update to v0.51.358 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-41005
CVSS 9 CVE-2026-41005 — Cloud Foundry UAA incorrectly treated XML encryption to the Ser… 📄 التفاصيل ← |
NVD | Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as a … | No | 🔴 Critical | Exploit | Update to v2.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-44963
CVE-2026-44963 - Veeam Backup Server RCE 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44963 Published : June 9, 2026, 11:16 p.m. | 2 hours, 40 minutes ago Desc… | No | 🔴 Critical | Exploit | Refer to CVE-2026-44963 NVD advisory |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-45328
CVSS 9.3 CVE-2026-45328 — ESF-IDF is the Espressif Internet of Things (IOT) Development F… 📄 التفاصيل ← |
NVD | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, … | No | 🔴 Critical | Exploit | Update to v5.5.4 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Exploit |
CVE-2026-5067
CVSS 9.8 CVE-2026-5067 — A remote, unauthenticated attacker can trigger memory corruption… 📄 التفاصيل ← |
NVD | A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSoc… | No | 🔴 Critical | Exploit | Refer to CVE-2026-5067 NVD advisory |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
|
| Vulnerability |
CVE-2026-11499
CVSS 9.8 CVE-2026-11499 — GHSA: A vulnerability was determined in Tenda HG7HG9 and HG10 3… 📄 التفاصيل ← |
GHSA | A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function… | No | 🔴 Critical | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| iOS |
CVE-2026-47430
CVE-2026-47430 — GHSA: ## Summary The iOS implementation of `cordova-plugin-ina… 📄 التفاصيل ← |
GHSA | ## Summary The iOS implementation of `cordova-plugin-inappbrowser` passes the `id` field from a `WK… | No | 🔴 Critical | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Linux |
CVE-2026-27671
CVSS 9.8 CVE-2026-27671 — GHSA: Due to improper RFC protocol validation in the SAP Kernel… 📄 التفاصيل ← |
GHSA | Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP… | No | 🔴 Critical | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Vulnerability |
CVE-2026-44748
CVSS 9.9 CVE-2026-44748 — GHSA: SAP NetWeaver Application Server ABAP and ABAP Platform a… 📄 التفاصيل ← |
GHSA | SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal… | No | 🔴 Critical | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Linux |
CVE-2026-27671
CVSS 9.8 CVE-2026-27671 — Due to improper RFC protocol validation in the SAP Kernel used … 📄 التفاصيل ← |
NVD | Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP… | No | 🔴 Critical | SAP | Exploit | Refer to CVE-2026-27671 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Containers |
CVE-2026-40128
CVSS 9 CVE-2026-40128 — SAP NetWeaver Application Server Java (Web Container) allows an… 📄 التفاصيل ← |
NVD | SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft a … | No | 🔴 Critical | SAP | Exploit | Refer to CVE-2026-40128 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Vulnerability |
CVE-2026-44748
CVSS 9.9 CVE-2026-44748 — SAP NetWeaver Application Server ABAP and ABAP Platform allows … 📄 التفاصيل ← |
NVD | SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal… | No | 🔴 Critical | SAP | Exploit | Refer to CVE-2026-44748 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Exploit |
CVE-2026-33186
CVSS 9.1 CVE-2026-33186 — A flaw was found in gRPC-Go, the Go language implementation of … 📄 التفاصيل ← |
CIRCL CVE | A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authoriz… | No | 🔴 Critical | Exploit | Refer to CVE-2026-33186 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Web |
CVE-2023-54352
CVSS 9.8 CVE-2023-54352 — WordPress Seotheme contains a remote code execution vulnerabili… 📄 التفاصيل ← |
NVD | WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attack… | No | 🔴 Critical | WordPress | PHP | Exploit | Refer to CVE-2023-54352 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Web |
CVE-2024-58348
CVSS 9.8 CVE-2024-58348 — WordPress Background Image Cropper version 1.2 contains a remot… 📄 التفاصيل ← |
NVD | WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that a… | No | 🔴 Critical | WordPress | PHP | Exploit | Update to v1.2 |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Web |
CVE-2024-58349
CVSS 9.8 CVE-2024-58349 — WordPress Theme Travelscape 1.0.3 contains an arbitrary file up… 📄 التفاصيل ← |
NVD | WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauth… | No | 🔴 Critical | WordPress | Exploit | Refer to CVE-2024-58349 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| OT/ICS |
CVE-2026-6274
CVSS 9.8 CVE-2026-6274 — Improper Authentication, Missing authentication for critical fun… 📄 التفاصيل ← |
NVD | Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerabi… | No | 🔴 Critical | Improper Authentication, Missing | ICS/OT | Refer to CVE-2026-6274 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web |
CVE-2026-49777
CVSS 10 CVE-2026-49777 — Improper Validation of Specified Quantity in Input vulnerabilit… 📄 التفاصيل ← |
NVD | Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider… | No | 🔴 Critical | Improper Validation of | Exploit | Refer to CVE-2026-49777 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-6207
CVSS 9.1 CVE-2026-6207 — Observable response discrepancy vulnerability in HAVELSAN Inc. G… 📄 التفاصيل ← |
NVD | Observable response discrepancy vulnerability in HAVELSAN Inc. Geographic Tracking System allows Sys… | No | 🔴 Critical | Observable response discrepancy | Exploit | Refer to CVE-2026-6207 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-6208
CVSS 9.1 CVE-2026-6208 — Authorization bypass through User-Controlled key vulnerability i… 📄 التفاصيل ← |
NVD | Authorization bypass through User-Controlled key vulnerability in HAVELSAN Inc. Geographic Tracking … | No | 🔴 Critical | Authorization bypass | Exploit | Refer to CVE-2026-6208 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-6209
CVSS 9.1 CVE-2026-6209 — Improper Access Control, Missing Authorization vulnerability in … 📄 التفاصيل ← |
NVD | Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc. Geographic Tracking Sy… | No | 🔴 Critical | Improper Access Control, | Exploit | Refer to CVE-2026-6209 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Malware |
CVE-2025-71317
CVSS 9.8 CVE-2025-71317 — GHSA: NetMan 204 contains a hard-coded backdoor account with th… 📄 التفاصيل ← |
GHSA | NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' t… | No | 🔴 Critical | GHSA: NetMan 204 | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Network |
CVE-2025-71318
CVSS 9.8 CVE-2025-71318 — GHSA: NetMan 204 fails to enforce authentication on its adminis… 📄 التفاصيل ← |
GHSA | NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remo… | No | 🔴 Critical | GHSA: NetMan 204 | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Supply Chain |
CVE-2026-47744
CVSS 9.9 CVE-2026-47744 — GHSA: Shopper: Authorization bypass and RBAC privilege escalati… 📄 التفاصيل ← |
GHSA | ## Impact Two distinct authorization defects in the team settings allowed any authenticated panel u… | No | 🔴 Critical | GHSA: Shopper: Authorization | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Vulnerability |
CVE-2026-11429
CVE-2026-11429 - Path Traversal in Altium Git Service Allows Remote Code Executi… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-11429 Published : June 5, 2026, 9:01 p.m. | 1 hour, 27 minutes ago Descri… | No | 🔴 Critical | Path Traversal in | Exploit | Refer to CVE-2026-11429 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web |
CVE-2026-7654
CVE-2026-7654 - Admin Columns 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-7654 Published : June 5, 2026, 11:16 p.m. | 1 hour, 12 minutes ago Descri… | No | 🔴 Critical | WordPress | PHP | Exploit | Update to v7.0.18 |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Microsoft |
CVE-2026-45497
CVE-2026-45497 Microsoft M365 Copilot Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Improper neutralization of special elements used in a command ('command injection') in Mic… | No | 🔴 Critical | Microsoft Copilot | Microsoft Copilot | Microsoft 365 | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-48567
CVE-2026-48567 Azure HorizonDB Elevation of Privilege Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate priv… | No | 🔴 Critical | Microsoft Azure | Exploit | Refer to CVE-2026-48567 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Web |
CVE-2026-3300
CVSS 9.8 Hackers Actively Exploiting WordPress Plugin Vulnerability to Inject Malicious P… 📄 التفاصيل ← |
Cyber Security News | Hackers are actively exploiting a critical remote code execution (RCE) vulnerability in the Everest … | No | 🔴 Critical | WordPress | PHP | Exploit | Update to v1.9.12 |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Web |
CVE-2019-25738
CVSS 9.8 CVE-2019-25738 — WordPress Hybrid Composer 1.4.6 contains an unauthenticated set… 📄 التفاصيل ← |
NVD | WordPress Hybrid Composer 1.4.6 contains an unauthenticated settings change vulnerability that allow… | No | 🔴 Critical | WordPress | PHP | Exploit | Refer to CVE-2019-25738 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Western Digital |
CVE-2019-25727
CVSS 9.8 CVE-2019-25727 — WordPress Plugin ad manager wd 1.0.11 contains an arbitrary fil… 📄 التفاصيل ← |
NVD | WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows … | No | 🔴 Critical | WordPress | PHP | Exploit | Refer to CVE-2019-25727 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Microsoft |
CVE-2026-48579
CVSS 9.1 CVE-2026-48579 — Improper authorization in Microsoft Exchange Online allows an u… 📄 التفاصيل ← |
NVD | Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose info… | No | 🔴 Critical | Microsoft Exchange | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11235
CVE-2026-11235 - Google Chrome Compositing Policy Bypass 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-11235 Published : June 4, 2026, 11:17 p.m. | 5 hours, 9 minutes ago Descr… | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11235 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Web |
CVE-2026-50076
CVSS 9.1 CVE-2026-50076 — Deserialization of Untrusted Data in the Java replace-resolve p… 📄 التفاصيل ← |
NVD | Deserialization of Untrusted Data in the Java replace-resolve path in Apache Fory fory-core Java SDK… | No | 🔴 Critical | Apache HTTP Server | Exploit | Update to v1.1.0 |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-41283
CVSS 9.9 CVE-2026-41283 — OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code E… 📄 التفاصيل ← |
NVD | OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. The… | No | 🔴 Critical | OpenStack Mistral | Exploit | Refer to CVE-2026-41283 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-49185
CVSS 9.8 CVE-2026-49185 — The FieldX MDM adb messaging topic passes unverified payloads d… 📄 التفاصيل ← |
NVD | The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing… | No | 🔴 Critical | The FieldX MDM | Exploit | Refer to CVE-2026-49185 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Network |
CVE-2026-49186
CVSS 9.8 CVE-2026-49186 — The local MQTT broker does not enforce topic-level Access Contr… 📄 التفاصيل ← |
NVD | The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any clie… | No | 🔴 Critical | The local MQTT | Exploit | Refer to CVE-2026-49186 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-49188
CVSS 9.8 CVE-2026-49188 — The ai_cmd utility executes with full root permissions. It pipe… 📄 التفاصيل ← |
NVD | The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), … | No | 🔴 Critical | The ai_cmd utility executes with | Exploit | Refer to CVE-2026-49188 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-49191
CVSS 9.8 CVE-2026-49191 — The production build of the M3WebServer hard-codes its backend … 📄 التفاصيل ← |
NVD | The production build of the M3WebServer hard-codes its backend API keys, which can be easily interce… | No | 🔴 Critical | The production build | Exploit | Refer to CVE-2026-49191 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-50208
CVSS 9.4 CVE-2026-50208 — High-risk TrustAllCerts routines disable standard TLS certifica… 📄 التفاصيل ← |
NVD | High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-cod… | No | 🔴 Critical | High-risk TrustAllCerts routines disable standard | Exploit | Refer to CVE-2026-50208 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| OT/ICS |
CVE-2026-50211
CVSS 9.8 CVE-2026-50211 — Leftover engineering diagnostics and factory-level diagnostic s… 📄 التفاصيل ← |
NVD | Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail buil… | No | 🔴 Critical | Leftover engineering diagnostics | ICS/OT | Refer to CVE-2026-50211 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Red Hat |
CVE-2026-10840
CVSS 9.6 CVE-2026-10840 — A flaw was found in the OpenShift Pipelines operator. The tekto… 📄 التفاصيل ← |
NVD | A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBi… | No | 🔴 Critical | A flaw was | Exploit | Refer to CVE-2026-10840 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| OT/ICS |
CVE-2026-4104
CVSS 9.8 CVE-2026-4104 — Authorization bypass through User-Controlled SQL primary key vul… 📄 التفاصيل ← |
NVD | Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Auto… | No | 🔴 Critical | Authorization bypass | ICS/OT | Refer to CVE-2026-4104 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Web |
CVE-2019-25729
CVSS 9.8 CVE-2019-25729 — PDF Signer 3.0 contains a server-side template injection vulner… 📄 التفاصيل ← |
NVD | PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated a… | No | 🔴 Critical | PHP | Exploit | Refer to CVE-2019-25729 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2019-25741
CVSS 9.8 CVE-2019-25741 — Mobatek MobaXterm 12.1 contains a structured exception handling… 📄 التفاصيل ← |
NVD | Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerab… | No | 🔴 Critical | Mobatek MobaXterm | Exploit | Refer to CVE-2019-25741 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-8037
CVSS 9.6 CVE-2026-8037 — OS Command Injection Remote Code Execution Vulnerability in API … 📄 التفاصيل ← |
NVD | OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an u… | No | 🔴 Critical | OS Command Injection | Exploit | Refer to CVE-2026-8037 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-35906
CVSS 9.6 CVE-2026-35906 — An undocumented debug CGI endpoint in T3 Technology CPE models … 📄 التفاصيل ← |
NVD | An undocumented debug CGI endpoint in T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03 allow… | No | 🔴 Critical | An undocumented debug | Exploit | Refer to CVE-2026-35906 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Web |
CVE-2026-43986
CVSS 9.9 CVE-2026-43986 — Tautulli is a Python based monitoring and tracking tool for Ple… 📄 التفاصيل ← |
NVD | Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.1… | No | 🔴 Critical | Tautulli is a | Exploit | Update to v2.17.1 |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Network |
CVE-2025-67446
CVSS 9.8 CVE-2025-67446 — Improper Authentication (Authentication Bypass) exists in Neter… 📄 التفاصيل ← |
NVD | Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and … | No | 🔴 Critical | Improper Authentication (Authentication | Exploit | Refer to CVE-2025-67446 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Network |
CVE-2025-67447
CVSS 9.8 CVE-2025-67447 — The network diagnosis (ping) module in Neterbit NW-431F Router … 📄 التفاصيل ← |
NVD | The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerabl… | No | 🔴 Critical | The network diagnosis | Exploit | Refer to CVE-2025-67447 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Web |
CVE-2026-10880
CVSS 9.8 CVE-2026-10880 — OSNexus QuantaStor SDS Manager is vulnerable to SQL injection i… 📄 التفاصيل ← |
NVD | OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username fi… | No | 🔴 Critical | OSNexus QuantaStor SDS | Exploit | Refer to CVE-2026-10880 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-25550
CVSS 9.8 CVE-2026-25550 — Seagull Software BarTender 2010, 2016, and 2019 contain an unau… 📄 التفاصيل ← |
NVD | Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vul… | No | 🔴 Critical | Seagull Software BarTender | Exploit | Refer to CVE-2026-25550 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Microsoft |
CVE-2025-71316
CVSS 9.8 CVE-2025-71316 — SQLite 'sqldiff.exe' does not securely handle the way… 📄 التفاصيل ← |
NVD | SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime conv… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Network |
CVE-2024-27890
CVSS 9.6 CVE-2024-27890 — Affected platforms running Arista EOS with OpenConfig configure… 📄 التفاصيل ← |
NVD | Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when… | No | 🔴 Critical | Affected platforms running | Exploit | Refer to CVE-2024-27890 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Network |
CVE-2024-27892
CVSS 9.6 CVE-2024-27892 — Affected platforms running Arista EOS with OpenConfig configure… 📄 التفاصيل ← |
NVD | Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when… | No | 🔴 Critical | Affected platforms running | Exploit | Refer to CVE-2024-27892 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-10881
CVSS 9.6 CVE-2026-10881 — Out of bounds read and write in ANGLE in Google Chrome prior to… 📄 التفاصيل ← |
NVD | Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attac… | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-10881 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-10886
CVSS 9.6 CVE-2026-10886 — Use after free in FileSystem in Google Chrome prior to 149.0.78… 📄 التفاصيل ← |
NVD | Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to po… | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-10886 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-47065
CVSS 9.8 CVE-2026-47065 — GHSA: ZDRES-232: resolveProxyClass Not Overridden - acceptMatch… 📄 التفاصيل ← |
GHSA | ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Pro… | No | 🔴 Critical | GHSA: ZDRES-232: resolveProxyClass | Exploit |
UTC: 2026-06-03
EDT: 2026-06-03
SA: 2026-06-03
|
|
| Cloud |
CVE-2026-4035
CVSS 9.1 CVE-2026-4035 — GHSA: A vulnerability in mlflow/mlflow versions prior to 3.11.0 … 📄 التفاصيل ← |
GHSA | A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment v… | No | 🔴 Critical | GHSA: A vulnerability | AI Attack |
UTC: 2026-06-03
EDT: 2026-06-03
SA: 2026-06-03
|
|
| Vulnerability |
CVE-2026-35075
CVSS 9.8 CVE-2026-35075 — VulnCheck: An unauthenticated remote attacker can recover a def… 📄 التفاصيل ← |
VulnCheck | An unauthenticated remote attacker can recover a default, hard coded password from a firmware image … | No | 🔴 Critical | VulnCheck: An unauthenticated | Exploit | Refer to CVE-2026-35075 NVD advisory |
UTC: 2026-06-03
EDT: 2026-06-03
SA: 2026-06-03
|
| Linux |
CVE-2026-44182
CVE-2026-44182 — GHSA: Jupyter Enterprise Gateway: Kubernetes Manifest Injection… 📄 التفاصيل ← |
GHSA | ### Summary The environment variables used during the rendering of the Kubernetes manifest allow YA… | No | 🔴 Critical | Kubernetes | PoC Research |
UTC: 2026-06-03
EDT: 2026-06-03
SA: 2026-06-03
|
|
| Linux |
CVE-2026-44181
CVE-2026-44181 — GHSA: Jupyter Enterprise Gateway: Jinja2 Template Server Side T… 📄 التفاصيل ← |
GHSA | ### Summary The environment variables (`KERNEL_XXX`) used during the rendering of the Kubernetes ma… | No | 🔴 Critical | Kubernetes | PoC Research |
UTC: 2026-06-03
EDT: 2026-06-03
SA: 2026-06-03
|
|
| Web |
CVE-2026-10284
CVE-2026-10284 📄 التفاصيل ← |
Vulners | A flaw has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this vulnerab… | No | 🔴 Critical | Exploit | Refer to CVE-2026-10284 NVD advisory |
UTC: 2026-06-02
EDT: 2026-06-02
SA: 2026-06-02
|
|
| Vulnerability |
CVE-2026-49448
CVE-2026-49448 - authentik: SourceStage bypass via empty POST 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-49448 Published : June 2, 2026, 9:16 p.m. | 1 hour, 9 minutes ago Descrip… | No | 🔴 Critical | authentik: SourceStage bypass | Exploit | Update to v2025.12.6 |
UTC: 2026-06-02
EDT: 2026-06-02
SA: 2026-06-02
|
| Vulnerability |
CVE-2026-49443
CVE-2026-49443 - authentik: `UserSourceConnection.user` and `GroupSourceConnecti… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-49443 Published : June 2, 2026, 9:16 p.m. | 1 hour, 9 minutes ago Descrip… | No | 🔴 Critical | authentik: `UserSourceConnection.user` and | Exploit | Update to v2025.12.6 |
UTC: 2026-06-02
EDT: 2026-06-02
SA: 2026-06-02
|
| Vulnerability |
CVE-2026-47201
CVE-2026-47201 - authentik: XML Signature Wrapping in SAML Source ACS allows aut… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47201 Published : June 2, 2026, 9:16 p.m. | 1 hour, 9 minutes ago Descrip… | No | 🔴 Critical | authentik: XML Signature | Exploit | Update to v2025.12.5 |
UTC: 2026-06-02
EDT: 2026-06-02
SA: 2026-06-02
|
| Web |
CVE-2026-42849
CVE-2026-42849 - authentik: Reflected XSS in SFE AutosubmitStage allows IDP acco… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42849 Published : June 2, 2026, 9:16 p.m. | 1 hour, 9 minutes ago Descrip… | No | 🔴 Critical | authentik: Reflected XSS | Exploit | Update to v2025.12.5 |
UTC: 2026-06-02
EDT: 2026-06-02
SA: 2026-06-02
|
| AI/LLM |
CVE-2026-32625
CVSS 9.6 CVE-2026-32625 — VulnCheck: LibreChat is an enhanced ChatGPT clone that supports… 📄 التفاصيل ← |
VulnCheck | LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and in… | No | 🔴 Critical | VulnCheck: LibreChat is | AI Attack | Update to v0.8.3 |
UTC: 2026-06-02
EDT: 2026-06-02
SA: 2026-06-02
|
| Vulnerability |
CVE-2026-7770
CVE-2026-7770 - IBM i Access Client Solutions (ACS) is vulnerable to remote code… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-7770 Published : June 1, 2026, 7:16 p.m. | 1 hour, 8 minutes ago Descript… | No | 🔴 Critical | IBM i Access | Exploit | Refer to CVE-2026-7770 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Vulnerability |
CVE-2026-49121
CVE-2026-49121 - AI Tensor Engine for ROCm (AITER) 0.1.14 Unauthenticated RCE vi… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-49121 Published : June 1, 2026, 7:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | AI Tensor Engine | AI Attack | Refer to CVE-2026-49121 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Web |
CVE-2026-45545
CVE-2026-45545 - Nextcloud: SQL Injection in Column Type Parameter Allows Arbitr… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45545 Published : June 1, 2026, 7:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | Nextcloud: SQL Injection | Exploit | Update to v0.7.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Vulnerability |
CVE-2026-45281
CVE-2026-45281 - Nextcloud: Cross-Account Calendar Takeover via Unauthorized Gro… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45281 Published : June 1, 2026, 7:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | Nextcloud: Cross-Account Calendar | Exploit | Update to v32.0.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| AI/LLM |
CVE-2026-43625
CVE-2026-43625 - CodexBar < 0.32.0 Session Cookie Exposure via HTTP Redirect 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-43625 Published : June 1, 2026, 7:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | CodexBar < 0.32.0 | Exploit | Refer to CVE-2026-43625 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Web |
CVE-2026-45701
CVE-2026-45701 📄 التفاصيل ← |
Vulners | Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versio… | No | 🔴 Critical | Exploit | Update to v2.6.23 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-45156
CVE-2026-45156 - Nextcloud: Authentication Bypass in ID4me handling via Missing … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45156 Published : June 1, 2026, 5:17 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | Nextcloud: Authentication Bypass | Exploit | Update to v0.3.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Vulnerability |
CVE-2026-45267
CVE-2026-45267 📄 التفاصيل ← |
Vulners | Nextcloud is an open source content collaboration platform. Prior to version 5.2.6, a missing permis… | No | 🔴 Critical | Exploit | Update to v5.2.6 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-45154
CVE-2026-45154 📄 التفاصيل ← |
Vulners | Nextcloud is an open source content collaboration platform. From version 2.6.0 to before version 4.3… | No | 🔴 Critical | Exploit | Update to v2.6.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-45264
CVE-2026-45264 📄 التفاصيل ← |
Vulners | Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, … | No | 🔴 Critical | Exploit | Update to v17.0.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-45155
CVE-2026-45155 📄 التفاصيل ← |
Vulners | Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0… | No | 🔴 Critical | Exploit | Update to v32.0.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-45159
CVE-2026-45159 📄 التفاصيل ← |
Vulners | Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15.4, 1… | No | 🔴 Critical | Exploit | Update to v1.15.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-45266
CVE-2026-45266 📄 التفاصيل ← |
Vulners | Nextcloud is an open source content collaboration platform. Prior to versions 21.1.10, 22.0.11, and … | No | 🔴 Critical | Exploit | Update to v21.1.10 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-45157
CVE-2026-45157 📄 التفاصيل ← |
Vulners | Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0… | No | 🔴 Critical | Exploit | Update to v32.0.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Containers |
CVE-2026-45131
CVE-2026-45131 - CloudPirates Open Source Helm Charts: GitHub Actions pull_reque… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45131 Published : June 1, 2026, 5:17 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | Docker | Exploit | Refer to CVE-2026-45131 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| OT/ICS |
CVE-2026-44740
CVE-2026-44740 📄 التفاصيل ← |
Vulners | Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, mult… | No | 🔴 Critical | ICS/OT | Update to v5.9.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Containers |
CVE-2026-45132
CVE-2026-45132 - CloudPirates Open Source Helm Charts: GitHub Actions workflow l… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45132 Published : June 1, 2026, 5:17 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | CloudPirates Open Source | Exploit | Refer to CVE-2026-45132 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Android |
CVE-2026-45153
CVE-2026-45153 📄 التفاصيل ← |
Vulners | Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33… | No | 🔴 Critical | Android 14/13 | Exploit | Update to v33.0.0 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Vulnerability |
CVE-2026-37224
CVE-2026-37224 📄 التفاصيل ← |
Vulners | FlexRIC v2.0.0 crashes when receiving a duplicate E2SETUPREQUEST from the same or spoofed E2 Node. T… | No | 🔴 Critical | Exploit | Refer to CVE-2026-37224 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability | CVE-2026-BetterSQLCipher-RCE exploit 📄 التفاصيل ← | Sploitus | No | 🔴 Critical | CVE-2026-BetterSQLCipher-RCE exploit | Exploit | Apply vendor security patch |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-0826
CVE-2026-0826 - Poly Voice – Possible Remote Control of Certain Poly Devices 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-0826 Published : June 1, 2026, 3:16 p.m. | 3 hours, 8 minutes ago Descrip… | No | 🔴 Critical | Apple iOS | Exploit | Refer to CVE-2026-0826 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Linux |
CVE-2026-40460
USN-8354-1: nginx vulnerabilities 📄 التفاصيل ← |
Ubuntu Security | It was discovered that nginx did not properly validate source addresses in the HTTP/3 QUIC module. A… | No | 🔴 Critical | Ubuntu 22.04/20.04 LTS | Exploit | Refer to CVE-2026-40460 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Vulnerability |
CVE-2026-40895
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component us… 📄 التفاصيل ← |
Vulners | Summary IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz… | No | 🔴 Critical | Security Bulletin: IBM | Exploit | Refer to CVE-2026-40895 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Web |
CVE-2026-49328
CVE-2026-49328 Apache Fesod (Incubating): Improper validation of user-supplied U… 📄 التفاصيل ← |
Vulners | Server-Side Request Forgery SSRF in the UrlImageConverter component of Apache Fesod Incubating fesod… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Update to v2.0.2 |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Web |
CVE-2026-48188
CVSS 9.1 CVE-2026-48188 — An improper Input Validation vulnerability in OTRS or ((OTRS)) … 📄 التفاصيل ← |
NVD | An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer modu… | No | 🔴 Critical | MySQL | Exploit | Refer to CVE-2026-48188 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Web |
CVE-2026-42359
CVE-2026-42359 — A bug in Apache Airflow's XCom PATCH endpoint `PATCH /api/… 📄 التفاصيل ← |
NVD | A bug in Apache Airflow's XCom PATCH endpoint `PATCH /api/v2/xcomEntries/{key}` allowed an auth… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Refer to CVE-2026-42359 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Vulnerability |
CVE-2026-7858
CVSS 9.8 CVE-2026-7858 — A Deserialization of Untrusted Data vulnerability affecting Team… 📄 التفاصيل ← |
NVD | A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 202… | No | 🔴 Critical | A Deserialization of | Exploit | Refer to CVE-2026-7858 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Vulnerability |
CVE-2026-48879
CVSS 9.8 CVE-2026-48879 — GHSA: Incorrect Privilege Assignment vulnerability in Sergey AI… 📄 التفاصيل ← |
GHSA | Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue… | No | 🔴 Critical | GHSA: Incorrect Privilege | Exploit |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-8931
CVE-2026-8931 — GHSA: A critical Remote Code Execution (RCE) vulnerability exist… 📄 التفاصيل ← |
GHSA | A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 throu… | No | 🔴 Critical | GHSA: A critical | Exploit |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-48866
CVSS 9.6 CVE-2026-48866 — GHSA: Improper Limitation of a Pathname to a Restricted Directo… 📄 التفاصيل ← |
GHSA | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerabili… | No | 🔴 Critical | GHSA: Improper Limitation | Exploit |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-42680
CVSS 9.8 CVE-2026-42680 — GHSA: Incorrect Privilege Assignment vulnerability in Wasiliy S… 📄 التفاصيل ← |
GHSA | Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest … | No | 🔴 Critical | GHSA: Incorrect Privilege | Exploit |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Web |
CVE-2026-42672
CVSS 9.3 CVE-2026-42672 — GHSA: Improper Neutralization of Special Elements used in an SQ… 📄 التفاصيل ← |
GHSA | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulne… | No | 🔴 Critical | GHSA: Improper Neutralization | Exploit |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
|
| Vulnerability |
CVE-2026-9311
CVSS 9 CVE-2026-9311 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to r… 📄 التفاصيل ← |
NVD | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the b… | No | 🔴 Critical | IBM WebSphere Application Server | Exploit | Refer to CVE-2026-9311 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Vulnerability |
CVE-2026-8644
CVSS 9.1 CVE-2026-8644 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to i… 📄 التفاصيل ← |
NVD | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing. | No | 🔴 Critical | IBM WebSphere Application Server | Exploit | Refer to CVE-2026-8644 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| IBM |
CVE-2026-9319
CVSS 9 CVE-2026-9319 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to p… 📄 التفاصيل ← |
NVD | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due t… | No | 🔴 Critical | IBM WebSphere Application Server | Exploit | Refer to CVE-2026-9319 NVD advisory |
UTC: 2026-06-01
EDT: 2026-06-01
SA: 2026-06-01
|
| Exploit |
CVE-2025-23167
CVE-2025-23167 A flaw in Node.js 20's HTTP parser allows improper terminati… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | Node.js | Exploit | Refer to CVE-2025-23167 NVD advisory |
UTC: 2026-05-31
EDT: 2026-05-31
SA: 2026-05-31
|
| AI/LLM |
CVE-2026-34872
CVE-2026-34872 An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | An issue was discovered in Mbed TLS | AI Attack | Refer to CVE-2026-34872 NVD advisory |
UTC: 2026-05-31
EDT: 2026-05-31
SA: 2026-05-31
|
| Exploit |
CVE-2026-21711
CVE-2026-21711 A flaw in Node.js Permission Model network enforcement leaves Uni… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | Node.js | Exploit | Refer to CVE-2026-21711 NVD advisory |
UTC: 2026-05-31
EDT: 2026-05-31
SA: 2026-05-31
|
| Exploit |
CVE-2026-46178
CVE-2026-46178 RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq() 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | RDMA/mlx4: Fix resource | Exploit | Refer to CVE-2026-46178 NVD advisory |
UTC: 2026-05-30
EDT: 2026-05-30
SA: 2026-05-30
|
| Exploit |
CVE-2026-46174
CVE-2026-46174 x86/CPU/AMD: Prevent improper isolation of shared resources in Ze… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | AMD | Exploit | Refer to CVE-2026-46174 NVD advisory |
UTC: 2026-05-30
EDT: 2026-05-30
SA: 2026-05-30
|
| Linux |
CVE-2026-43501
CVSS 9.8 CVE-2026-43501 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len head… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-43501 NVD advisory |
UTC: 2026-05-30
EDT: 2026-05-30
SA: 2026-05-30
|
| iOS |
CVE-2026-45898
CVSS 9.8 CVE-2026-45898 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list c… | No | 🔴 Critical | Linux Kernel | Exploit | Refer to CVE-2026-45898 NVD advisory |
UTC: 2026-05-30
EDT: 2026-05-30
SA: 2026-05-30
|
| Linux |
CVE-2026-45972
CVSS 9.8 CVE-2026-45972 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-45972 NVD advisory |
UTC: 2026-05-30
EDT: 2026-05-30
SA: 2026-05-30
|
| Linux |
CVE-2026-46039
CVSS 9.8 CVE-2026-46039 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer ove… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-46039 NVD advisory |
UTC: 2026-05-30
EDT: 2026-05-30
SA: 2026-05-30
|
| Exploit |
CVE-2026-45102
CVSS 9.9 CVE-2026-45102 — OneUptime is an open-source monitoring and observability platfo… 📄 التفاصيل ← |
NVD | OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses … | No | 🔴 Critical | Node.js | Exploit | Refer to CVE-2026-45102 NVD advisory |
UTC: 2026-05-30
EDT: 2026-05-30
SA: 2026-05-30
|
| Linux |
CVE-2026-46155
CVSS 9.1 CVE-2026-46155 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds r… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-46155 NVD advisory |
UTC: 2026-05-30
EDT: 2026-05-30
SA: 2026-05-30
|
| Exploit |
CVE-2026-44973
CVE-2026-44973 - Billy: Path traversal vulnerabilities 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44973 Published : May 28, 2026, 10:16 p.m. | 8 hours, 7 minutes ago Descr… | No | 🔴 Critical | Billy: Path traversal | Exploit | Refer to CVE-2026-44973 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| Containers |
CVE-2026-44849
CVE-2026-44849 - Portainer: Endpoint security bypass via Swarm service create/up… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44849 Published : May 28, 2026, 10:16 p.m. | 8 hours, 7 minutes ago Descr… | No | 🔴 Critical | Kubernetes 1.30.x | Exploit | Refer to CVE-2026-44849 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| Containers |
CVE-2026-44848
CVE-2026-44848 - Portainer: Missing authorization on Docker plugin endpoints all… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44848 Published : May 28, 2026, 10:16 p.m. | 8 hours, 7 minutes ago Descr… | No | 🔴 Critical | Kubernetes 1.30.x | Exploit | Refer to CVE-2026-44848 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| OT/ICS |
CVE-2026-9645
CVE-2026-9645 - ScadaBR Authenticated Remote Code Execution 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-9645 Published : May 28, 2026, 9:16 p.m. | 9 hours, 8 minutes ago Descrip… | No | 🔴 Critical | ScadaBR Authenticated Remote | ICS/OT | Refer to CVE-2026-9645 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| Exploit |
CVE-2026-44655
CVE-2026-44655 - MantisBT: Stored XSS on Move Attachments Admin Page 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44655 Published : May 28, 2026, 9:16 p.m. | 9 hours, 8 minutes ago Descri… | No | 🔴 Critical | MantisBT: Stored XSS | Exploit | Refer to CVE-2026-44655 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| Exploit |
CVE-2026-47131
CVSS 10 CVE-2026-47131 — GHSA: vm2 has a Sandbox Escape issue 📄 التفاصيل ← |
GHSA | ### Summary By combining `Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__")`, `Bu… | No | 🔴 Critical | Node.js | PoC Research |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Exploit |
CVE-2026-47140
CVSS 10 CVE-2026-47140 — GHSA: NodeVM builtin denylist bypass via process and inspector/… 📄 التفاصيل ← |
GHSA | ## Summary `NodeVM` blocks several dangerous Node.js builtins such as `module`, `worker_threads`, `… | No | 🔴 Critical | Node.js | PoC Research |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Exploit |
CVE-2026-47210
CVSS 9.8 CVE-2026-47210 — GHSA: vm2 sandbox escape via JSPI-backed Promise `.finally()` s… 📄 التفاصيل ← |
GHSA | ### Summary A sandbox escape vulnerability in `vm2` allows arbitrary code execution in the host proc… | No | 🔴 Critical | GHSA: vm2 sandbox | PoC Research |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Exploit |
CVE-2026-47137
CVSS 10 CVE-2026-47137 — GHSA: vm2 has a CVE-2023-37903 patch bypass: nesting:true witho… 📄 التفاصيل ← |
GHSA | ## Summary The fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in `nodevm.js` line … | No | 🔴 Critical | GHSA: vm2 has | Exploit |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Exploit |
CVE-2026-47208
CVSS 10 CVE-2026-47208 — GHSA: vm2 is Vulnerable to Sandbox Breakout Through Promise Spe… 📄 التفاصيل ← |
GHSA | ### Summary VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code … | No | 🔴 Critical | GHSA: vm2 is | PoC Research |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Exploit |
CVE-2026-8838
CVSS 9.8 CVE-2026-8838 — GHSA: amazon-redshift-python-driver vulnerable to Remote Code Ex… 📄 التفاصيل ← |
GHSA | ### Summary amazon-redshift-python-driver is the official Python connector for Amazon Redshift. In v… | No | 🔴 Critical | GHSA: amazon-redshift-python-driver vulnerable | Exploit |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Linux |
CVE-2026-47391
CVSS 9.8 CVE-2026-47391 — GHSA: PraisonAI's unauthenticated A2A official example can… 📄 التفاصيل ← |
GHSA | ## Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely ex… | No | 🔴 Critical | GHSA: PraisonAI's unauthenticated | Data Breach |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Exploit |
CVE-2026-47410
CVSS 9.8 CVE-2026-47410 — GHSA: praisonai-platform: JWT signing key defaults to hardcoded… 📄 التفاصيل ← |
GHSA | ## Summary **Type:** Insecure default cryptographic key. The JWT signing secret defaults to the har… | No | 🔴 Critical | GHSA: praisonai-platform: JWT | Exploit |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Cloud |
CVE-2026-47407
CVE-2026-47407 — GHSA: PraisonAI Platform has a cross-workspace IDOR + member-ro… 📄 التفاصيل ← |
GHSA | ## Summary The Platform server exposes resources under `/api/v1/workspaces/{workspace_id}/...` and … | No | 🔴 Critical | GHSA: PraisonAI Platform | APT |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Network |
CVE-2026-47416
CVSS 9.6 CVE-2026-47416 — GHSA: praisonai-platform: Any workspace member can promote them… 📄 التفاصيل ← |
GHSA | ## Summary **Type:** Vertical privilege escalation. The `PATCH /workspaces/{workspace_id}/members/{… | No | 🔴 Critical | GHSA: praisonai-platform: Any | Exploit |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
|
| Web |
CVE-2026-9559
CVSS 9.9 CVE-2026-9559 — VulnCheck: A path traversal vulnerability exists in the campaign… 📄 التفاصيل ← |
VulnCheck | A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting up… | No | 🔴 Critical | PHP | Exploit | Refer to CVE-2026-9559 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| Vulnerability |
CVE-2026-9558
CVSS 9.9 CVE-2026-9558 — VulnCheck: A Server-Side Template Injection (SSTI) vulnerability… 📄 التفاصيل ← |
VulnCheck | A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme engine. The plat… | No | 🔴 Critical | VulnCheck: A Server-Side | Exploit | Refer to CVE-2026-9558 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| Vulnerability |
CVE-2026-9051
CVSS 9.1 CVE-2026-9051 — VulnCheck: There is an authentication bypass vulnerability in th… 📄 التفاصيل ← |
VulnCheck | There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard applicatio… | No | 🔴 Critical | VulnCheck: There is | Exploit | Refer to CVE-2026-9051 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| Windows |
CVE-2026-45700
CVSS 9.8 CVE-2026-45700 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's pla… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-45700 NVD advisory |
UTC: 2026-05-29
EDT: 2026-05-29
SA: 2026-05-29
|
| General |
CVE-2026-8697
CVE-2026-8697 - Improper Authentication Rate Limiting on TP-Link's Archer C… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-8697 Published : May 28, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descript… | No | 🔴 Critical | Improper Authentication Rate | Exploit | Refer to CVE-2026-8697 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| OT/ICS |
CVE-2026-44477
CVE-2026-44477 - CloudNativePG: Metrics exporter allows privilege escalation to … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44477 Published : May 28, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | Kubernetes 1.30.x | ICS/OT | Refer to CVE-2026-44477 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| General |
CVE-2026-44465
CVE-2026-44465 - Zed: Zed IDE Arbitrary Code Execution via untrusted repository … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44465 Published : May 28, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | Zed: Zed IDE | Exploit | Refer to CVE-2026-44465 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| General |
CVE-2026-44672
CVE-2026-44672 - mapfish-print: Remote Code Injection (RCE) in Dynamic table 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44672 Published : May 28, 2026, 4:16 p.m. | 2 hours, 8 minutes ago Descri… | No | 🔴 Critical | mapfish-print: Remote Code | Exploit | Refer to CVE-2026-44672 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Network |
CVE-2026-44593
CVE-2026-44593 - esm.sh: Legacy Route Path Traversal Can Lead to RCE 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44593 Published : May 28, 2026, 4:16 p.m. | 2 hours, 8 minutes ago Descri… | No | 🔴 Critical | esm.sh: Legacy Route | Exploit | Refer to CVE-2026-44593 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Web |
CVE-2026-35676
CVE-2026-35676 - phpMyFAQ - Unauthenticated Password Reset via User Password Upd… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-35676 Published : May 28, 2026, 4:16 p.m. | 2 hours, 8 minutes ago Descri… | No | 🔴 Critical | phpMyFAQ | Exploit | Refer to CVE-2026-35676 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Web |
CVE-2026-35675
CVE-2026-35675 - phpMyFAQ - Authentication Bypass via Missing Password Reset Tok… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-35675 Published : May 28, 2026, 4:16 p.m. | 2 hours, 8 minutes ago Descri… | No | 🔴 Critical | phpMyFAQ | Exploit | Refer to CVE-2026-35675 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Web |
CVE-2026-35672
CVE-2026-35672 - phpMyFAQ - Authentication Bypass via Empty API Token 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-35672 Published : May 28, 2026, 4:16 p.m. | 2 hours, 8 minutes ago Descri… | No | 🔴 Critical | phpMyFAQ | Exploit | Refer to CVE-2026-35672 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| General |
CVE-2026-8979
CVE-2026-8979 - Authentication Bypass 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-8979 Published : May 28, 2026, 2:16 p.m. | 4 hours, 8 minutes ago Descrip… | No | 🔴 Critical | Authentication Bypass | Exploit | Update to v5.22.3 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Web |
CVE-2026-37266
CVE-2026-37266 - Apache Struts Remote Code Execution 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-37266 Published : May 28, 2026, 2:16 p.m. | 4 hours, 8 minutes ago Descri… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Update to v9.14.0 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Microsoft |
CVE-2026-46076
CVE-2026-46076 KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted … 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | KVM: nSVM: Raise | Exploit | Refer to CVE-2026-46076 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-46083
CVE-2026-46083 spi: fix resource leaks on device setup failure 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | spi: fix resource | Exploit | Refer to CVE-2026-46083 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-46005
CVE-2026-46005 xfs: fix a resource leak in xfs_alloc_buftarg() 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | xfs: fix a | Exploit | Refer to CVE-2026-46005 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Microsoft |
CVE-2026-46414
CVE-2026-46414 - Microsoft UFO WebSocket role spoofing allows authenticated peer… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-46414 Published : May 27, 2026, 11:16 p.m. | 17 hours, 8 minutes ago Desc… | No | 🔴 Critical | Intel | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| OT/ICS |
CVE-2026-44713
CVE-2026-44713 - pam_usb: Command injection via $TMUX environment variable leads… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44713 Published : May 27, 2026, 9:16 p.m. | 13 hours, 8 minutes ago Descr… | No | 🔴 Critical | pam_usb: Command injection | Exploit | Refer to CVE-2026-44713 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| OT/ICS |
CVE-2026-44712
CVE-2026-44712 - pam_usb: Shell injection via device UUID and username in pamusb… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44712 Published : May 27, 2026, 9:16 p.m. | 13 hours, 8 minutes ago Descr… | No | 🔴 Critical | pam_usb: Shell injection | Exploit | Refer to CVE-2026-44712 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-45344
CVE-2026-45344 - LinkAce: Setup database password newline injection enables pre-… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45344 Published : May 28, 2026, 10:17 p.m. | 8 hours, 7 minutes ago Descr… | No | 🔴 Critical | LinkAce: Setup database | Exploit | Refer to CVE-2026-45344 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-46833
CVSS 9 CVE-2026-46833 — Vulnerability in the Net Service component of Oracle Database S… 📄 التفاصيل ← |
NVD | Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are a… | No | 🔴 Critical | Oracle Database | Exploit | Update to v23.4.0 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-32999
CVSS 9 CVE-2026-32999 — Insufficient character filtering in backup agent signing module… 📄 التفاصيل ← |
NVD | Insufficient character filtering in backup agent signing module on Comet Backup server allows authen… | No | 🔴 Critical | Insufficient character filtering | Exploit | Refer to CVE-2026-32999 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-4408
CVSS 9 CVE-2026-4408 — A flaw was found in Samba. A remote attacker can exploit a misco… 📄 التفاصيل ← |
NVD | A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers an… | No | 🔴 Critical | A flaw was | Exploit | Refer to CVE-2026-4408 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Linux |
CVE-2026-46115
CVSS 9.8 CVE-2026-46115 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biove… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-46115 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| NVIDIA |
CVE-2026-46137
CVSS 9.8 CVE-2026-46137 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix po… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-46137 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-46135
CVSS 9.8 CVE-2026-46135 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICR… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-46135 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-46119
CVSS 9.1 CVE-2026-46119 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-46119 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Exploit |
CVE-2026-46163
CVE-2026-46163 wifi: b43legacy: enforce bounds check on firmware key index in RX… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | wifi: b43legacy: enforce | Exploit | Refer to CVE-2026-46163 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Browser |
CVE-2026-9967
CVSS 9.6 CVE-2026-9967 — VulnCheck: Out of bounds write in GPU in Google Chrome prior to … 📄 التفاصيل ← |
VulnCheck | Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to pot… | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9967 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Browser |
CVE-2026-9918
CVSS 9.6 CVE-2026-9918 — VulnCheck: Inappropriate implementation in Tint in Google Chrome… 📄 التفاصيل ← |
VulnCheck | Inappropriate implementation in Tint in Google Chrome prior to 148.0.7778.216 allowed a remote attac… | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9918 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Browser |
CVE-2026-9891
CVSS 9 CVE-2026-9891 — VulnCheck: Use after free in Extensions in Google Chrome prior t… 📄 التفاصيل ← |
VulnCheck | Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who … | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9891 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Browser |
CVE-2026-9886
CVSS 9.6 CVE-2026-9886 — VulnCheck: Use after free in Base in Google Chrome on Mac prior … 📄 التفاصيل ← |
VulnCheck | Use after free in Base in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to … | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9886 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Browser |
CVE-2026-9881
CVSS 9 CVE-2026-9881 — VulnCheck: Use after free in Bluetooth in Google Chrome on Mac p… 📄 التفاصيل ← |
VulnCheck | Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who … | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9881 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Android |
CVE-2026-9876
CVSS 9.6 CVE-2026-9876 — VulnCheck: Use after free in WebGL in Google Chrome on Android p… 📄 التفاصيل ← |
VulnCheck | Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacke… | No | 🔴 Critical | Android | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9876 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Android |
CVE-2026-9875
CVSS 9.6 CVE-2026-9875 — VulnCheck: Out of bounds read in WebGL in Google Chrome on Andro… 📄 التفاصيل ← |
VulnCheck | Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote att… | No | 🔴 Critical | Android | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9875 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Browser |
CVE-2026-9874
CVSS 9.6 CVE-2026-9874 — VulnCheck: Use after free in Dawn in Google Chrome prior to 148.… 📄 التفاصيل ← |
VulnCheck | Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potenti… | No | 🔴 Critical | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9874 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Android |
CVE-2026-9872
CVSS 9.6 CVE-2026-9872 — VulnCheck: Out of bounds write in GPU in Google Chrome on Androi… 📄 التفاصيل ← |
VulnCheck | Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote atta… | No | 🔴 Critical | Android | Google Chrome | Chromium | Exploit | Refer to CVE-2026-9872 NVD advisory |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| APT |
CVE-2026-9098
CVSS 9.1 CVE-2026-9098 — VulnCheck: In Casdoor versions 2.362.0 and earlier, the SAML cal… 📄 التفاصيل ← |
VulnCheck | In Casdoor versions 2.362.0 and earlier, the SAML callback handler in controllers/auth.go accepts an… | No | 🔴 Critical | VulnCheck: In Casdoor | APT | Update to v2.362.0 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Vulnerability |
CVE-2026-9097
CVSS 9.8 CVE-2026-9097 — VulnCheck: Casdoor versions 2.362.0 and earlier do not verify th… 📄 التفاصيل ← |
VulnCheck | Casdoor versions 2.362.0 and earlier do not verify that a JWT used for token exchange is still activ… | No | 🔴 Critical | Microsoft Exchange | Exploit | Update to v2.362.0 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Vulnerability |
CVE-2026-9094
CVSS 9.8 CVE-2026-9094 — VulnCheck: Casdoor versions 2.362.0 and earlier contain a vulner… 📄 التفاصيل ← |
VulnCheck | Casdoor versions 2.362.0 and earlier contain a vulnerability enabling cross-organization token excha… | No | 🔴 Critical | Microsoft Exchange | Exploit | Update to v2.362.0 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Vulnerability |
CVE-2026-9093
CVSS 9.8 CVE-2026-9093 — VulnCheck: In Casdoor versions 2.362.0 and earlier, the SAML ser… 📄 التفاصيل ← |
VulnCheck | In Casdoor versions 2.362.0 and earlier, the SAML service provider implementation does not validate … | No | 🔴 Critical | VulnCheck: In Casdoor | Exploit | Update to v2.362.0 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Vulnerability |
CVE-2026-9092
CVSS 9.1 CVE-2026-9092 — VulnCheck: Casdoor versions 2.362.0 and earlier contain a vulner… 📄 التفاصيل ← |
VulnCheck | Casdoor versions 2.362.0 and earlier contain a vulnerability involving unverified email binding that… | No | 🔴 Critical | VulnCheck: Casdoor versions | Exploit | Update to v2.362.0 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| Vulnerability |
CVE-2026-9090
CVSS 9.1 CVE-2026-9090 — VulnCheck: Casdoor versions 2.362.0 and earlier contain a vulner… 📄 التفاصيل ← |
VulnCheck | Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authe… | No | 🔴 Critical | VulnCheck: Casdoor versions | Exploit | Update to v2.362.0 |
UTC: 2026-05-28
EDT: 2026-05-28
SA: 2026-05-28
|
| General |
CVE-2026-8364
CVE-2026-8364 - Gladinet Triofox Missing Authentication for Critical Functions 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-8364 Published : May 27, 2026, 8:16 p.m. | 12 hours, 8 minutes ago Descri… | No | 🔴 Critical | Gladinet Triofox Missing | Exploit | Refer to CVE-2026-8364 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-8363
CVE-2026-8363 - Gladinet Triofox Stack-based Buffer Overflow in WOSDeviceDropFol… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-8363 Published : May 27, 2026, 8:16 p.m. | 12 hours, 8 minutes ago Descri… | No | 🔴 Critical | Gladinet Triofox Stack-based | Exploit | Refer to CVE-2026-8363 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| OT/ICS |
CVE-2026-48064
CVE-2026-48064 - pam_usb: PAM_RHOST check skipped when deny_remote=false allows … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-48064 Published : May 27, 2026, 8:16 p.m. | 12 hours, 8 minutes ago Descr… | No | 🔴 Critical | pam_usb: PAM_RHOST check | ICS/OT | Refer to CVE-2026-48064 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-47161
CVE-2026-47161 - RELATE Vulnerable to Remote Code Execution (RCE) via Insecure C… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47161 Published : May 27, 2026, 8:16 p.m. | 12 hours, 8 minutes ago Descr… | No | 🔴 Critical | RELATE Vulnerable to | Exploit | Refer to CVE-2026-47161 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Microsoft |
CVE-2026-45108
CVE-2026-45108 - Himmelblau: Authentication Bypass via Cross-User Local Session … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45108 Published : May 27, 2026, 8:16 p.m. | 12 hours, 8 minutes ago Descr… | No | 🔴 Critical | Microsoft Azure | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44888
CVE-2026-44888 - Unauthenticated RCE via Python Config File Injection in SaveCon… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44888 Published : May 27, 2026, 8:16 p.m. | 12 hours, 8 minutes ago Descr… | No | 🔴 Critical | Unauthenticated RCE via | Exploit | Refer to CVE-2026-44888 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44887
CVE-2026-44887 - Unauthenticated RCE via Python Config File Injection in SaveCon… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44887 Published : May 27, 2026, 8:16 p.m. | 10 hours, 8 minutes ago Descr… | No | 🔴 Critical | Unauthenticated RCE via | Exploit | Refer to CVE-2026-44887 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| OT/ICS |
CVE-2025-67603
USN-8326-1: Foomuuri vulnerabilities 📄 التفاصيل ← |
Ubuntu Security | Matthias Gerstner discovered that Foomuuri's D-Bus service did not properly enforce authorizati… | No | 🔴 Critical | USN-8326-1: Foomuuri vulnerabilities | Exploit | Refer to CVE-2025-67603 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44330
CVE-2026-44330 - free5GC: NEF nnef-pfdmanagement API is unauthenticated; forged … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44330 Published : May 27, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | free5GC: NEF nnef-pfdmanagement | Exploit | Refer to CVE-2026-44330 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44329
CVE-2026-44329 - free5GC: SMF UPI management interface lacks auth middleware; un… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44329 Published : May 27, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | free5GC: SMF UPI | Exploit | Refer to CVE-2026-44329 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| OT/ICS |
CVE-2026-44328
CVE-2026-44328 - free5GC: SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44328 Published : May 27, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | free5GC: SMF UPI | ICS/OT | Refer to CVE-2026-44328 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44327
CVE-2026-44327 - free5GC: NEF nnef-oam route group is unauthenticated; no-token … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44327 Published : May 27, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | free5GC: NEF nnef-oam | Exploit | Refer to CVE-2026-44327 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44326
CVE-2026-44326 - free5GC: NEF 3gpp-traffic-influence API is unauthenticated; mis… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44326 Published : May 27, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | free5GC: NEF 3gpp-traffic-influence | Exploit | Refer to CVE-2026-44326 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44315
CVE-2026-44315 - free5GC: NEF 3gpp-pfd-management API is unauthenticated; forged… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44315 Published : May 27, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | free5GC: NEF 3gpp-pfd-management | Exploit | Refer to CVE-2026-44315 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-42083
CVE-2026-42083 - free5GC: PCF Npcf_SMPolicyControl missing authentication middle… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42083 Published : May 27, 2026, 5:16 p.m. | 1 hour, 8 minutes ago Descrip… | No | 🔴 Critical | free5GC: PCF Npcf_SMPolicyControl | Exploit | Refer to CVE-2026-42083 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-48544
CVE-2026-48544 - Taipy 4.1.1 Path Traversal via ElementLibrary.get_resource() 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-48544 Published : May 27, 2026, 3:16 p.m. | 3 hours, 8 minutes ago Descri… | No | 🔴 Critical | Taipy | Exploit | Refer to CVE-2026-48544 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Exploit |
CVE-2026-48710
FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette fra… 📄 التفاصيل ← |
CSO Online | A single malformed character in a web request can let an unauthenticated attacker slip past the acce… | No | 🔴 Critical | FastAPI-based AI tools | AI Attack | Refer to CVE-2026-48710 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| AI/LLM |
CVE-2026-7524
CVE-2026-7524 - Path Traversal Vulnerability in File Processing Components Allow… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-7524 Published : May 27, 2026, 2:17 p.m. | 4 hours, 7 minutes ago Descrip… | No | 🔴 Critical | Path Traversal Vulnerability | Exploit | Refer to CVE-2026-7524 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| OT/ICS |
CVE-2026-7365
CVE-2026-7365 - IBM Operations Analytics - Log Analysis is affected by Informati… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-7365 Published : May 27, 2026, 2:17 p.m. | 4 hours, 7 minutes ago Descrip… | No | 🔴 Critical | IBM Operations Analytics | ICS/OT | Refer to CVE-2026-7365 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Microsoft |
CVE-2026-35090
CVE-2026-35090 - Authentication Bypass in Slican telephone exchanges 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-35090 Published : May 27, 2026, 2:16 p.m. | 4 hours, 7 minutes ago Descri… | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Refer to CVE-2026-35090 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Web | USN-8324-1: Apache Tika vulnerabilities 📄 التفاصيل ← | Ubuntu Security | It was discovered that Apache Tika incorrectly handled XML external entities when parsing XFA conten… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Apply vendor security patch |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Data Breach | Can you enforce strong Active Directory password rules without frustrating users… 📄 التفاصيل ← | BleepingComputer | Strong Active Directory passwords don't have to come at the expense of usability. Specops Softw… | No | 🔴 Critical | Active Directory | Exploit | Apply vendor security patch |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Microsoft | Dutch police arrest man over cyber breach at Ajax football club 📄 التفاصيل ← | The Record | The suspect was detained in the central Dutch town of Buren, where law enforcement officers also sea… | No | 🔴 Critical | Dutch police arrest | Exploit | Apply vendor security patch |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Web |
CVE-2026-42761
CVE-2026-42761 - WordPress Active Products Tables for WooCommerce plugin 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42761 Published : May 27, 2026, 11:16 a.m. | 1 hour, 8 minutes ago Descri… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2026-42761 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Web |
CVE-2026-42735
CVE-2026-42735 - WordPress KiviCare plugin 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42735 Published : May 27, 2026, 11:16 a.m. | 1 hour, 8 minutes ago Descri… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2026-42735 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Web |
CVE-2026-42727
CVE-2026-42727 - WordPress Active Products Tables for WooCommerce plugin 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42727 Published : May 27, 2026, 11:16 a.m. | 1 hour, 8 minutes ago Descri… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2026-42727 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General | CISA gives feds 4 days to patch actively exploited cPanel plugin flaw 📄 التفاصيل ← | BleepingComputer | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies fou… | Yes | 🔴 Critical | CISA gives feds | Exploit | Apply vendor security patch |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| OT/ICS |
CVE-2025-13392
CVE-2025-13392 - Synology DiskStation Manager (DSM) Distinguished Name Authentic… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2025-13392 Published : May 27, 2026, 9:16 a.m. | 3 hours, 8 minutes ago Descri… | No | 🔴 Critical | Synology | Exploit | Refer to CVE-2025-13392 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Exploit |
CVE-2026-6402
CVE-2026-6402 webpack-dev-server vulnerable to cross-origin source code exposure… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | webpack-dev-server vulnerable to | Exploit | Refer to CVE-2026-6402 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Exploit |
CVE-2026-42508
CVE-2026-42508 Invoking auth bypass via unenforced @revoked status in golang.or… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | Invoking auth | Exploit | Refer to CVE-2026-42508 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Exploit |
CVE-2026-39833
CVE-2026-39833 Invoking key constraints not enforced in golang.org/x/crypto/ssh… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | Invoking key | Exploit | Refer to CVE-2026-39833 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Exploit |
CVE-2026-46595
CVE-2026-46595 Invoking VerifiedPublicKeyCallback permissions skip enforcement … 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | Invoking VerifiedPublicKeyCallback | Exploit | Refer to CVE-2026-46595 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Web |
CVE-2026-8832
CVE-2026-8832 - WPCode 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-8832 Published : May 27, 2026, 8:16 a.m. | 4 hours, 7 minutes ago Descrip… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Update to v2.3.5 |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-45574
CVE-2026-45574 - epa4all-client: TLS Certificate Validation Disabled in Producti… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45574 Published : May 26, 2026, 10:16 p.m. | 8 hours, 7 minutes ago Descr… | No | 🔴 Critical | epa4all-client: TLS Certificate | Exploit | Refer to CVE-2026-45574 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44451
CVE-2026-44451 - Lumiverse: TSX component sandbox escape via DOM ref and string-… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44451 Published : May 26, 2026, 9:16 p.m. | 9 hours, 8 minutes ago Descri… | No | 🔴 Critical | Lumiverse: TSX component | AI Attack | Refer to CVE-2026-44451 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-44450
CVE-2026-44450 - Lumiverse: RCE via MCP stdio argument injection 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44450 Published : May 26, 2026, 9:16 p.m. | 9 hours, 8 minutes ago Descri… | No | 🔴 Critical | Lumiverse: RCE via | AI Attack | Refer to CVE-2026-44450 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| General |
CVE-2026-45618
CVSS 10 CVE-2026-45618 — GHSA: LiquidJS is Vulnerable to Remote Code Execution 📄 التفاصيل ← |
GHSA | ### Summary It is possible to execute arbitrary code with crafted templates ### Details `1|val… | PoC Only | 🔴 Critical | GHSA: LiquidJS is | PoC Research | Refer to CVE-2026-45618 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Exploit |
CVE-2026-46009
CVE-2026-46009 PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | PCI: endpoint: pci-epf-ntb: | Exploit | Refer to CVE-2026-46009 NVD advisory |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Exploit |
CVE-2026-8450
CVSS 9.1 CVE-2026-8450 — HTTP::Daemon versions before 6.17 for Perl allow OS command inje… 📄 التفاصيل ← |
NVD | HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() … | No | 🔴 Critical | HTTP::Daemon versions before | Exploit | Update to v6.17 |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| Web |
CVE-2026-8760
CVSS 9.8 CVE-2026-8760 — The Login with OTP plugin for WordPress is vulnerable to authent… 📄 التفاصيل ← |
NVD | The Login with OTP plugin for WordPress is vulnerable to authentication bypass in all versions up to… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Update to v1.6. |
UTC: 2026-05-27
EDT: 2026-05-27
SA: 2026-05-27
|
| OT/ICS | The Hackers Behind Shai-Hulud: Lucky or Skilled? 📄 التفاصيل ← | Dark Reading | TeamPCP, the hackers behind the Shai-Hulud worm, has done significant damage to the open source ecos… | No | 🔴 Critical | The Hackers Behind | Exploit | Apply vendor security patch |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| OT/ICS | Shai-Hulud Hackers TeamPCP: Lucky or Skilled? 📄 التفاصيل ← | Dark Reading | TeamPCP, the cybercrime group behind later waves of the Shai-Hulud worm, has done significant damage… | No | 🔴 Critical | Shai-Hulud Hackers TeamPCP: | Exploit | Apply vendor security patch |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Mobile |
CVE-2026-8890
CVE-2026-8890 - code100x Mobile API Authentication Bypass via Header Spoofing 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-8890 Published : May 26, 2026, 7:16 p.m. | 1 hour, 8 minutes ago Descript… | No | 🔴 Critical | code100x Mobile API | Exploit | Refer to CVE-2026-8890 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-3660
CVE-2026-3660 - IBM Engineering Lifecycle Management - Jazz Foundation is vulner… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-3660 Published : May 26, 2026, 7:16 p.m. | 1 hour, 8 minutes ago Descript… | No | 🔴 Critical | IBM Engineering Lifecycle Management | Exploit | Refer to CVE-2026-3660 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Linux | USN-8167-2: xdg-dbus-proxy vulnerability 📄 التفاصيل ← | Ubuntu Security | USN-8167-1 fixed a vulnerability in xdg-dbus-proxy. This update provides the corresponding update fo… | No | 🔴 Critical | Ubuntu 22.04/20.04 LTS | Exploit | Update to v20.04 |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-8855
CVE-2026-8855 - IBM HTTP Server is affected by multiple vulnerabilities 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-8855 Published : May 26, 2026, 6:16 p.m. | 2 hours, 7 minutes ago Descrip… | No | 🔴 Critical | IBM HTTP Server | DDoS | Refer to CVE-2026-8855 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-46624
CVE-2026-46624 - Twenty: SQL Injection via the timeZone field 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-46624 Published : May 26, 2026, 6:16 p.m. | 2 hours, 7 minutes ago Descri… | No | 🔴 Critical | PostgreSQL | Exploit | Refer to CVE-2026-46624 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-44668
CVE-2026-44668 - Faction: Unauthenticated Read, Modify, and Delete of Boilerplat… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44668 Published : May 26, 2026, 6:16 p.m. | 2 hours, 7 minutes ago Descri… | No | 🔴 Critical | Faction: Unauthenticated Read, | Exploit | Refer to CVE-2026-44668 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-48897
CVE-2026-48897 - Joomla! Core - [20260512] - MFA Authentication Bypass 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-48897 Published : May 26, 2026, 5:16 p.m. | 3 hours, 7 minutes ago Descri… | No | 🔴 Critical | Joomla | Exploit | Refer to CVE-2026-48897 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-48896
CVE-2026-48896 - Joomla! Core - [20260511] - MFA Authentication Bypass 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-48896 Published : May 26, 2026, 5:16 p.m. | 3 hours, 7 minutes ago Descri… | No | 🔴 Critical | Joomla | Exploit | Refer to CVE-2026-48896 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-44729
CVE-2026-44729 - Twenty: Stored Cross-Site Scripting via Unsanitized File Servin… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-44729 Published : May 26, 2026, 5:16 p.m. | 3 hours, 7 minutes ago Descri… | No | 🔴 Critical | Twenty: Stored Cross-Site | Exploit | Refer to CVE-2026-44729 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-4480
CVE-2026-4480 - Samba: samba: remote code execution in printing subsystem via un… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-4480 Published : May 26, 2026, 3:16 p.m. | 3 hours, 7 minutes ago Descrip… | No | 🔴 Critical | Samba: samba: remote | Exploit | Refer to CVE-2026-4480 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Web |
CVE-2026-45247
CVE-2026-45247 - Mirasvit Cache Warmer for Magento < 1.11.12 PHP Object Injec… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-45247 Published : May 26, 2026, 3:16 p.m. | 3 hours, 7 minutes ago Descri… | No | 🔴 Critical | PHP | Exploit | Update to v1.11.12 |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-42785
CVE-2026-42785 - OpenKM 6.3.12 Remote Code Execution via Administrative Scriptin… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42785 Published : May 26, 2026, 3:16 p.m. | 3 hours, 7 minutes ago Descri… | No | 🔴 Critical | OpenKM | Exploit | Refer to CVE-2026-42785 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Microsoft |
CVE-2026-45584
CVE-2026-45584 Microsoft Defender Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | In the Security Updates table, added links to the Release Notes. This is an informational change onl… | No | 🔴 Critical | MS Defender Antimalware 4.18.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| AI/LLM | Fake software on GitHub and SourceForge distribute Deno RAT 📄 التفاصيل ← | MalwareBytes Labs | We found fake installers and plugins for ChatGPT, Claude, AutoTune, and other popular software that … | No | 🔴 Critical | Fake software on | Exploit | Apply vendor security patch |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Phishing | Major Cyber Attacks in May 2026: Fake Invitations, Agent Tesla, BlobPhish, and M… 📄 التفاصيل ← | ANY.RUN Blog | May 2026 showed how fast routine business activity can turn into real security exposure.&#160;AN… | No | 🔴 Critical | Major Cyber Attacks | Phishing | Apply vendor security patch |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General | US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows 📄 التفاصيل ← | Wired Security | As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the… | No | 🔴 Critical | US Law Enforcement | AI Attack | Apply vendor security patch |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Web | CISA orders feds to patch actively exploited Drupal vulnerability 📄 التفاصيل ← | BleepingComputer | CISA has given U.S. government agencies until Wednesday evening to secure their servers against an S… | Yes | 🔴 Critical | Drupal | Exploit | Apply vendor security patch |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Cloud | CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Att… 📄 التفاصيل ← | THN | The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizati… | No | 🔴 Critical | Intel | AI Attack | Apply vendor security patch |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| General |
CVE-2026-8633
CVSS 9.8 CVE-2026-8633 — IBM Web Server Plug-ins for WebSphere Application Server and Web… 📄 التفاصيل ← |
NVD | IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSpher… | No | 🔴 Critical | IBM Web Server | Exploit | Refer to CVE-2026-8633 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Vulnerability |
CVE-2026-48172
CVE-2026-48172 — CISA KEV: LiteSpeed cPanel Plugin Privilege Escalation Vulnerab… 📄 التفاصيل ← |
CISA KEV | LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end… | Yes | 🔴 Critical | LiteSpeed cPanel Plugin | Exploit | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| IBM |
CVE-2026-9170
CVSS 9.8 CVE-2026-9170 — VulnCheck: IBM HTTP Server 8.5, and 9.0 📄 التفاصيل ← |
VulnCheck | IBM HTTP Server 8.5, and 9.0 | No | 🔴 Critical | VulnCheck: IBM HTTP | Exploit | Refer to CVE-2026-9170 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Juniper |
CVE-2026-48687
CVSS 9.8 CVE-2026-48687 — FastNetMon Community Edition through 1.2.9 contains an OS comma… 📄 التفاصيل ← |
NVD | FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Jun… | No | 🔴 Critical | PHP | Exploit | Refer to CVE-2026-48687 NVD advisory |
UTC: 2026-05-26
EDT: 2026-05-26
SA: 2026-05-26
|
| Browser | Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability 📄 التفاصيل ← | Mandiant OT | Written by: Takahiro Sugiyama, Peter Revelant, Mathew Potaczek Introduction In late 2025, Mandiant … | No | 🔴 Critical | Exploitation of KnowledgeDeliver | Exploit | Apply vendor security patch |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Browser | Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability 📄 التفاصيل ← | Mandiant Blog | Written by: Takahiro Sugiyama, Peter Revelant, Mathew Potaczek Introduction In late 2025, Mandiant … | No | 🔴 Critical | Exploitation of KnowledgeDeliver | Exploit | Apply vendor security patch |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Microsoft | TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th) 📄 التفاصيل ← | SANS ISC | TeamPCP now operates across three package ecosystems in parallel, it reached GitHub&&#x23&am… | No | 🔴 Critical | TeamPCP Supply Chain | Supply Chain | Microsoft Patch Tuesday |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Exploit |
CVE-2026-26980
CVSS 9.4 Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks 📄 التفاصيل ← |
THN | Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject mali… | No | 🔴 Critical | Ghost CMS CVE-2026-26980 | Exploit | Refer to CVE-2026-26980 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-47073
CVE-2026-47073 - Unbounded memory consumption in WebSocket client in hackney 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47073 Published : May 25, 2026, 2 p.m. | 20 hours, 23 minutes ago Descrip… | No | 🔴 Critical | Unbounded memory consumption | Exploit | Refer to CVE-2026-47073 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-47077
CVE-2026-47077 - Unbounded body accumulation in HTTP/3 response loop in hackney 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47077 Published : May 25, 2026, 2 p.m. | 20 hours, 23 minutes ago Descrip… | No | 🔴 Critical | Unbounded body accumulation | Exploit | Refer to CVE-2026-47077 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-47071
CVE-2026-47071 - SOCKS5 TLS upgrade ignores caller timeout in hackney 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47071 Published : May 25, 2026, 2 p.m. | 20 hours, 23 minutes ago Descrip… | No | 🔴 Critical | SOCKS5 TLS upgrade | Exploit | Refer to CVE-2026-47071 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-9405
CVSS 9.8 CVE-2026-9405 — A security flaw has been discovered in Totolink A8000RU 7.1cu.64… 📄 التفاصيل ← |
NVD | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This impacts the functi… | No | 🔴 Critical | A security flaw | Exploit | Refer to CVE-2026-9405 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-9406
CVSS 9.8 CVE-2026-9406 — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function set… | No | 🔴 Critical | A weakness has | Exploit | Refer to CVE-2026-9406 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Network |
CVE-2026-9407
CVSS 9.8 CVE-2026-9407 — A security vulnerability has been detected in Totolink A8000RU 7… 📄 التفاصيل ← |
NVD | A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this… | No | 🔴 Critical | A security vulnerability | Exploit | Refer to CVE-2026-9407 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-9408
CVSS 9.8 CVE-2026-9408 — A vulnerability was detected in Totolink A8000RU 7.1cu.643_b2020… 📄 التفاصيل ← |
NVD | A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the … | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-9408 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-2651
CVSS 9 CVE-2026-2651 — A vulnerability in MLflow versions 📄 التفاصيل ← |
NVD | A vulnerability in MLflow versions | No | 🔴 Critical | A vulnerability in MLflow | Exploit | Refer to CVE-2026-2651 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-9432
CVSS 9.8 CVE-2026-9432 — A security flaw has been discovered in Totolink A8000RU 7.1cu.64… 📄 التفاصيل ← |
NVD | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affe… | No | 🔴 Critical | A security flaw | Exploit | Refer to CVE-2026-9432 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-9433
CVSS 9.8 CVE-2026-9433 — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct… | No | 🔴 Critical | A weakness has | Exploit | Refer to CVE-2026-9433 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-9434
CVSS 9.8 CVE-2026-9434 — A security vulnerability has been detected in Totolink A8000RU 7… 📄 التفاصيل ← |
NVD | A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the … | No | 🔴 Critical | A security vulnerability | Exploit | Refer to CVE-2026-9434 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-9435
CVSS 9.8 CVE-2026-9435 — A vulnerability was detected in Totolink A8000RU 7.1cu.643_b2020… 📄 التفاصيل ← |
NVD | A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the fu… | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-9435 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General |
CVE-2026-9436
CVSS 9.8 CVE-2026-9436 — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. T… 📄 التفاصيل ← |
NVD | A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function … | No | 🔴 Critical | A flaw has been found in Totolink A8000RU | Exploit | Refer to CVE-2026-9436 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Network |
CVE-2026-9454
CVSS 9.8 CVE-2026-9454 — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. T… 📄 التفاصيل ← |
NVD | A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the functi… | No | 🔴 Critical | A flaw has been found in Totolink A8000RU | Exploit | Refer to CVE-2026-9454 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Network |
CVE-2026-9455
CVSS 9.8 CVE-2026-9455 — A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct… | No | 🔴 Critical | A vulnerability has | Exploit | Refer to CVE-2026-9455 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Network |
CVE-2026-9456
CVSS 9.8 CVE-2026-9456 — A vulnerability was found in Totolink A8000RU 7.1cu.643_b2020052… 📄 التفاصيل ← |
NVD | A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenV… | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-9456 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Vulnerability |
CVE-2026-9457
CVSS 9.8 CVE-2026-9457 — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the … | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-9457 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Vulnerability |
CVE-2026-9458
CVSS 9.8 CVE-2026-9458 — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the … | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-9458 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Vulnerability |
CVE-2026-9478
CVSS 9.8 CVE-2026-9478 — VulnCheck: A weakness has been identified in Totolink A8000RU 7.… 📄 التفاصيل ← |
VulnCheck | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function set… | No | 🔴 Critical | VulnCheck: A weakness | Exploit | Refer to CVE-2026-9478 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Vulnerability |
CVE-2026-9477
CVSS 9.8 CVE-2026-9477 — VulnCheck: A security flaw has been discovered in Totolink A8000… 📄 التفاصيل ← |
VulnCheck | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the … | No | 🔴 Critical | VulnCheck: A security | Exploit | Refer to CVE-2026-9477 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Vulnerability |
CVE-2026-9476
CVSS 9.8 CVE-2026-9476 — VulnCheck: A vulnerability was identified in Totolink A8000RU 7.… 📄 التفاصيل ← |
VulnCheck | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects t… | No | 🔴 Critical | VulnCheck: A vulnerability | Exploit | Refer to CVE-2026-9476 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| Vulnerability |
CVE-2026-9475
CVSS 9.8 CVE-2026-9475 — VulnCheck: A vulnerability was determined in Totolink A8000RU 7.… 📄 التفاصيل ← |
VulnCheck | A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This affects the function se… | No | 🔴 Critical | VulnCheck: A vulnerability | Exploit | Refer to CVE-2026-9475 NVD advisory |
UTC: 2026-05-25
EDT: 2026-05-25
SA: 2026-05-25
|
| General | Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and t… 📄 التفاصيل ← | Security Affairs | Anthropic said its AI Project Glasswing found over 10,000 serious vulnerabilities in one month, expo… | No | 🔴 Critical | Anthropic’s Project Glasswing: | AI Attack | Apply vendor security patch |
UTC: 2026-05-24
EDT: 2026-05-24
SA: 2026-05-24
|
| General |
CVE-2026-9384
CVSS 9.8 CVE-2026-9384 — A vulnerability was found in Totolink A8000RU 7.1cu.643_b2020052… 📄 التفاصيل ← |
NVD | A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the fu… | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-9384 NVD advisory |
UTC: 2026-05-24
EDT: 2026-05-24
SA: 2026-05-24
|
| General |
CVE-2026-9385
CVSS 9.8 CVE-2026-9385 — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct… | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-9385 NVD advisory |
UTC: 2026-05-24
EDT: 2026-05-24
SA: 2026-05-24
|
| General |
CVE-2026-9386
CVSS 9.8 CVE-2026-9386 — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function set… | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-9386 NVD advisory |
UTC: 2026-05-24
EDT: 2026-05-24
SA: 2026-05-24
|
| General |
CVE-2026-9387
CVSS 9.8 CVE-2026-9387 — A security flaw has been discovered in Totolink A8000RU 7.1cu.64… 📄 التفاصيل ← |
NVD | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The affected element is… | No | 🔴 Critical | A security flaw | Exploit | Refer to CVE-2026-9387 NVD advisory |
UTC: 2026-05-24
EDT: 2026-05-24
SA: 2026-05-24
|
| General |
CVE-2026-9388
CVSS 9.8 CVE-2026-9388 — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the … | No | 🔴 Critical | A weakness has | Exploit | Refer to CVE-2026-9388 NVD advisory |
UTC: 2026-05-24
EDT: 2026-05-24
SA: 2026-05-24
|
| Vulnerability |
CVE-2026-9404
CVSS 9.8 CVE-2026-9404 — VulnCheck: A vulnerability was identified in Totolink A8000RU 7.… 📄 التفاصيل ← |
VulnCheck | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function se… | No | 🔴 Critical | VulnCheck: A vulnerability | Exploit | Refer to CVE-2026-9404 NVD advisory |
UTC: 2026-05-24
EDT: 2026-05-24
SA: 2026-05-24
|
| Malware | Why pure extortion is replacing traditional ransomware 📄 التفاصيل ← | Security Affairs | Ransomware gangs are shifting from encryption to pure extortion, focusing on stolen data, reputation… | Yes | 🔴 Critical | Why pure extortion | Ransomware | Apply vendor security patch |
UTC: 2026-05-23
EDT: 2026-05-23
SA: 2026-05-23
|
| Web |
CVE-2026-9284
CVE-2026-9284 - WooCommerce PayPal Payments 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-9284 Published : May 23, 2026, 4:27 a.m. | 2 days, 9 hours ago Descriptio… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Update to v4.0.1 |
UTC: 2026-05-23
EDT: 2026-05-23
SA: 2026-05-23
|
| Microsoft | FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks 📄 التفاصيل ← | The Record | The law enforcement agency published an advisory on Thursday about Kali365 — a Telegram-based servic… | No | 🔴 Critical | Microsoft 365 | APT | Microsoft Patch Tuesday |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| Microsoft | The Good, the Bad and the Ugly in Cybersecurity – Week 21 📄 التفاصيل ← | SentinelOne Blog | Cops seize First VPN and share intel on users, Reaper spoofs multiple brands to infect Macs, and two… | Yes | 🔴 Critical | MS Defender Antimalware 4.18.x | Zero-Day | Microsoft Patch Tuesday |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| Microsoft | Trend Micro warns of Apex One zero-day exploited in the wild 📄 التفاصيل ← | BleepingComputer | Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability… | Yes | 🔴 Critical | Microsoft Windows | Zero-Day | Microsoft Patch Tuesday |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| OT/ICS | Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks 📄 التفاصيل ← | Dark Reading | Ransomware and vendor breaches persist. The &quot;2026 Data Breach Investigations Report&quo… | Yes | 🔴 Critical | Verizon DBIR: Healthcare | Ransomware | Apply vendor security patch |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| Web | Drupal: Critical SQL injection flaw now targeted in attacks 📄 التفاصيل ← | BleepingComputer | Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection… | No | 🔴 Critical | Drupal | Exploit | Apply vendor security patch |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| OT/ICS | Update Chrome now: Critical bugs could let attackers run code 📄 التفاصيل ← | MalwareBytes Labs | This Chrome update fixes critical flaws attackers could exploit through malicious websites, but not … | No | 🔴 Critical | Update Chrome now: | Exploit | Apply vendor security patch |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| OT/ICS | Paved With Intent: ROADtools and Nation-State Tactics in the Cloud 📄 التفاصيل ← | Palo Alto Unit42 | Open-source framework ROADtools is being misused by threat actors for cloud intrusions. Learn how to… | No | 🔴 Critical | Paved With Intent: | ICS/OT | Apply vendor security patch |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| Microsoft |
CVE-2026-41090
CVSS 9.3 CVE-2026-41090 — Improper neutralization of special elements used in a command (… 📄 التفاصيل ← |
NVD | Improper neutralization of special elements used in a command ('command injection') in Mic… | No | 🔴 Critical | Microsoft Copilot | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| Microsoft |
CVE-2026-23652
CVSS 10 CVE-2026-23652 — Improper neutralization of special elements used in a command (… 📄 التفاصيل ← |
NVD | Improper neutralization of special elements used in a command ('command injection') in Mic… | No | 🔴 Critical | Improper neutralization of | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| Web |
CVE-2026-9082
CVE-2026-9082 — CISA KEV: Drupal Core SQL Injection Vulnerability 📄 التفاصيل ← |
CISA KEV | Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and rem… | Yes | 🔴 Critical | Drupal Core | Exploit | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, |
UTC: 2026-05-22
EDT: 2026-05-22
SA: 2026-05-22
|
| Browser | Google accidentally exposed details of unfixed Chromium flaw 📄 التفاصيل ← | BleepingComputer | Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript runn… | No | 🔴 Critical | Chromium | Data Breach | Apply vendor security patch |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| General | The art of being ungovernable 📄 التفاصيل ← | Cisco Talos Blog | In this edition of the Threat Source newsletter, William explores the value of being "ungoverna… | No | 🔴 Critical | The art of | Exploit | Apply vendor security patch |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| Network | Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI suppl… 📄 التفاصيل ← | Tenable Blog | A self-propagating worm has compromised more than 170 npm and PyPI packages, defeating provenance at… | No | 🔴 Critical | Mini Shai-Hulud: Frequently | Supply Chain | Apply vendor security patch |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| Microsoft | Selective HTTP Proxying in Linux, (Thu, May 21st) 📄 التفاصيل ← | SANS ISC | Recently, Rob wrote about a tool, Proxifier, that can intercept requests from specific processes. Pr… | No | 🔴 Critical | Android 14/13 | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| Malware | Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wi… 📄 التفاصيل ← | Rapid7 Blog | The first quarter of 2026 reinforced that attackers are moving faster, operating with greater coordi… | Yes | 🔴 Critical | Q1 2026 Threat | Ransomware | Apply vendor security patch |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| Supply Chain | A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale 📄 التفاصيل ← | Wired Security | GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply … | No | 🔴 Critical | A Hacker Group | Supply Chain | Apply vendor security patch |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| General | The Vulnerability Flood Is Now a Board Conversation. Here's How to Lead It. 📄 التفاصيل ← | Recorded Future | Boards are asking about AI-driven vulnerability discovery. The leaders who answer that question well… | No | 🔴 Critical | The Vulnerability Flood | Exploit | Apply vendor security patch |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| AI/LLM |
CVE-2025-34291
CVE-2025-34291 — CISA KEV: Langflow Origin Validation Error Vulnerability 📄 التفاصيل ← |
CISA KEV | Langflow contains an origin validation error vulnerability in which an overly permissive CORS config… | Yes | 🔴 Critical | Langflow Langflow | Exploit | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| Web |
CVE-2026-9264
CVSS 9.3 CVE-2026-9264 — VulnCheck: A cross-site scripting (XSS) vulnerability in SketchU… 📄 التفاصيل ← |
VulnCheck | A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows… | No | 🔴 Critical | VulnCheck: A cross-site | Exploit | Refer to CVE-2026-9264 NVD advisory |
UTC: 2026-05-21
EDT: 2026-05-21
SA: 2026-05-21
|
| Microsoft | Early Stable Update for Desktop 📄 التفاصيل ← | Chrome Releases | The Stable channel has been updated to 149.0.7827.22/.23 for Windows and Mac (149.0.7827.29/.30) ,a… | No | 🔴 Critical | Microsoft Windows | Exploit | Update to v149.0.7827 |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| Network | Fake Android Apps Commit Carrier Billing Fraud for Premium Services 📄 التفاصيل ← | Dark Reading | The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detec… | No | 🔴 Critical | Android 14/13 | Exploit | Apply vendor security patch |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| OT/ICS | Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control 📄 التفاصيل ← | Dark Reading | An unauthenticated attacker can exploit the command injection vulnerability to gain remote access to… | No | 🔴 Critical | Patch Now: Critical | Exploit | Apply vendor security patch |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| Network | Introducing RAMPART and Clarity: Open source tools to bring safety into Agent de… 📄 التفاصيل ← | Microsoft Security | The AI systems shipping inside enterprises today are fundamentally different from the ones we were b… | No | 🔴 Critical | Introducing RAMPART and | AI Attack | Apply vendor security patch |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| Cisco |
CVE-2026-20223
CVSS 10.0 Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access 📄 التفاصيل ← |
THN | Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that cou… | No | 🔴 Critical | Cisco | Exploit | Update to v10.0 | Cisco Security Advisory |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| Linux |
CVE-2026-43494
CVSS 7.8 CVE-2026-43494 — PinTheft: Linux Kernel RDS Module Privilege Escalation 📄 التفاصيل ← |
Linux Kernel CVEs | ثغرة تصعيد صلاحيات محلية في RDS subsystem تسمح بالحصول على root عبر خلل في إدارة الذاكرة. | PoC Only | 🔴 Critical | Linux Kernel | Exploit | تحديث Linux Kernel | تعطيل RDS module: modprobe -r rds |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| Vulnerability |
CVE-2026-9141
CVSS 9.8 CVE-2026-9141 — VulnCheck: Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 … 📄 التفاصيل ← |
VulnCheck | Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass vulnerability… | No | 🔴 Critical | VulnCheck: Taiko AG1000-01A | Exploit | Refer to CVE-2026-9141 NVD advisory |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| Vulnerability |
CVE-2026-9139
CVSS 9.8 CVE-2026-9139 — VulnCheck: Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 … 📄 التفاصيل ← |
VulnCheck | Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability … | No | 🔴 Critical | VulnCheck: Taiko AG1000-01A | Exploit | Refer to CVE-2026-9139 NVD advisory |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| NVIDIA |
CVE-2026-24207
CVSS 9.8 CVE-2026-24207 — NVIDIA Triton Inference Server contains a vulnerability where a… 📄 التفاصيل ← |
NVD | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authenticat… | No | 🔴 Critical | NVIDIA GPU | DDoS | Refer to CVE-2026-24207 NVD advisory |
UTC: 2026-05-20
EDT: 2026-05-20
SA: 2026-05-20
|
| Microsoft | Exposing Fox Tempest: A malware-signing service operation 📄 التفاصيل ← | Microsoft Security | Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS)… | Yes | 🔴 Critical | Exposing Fox Tempest: | Ransomware | Microsoft Patch Tuesday |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Phishing | ZKTeco CCTV Cameras 📄 التفاصيل ← | ICS-CERT | View CSAF Summary Successful exploitation of this vulnerability could result in information disclosu… | No | 🔴 Critical | ZKTeco CCTV Cameras | APT | Apply vendor security patch |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Network | Siemens RUGGEDCOM APE1808 Devices 📄 التفاصيل ← | ICS-CERT | View CSAF Summary A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | APT | Apply vendor security patch |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Network | ABB CoreSense HM and CoreSense M10 📄 التفاصيل ← | ICS-CERT | View CSAF Summary An update is available that resolves vulnerability in the product versions listed … | No | 🔴 Critical | ABB CoreSense HM | Exploit | Apply vendor security patch |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| OT/ICS |
CVE-2026-8602
ScadaBR 📄 التفاصيل ← |
ICS-CERT | View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to perfor… | No | 🔴 Critical | ICS/OT | Update to v1.2.0 |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
|
| Windows |
CVE-2026-8959
CVSS 9.6 CVE-2026-8959 — VulnCheck: Sandbox escape due to incorrect boundary conditions i… 📄 التفاصيل ← |
VulnCheck | Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerabili… | No | 🔴 Critical | Mozilla Firefox | Exploit | Refer to CVE-2026-8959 NVD advisory |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Browser |
CVE-2026-8956
CVSS 9.8 CVE-2026-8956 — VulnCheck: Integer overflow in the Networking: JAR component. Th… 📄 التفاصيل ← |
VulnCheck | Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Fire… | No | 🔴 Critical | Mozilla Firefox | Exploit | Refer to CVE-2026-8956 NVD advisory |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Browser |
CVE-2026-8953
CVSS 9.6 CVE-2026-8953 — VulnCheck: Sandbox escape due to use-after-free in the Disabilit… 📄 التفاصيل ← |
VulnCheck | Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was… | No | 🔴 Critical | Mozilla Firefox | Exploit | Refer to CVE-2026-8953 NVD advisory |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Browser |
CVE-2026-8950
CVSS 9.3 CVE-2026-8950 — VulnCheck: Same-origin policy bypass in the Networking: HTTP com… 📄 التفاصيل ← |
VulnCheck | Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox… | No | 🔴 Critical | Mozilla Firefox | Exploit | Refer to CVE-2026-8950 NVD advisory |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Browser |
CVE-2026-8948
CVSS 9.1 CVE-2026-8948 — VulnCheck: Same-origin policy bypass in the DOM: Networking comp… 📄 التفاصيل ← |
VulnCheck | Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox … | No | 🔴 Critical | Mozilla Firefox | Exploit | Refer to CVE-2026-8948 NVD advisory |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Web |
CVE-2026-47323
CVSS 9.8 CVE-2026-47323 — VulnCheck: Camel-CXF and Camel-Knative Message Header Injection… 📄 التفاصيل ← |
VulnCheck | Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knat… | No | 🔴 Critical | Apache HTTP Server | Exploit | Update to v4.19.0 |
UTC: 2026-05-19
EDT: 2026-05-19
SA: 2026-05-19
|
| Network | Breaking the Black Box: A Case Study in Red-Teaming a Government Education AI 📄 التفاصيل ← | SentinelOne Blog | In a new red-teaming exercise, social engineering moved to advanced tunneling attacks, revealing a c… | No | 🔴 Critical | Breaking the Black | AI Attack | Apply vendor security patch |
UTC: 2026-05-18
EDT: 2026-05-18
SA: 2026-05-18
|
| Microsoft |
CVE-2026-45495
CVE-2026-45495 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerabili… 📄 التفاصيل ← |
Microsoft MSRC | CWE added. Informational change only. | No | 🔴 Critical | Chromium | Microsoft Edge | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-18
EDT: 2026-05-18
SA: 2026-05-18
|
| Vulnerability |
CVE-2026-8836
CVSS 9.8 CVE-2026-8836 — VulnCheck: A vulnerability was found in lwIP up to 2.2.1. Affect… 📄 التفاصيل ← |
VulnCheck | A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmp_parse_inbound_frame of … | No | 🔴 Critical | VulnCheck: A vulnerability | Exploit | Refer to CVE-2026-8836 NVD advisory |
UTC: 2026-05-18
EDT: 2026-05-18
SA: 2026-05-18
|
| Microsoft | Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recordi… 📄 التفاصيل ← | Wired Security | Plus: Instructure’s Canvas ransomware debacle comes to a close, an alleged dark net market kingpin g… | Yes | 🔴 Critical | Microsoft Teams | Ransomware | Microsoft Patch Tuesday |
UTC: 2026-05-16
EDT: 2026-05-16
SA: 2026-05-16
|
| Cloud |
CVE-2026-8596
Issue with Amazon SageMaker Python SDK - Model artifact integrity verification i… 📄 التفاصيل ← |
AWS Security | Bulletin ID: 2026-031-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: … | No | 🔴 Critical | Issue with Amazon SageMaker Python SDK | Exploit | Refer to CVE-2026-8596 NVD advisory |
UTC: 2026-05-15
EDT: 2026-05-15
SA: 2026-05-15
|
| OT/ICS | Kubernetes v1.36: Mixed Version Proxy Graduates to Beta 📄 التفاصيل ← | Kubernetes Security | Back in Kubernetes 1.28, we introduced the Mixed Version Proxy (MVP) as an Alpha feature (under the … | No | 🔴 Critical | Kubernetes 1.30.x | Exploit | Update to v1.28 |
UTC: 2026-05-15
EDT: 2026-05-15
SA: 2026-05-15
|
| Network | Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource File… 📄 التفاصيل ← | Palo Alto Unit42 | Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto cl… | No | 🔴 Critical | Gremlin Stealer's Evolved | ICS/OT | Apply vendor security patch |
UTC: 2026-05-15
EDT: 2026-05-15
SA: 2026-05-15
|
| General | April 2026 CVE Landscape 📄 التفاصيل ← | Recorded Future | In April 2026, Insikt Group® identified 37 high-impact vulnerabilities that should be prioritized fo… | No | 🔴 Critical | April 2026 CVE | Exploit | Apply vendor security patch |
UTC: 2026-05-15
EDT: 2026-05-15
SA: 2026-05-15
|
| Network | LATAM Under Siege: Agent Tesla’s 18-Month Credential Theft Campaign Against Chil… 📄 التفاصيل ← | ANY.RUN Blog | Editor’s note: The analysis is authored by Moises Cerqueira, malware researcher &#38; threat hun… | Yes | 🔴 Critical | LATAM Under Siege: | Ransomware | Apply vendor security patch |
UTC: 2026-05-14
EDT: 2026-05-14
SA: 2026-05-14
|
| General | Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defense 📄 التفاصيل ← | Recorded Future | The real question in modern cyber defense isn't who has more technology. It's who uses the… | No | 🔴 Critical | Intel | AI Attack | Apply vendor security patch |
UTC: 2026-05-14
EDT: 2026-05-14
SA: 2026-05-14
|
| OT/ICS |
CVE-2026-8181
CVSS 9.8 CVE-2026-8181 — The Burst Statistics – Privacy-Friendly WordPress Analytics (Goo… 📄 التفاصيل ← |
NVD | The Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin fo… | No | 🔴 Critical | Microsoft Edge | WordPress | ICS/OT | Update to v3.4.0 |
UTC: 2026-05-14
EDT: 2026-05-14
SA: 2026-05-14
|
| iOS |
CVE-2026-26191
CVSS 9.8 CVE-2026-26191 — VulnCheck: Fleet is open source device management software. Pri… 📄 التفاصيل ← |
VulnCheck | Fleet is open source device management software. Prior to version 4.81.0, a vulnerability in Fleet&#… | No | 🔴 Critical | Microsoft Windows | Apple macOS | Exploit | Update to v4.81 |
UTC: 2026-05-14
EDT: 2026-05-14
SA: 2026-05-14
|
| Network | Securing data centers in the agentic AI era 📄 التفاصيل ← | Tenable Blog | Find out how data center operators can protect critical building-management systems and cyber-physic… | No | 🔴 Critical | Securing data centers | AI Attack | Apply vendor security patch |
UTC: 2026-05-13
EDT: 2026-05-13
SA: 2026-05-13
|
| Cloud | Breaking things to keep them safe with Philippe Laulheret 📄 التفاصيل ← | Cisco Talos Blog | Philippe shares his unique journey from French engineering school to the front lines of cybersecurit… | No | 🔴 Critical | Breaking things to | Exploit | Apply vendor security patch |
UTC: 2026-05-13
EDT: 2026-05-13
SA: 2026-05-13
|
| Microsoft | Patch Tuesday - May 2026 📄 التفاصيل ← | Rapid7 Blog | Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exp… | Yes | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-13
EDT: 2026-05-13
SA: 2026-05-13
|
| Exploit |
CVE-2026-46300
CVSS 7.8 CVE-2026-46300 — Fragnesia: Linux Kernel XFRM Page Cache Corruption 📄 التفاصيل ← |
Linux Kernel CVEs | ثغرة Page Cache Corruption في XFRM ESP-in-TCP subsystem تؤدي لتنفيذ أوامر بصلاحيات root. | PoC Only | 🔴 Critical | Linux Kernel | Exploit | Red Hat RHSB-2026-003 | Dirty Frag Kernel Updates |
UTC: 2026-05-13
EDT: 2026-05-13
SA: 2026-05-13
|
| Palo Alto |
CVE-2026-0257
CVSS 9.1 CVE-2026-0257 — Authentication bypass vulnerabilities in the GlobalProtect porta… 📄 التفاصيل ← |
NVD | Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks … | No | 🔴 Critical | Palo Alto PAN-OS | Palo Alto Networks | Palo Alto GlobalProtect | Exploit | Refer to CVE-2026-0257 NVD advisory |
UTC: 2026-05-13
EDT: 2026-05-13
SA: 2026-05-13
|
| Microsoft |
CVE-2026-40415
CVE-2026-40415 Windows TCP/IP Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network. | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Microsoft |
CVE-2026-41096
CVE-2026-41096 Windows DNS Client Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code … | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Microsoft |
CVE-2026-34329
CVE-2026-34329 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerabil… 📄 التفاصيل ← |
Microsoft MSRC | Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute cod… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Vulnerability |
CVE-2026-35422
CVE-2026-35422 Windows TCP/IP Driver Security Feature Bypass Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized atta… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Microsoft |
CVE-2026-41094
CVE-2026-41094 Microsoft Data Formulator Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Improper control of generation of code ('code injection') in Microsoft Data Formulator all… | No | 🔴 Critical | Microsoft Data Formulator | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Vulnerability |
CVE-2026-32161
CVE-2026-32161 Windows Native WiFi Miniport Driver Remote Code Execution Vulnera… 📄 التفاصيل ← |
Microsoft MSRC | Concurrent execution using shared resource with improper synchronization ('race condition'… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Microsoft |
CVE-2026-42898
CVE-2026-42898 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerab… 📄 التفاصيل ← |
Microsoft MSRC | Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-pr… | No | 🔴 Critical | Microsoft Dynamics 365 | ICS/OT | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Linux |
CVE-2026-34332
CVE-2026-34332 Windows Kernel-Mode Driver Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a n… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Vulnerability |
CVE-2026-40370
CVE-2026-40370 SQL Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | External control of file name or path in SQL Server allows an authorized attacker to execute code ov… | No | 🔴 Critical | SQL Server Remote | Exploit | Refer to CVE-2026-40370 NVD advisory |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Microsoft |
CVE-2026-42833
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerab… 📄 التفاصيل ← |
Microsoft MSRC | Execution with unnecessary privileges in Microsoft Dynamics 365 (on-premises) allows an authorized a… | No | 🔴 Critical | Microsoft Dynamics 365 | ICS/OT | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Malware | State-sponsored actors, better known as the friends you don’t want 📄 التفاصيل ← | Cisco Talos Blog | Responding to a state-sponsored threat is nothing like responding to ransomware, and the differences… | Yes | 🔴 Critical | State-sponsored actors, better | Ransomware | Apply vendor security patch |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Network | Improper access control on API endpoints 📄 التفاصيل ← | Fortinet PSIRT | CVSSv3 Score: 9.1 An Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may… | No | 🔴 Critical | Improper access control | Exploit | Apply vendor security patch |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Network | Incorrect global authorization 📄 التفاصيل ← | Fortinet PSIRT | CVSSv3 Score: 9.1 A missing authorization vulnerability [CWE-862] in FortiSandbox, FortiSandbo… | No | 🔴 Critical | Incorrect global authorization | Exploit | Apply vendor security patch |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| General | May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs 📄 التفاصيل ← | Crowdstrike Blog | No | 🔴 Critical | May 2026 Patch | Exploit | Apply vendor security patch |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
|
| Windows |
CVE-2026-41089
Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited In The Wild 📄 التفاصيل ← |
Cyber Security News | The critical Windows Netlogon remote code execution (RCE) vulnerability tracked as CVE-2026-41089 is… | Yes | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Fortinet |
CVE-2026-26083
CVSS 9.8 CVE-2026-26083 — A missing authorization vulnerability in Fortinet FortiSandbox … 📄 التفاصيل ← |
NVD | A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4… | No | 🔴 Critical | Fortinet | Exploit | Update to v23.3 | Fortinet PSIRT Advisory |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| Fortinet |
CVE-2026-44277
CVSS 9.8 CVE-2026-44277 — A improper access control vulnerability in Fortinet FortiAuthen… 📄 التفاصيل ← |
NVD | A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2026-05-12
EDT: 2026-05-12
SA: 2026-05-12
|
| General |
CVE-2025-68670
CVE-2025-68670: discovering an RCE vulnerability in xrdp 📄 التفاصيل ← |
Securelist | During a security assessment of Kaspersky USB Redirector, we discovered CVE-2025-68670: a pre-auth R… | No | 🔴 Critical | CVE-2025-68670: discovering an | Exploit | Refer to CVE-2025-68670 NVD advisory |
UTC: 2026-05-08
EDT: 2026-05-08
SA: 2026-05-08
|
| Containers |
CVE-2026-42454
CVSS 9.9 CVE-2026-42454 — VulnCheck: Termix is a web-based server management platform wit… 📄 التفاصيل ← |
VulnCheck | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capa… | No | 🔴 Critical | Docker | Exploit | Update to v2.1.0 |
UTC: 2026-05-08
EDT: 2026-05-08
SA: 2026-05-08
|
| NVIDIA |
CVE-2026-41512
CVSS 9.9 CVE-2026-41512 — ai-scanner is an AI model safety scanner built on NVIDIA garak.… 📄 التفاصيل ← |
NVD | ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version… | No | 🔴 Critical | NVIDIA GPU | AI Attack | Update to v1.0 |
UTC: 2026-05-08
EDT: 2026-05-08
SA: 2026-05-08
|
| Containers | Kubernetes v1.36: More Drivers, New Features, and the Next Era of DRA 📄 التفاصيل ← | Kubernetes Security | Dynamic Resource Allocation (DRA) has fundamentally changed how platform administrators handle hardw… | No | 🔴 Critical | Kubernetes 1.30.x | Exploit | Apply vendor security patch |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Web |
CVE-2026-33109
CVE-2026-33109 Azure Managed Instance for Apache Cassandra Remote Code Execution… 📄 التفاصيل ← |
Microsoft MSRC | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Refer to CVE-2026-33109 NVD advisory |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Web |
CVE-2026-33844
CVE-2026-33844 Azure Managed Instance for Apache Cassandra Remote Code Execution… 📄 التفاصيل ← |
Microsoft MSRC | Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attack… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Refer to CVE-2026-33844 NVD advisory |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-34327
CVE-2026-34327 Microsoft Partner Center Spoofing Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows a… | No | 🔴 Critical | Microsoft Partner Center | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-8019
Chromium: CVE-2026-8019 Insufficient policy enforcement in WebApp 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-8018
Chromium: CVE-2026-8018 Insufficient policy enforcement in DevTools 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-8011
Chromium: CVE-2026-8011 Insufficient policy enforcement in Search 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-8004
Chromium: CVE-2026-8004 Insufficient policy enforcement in DevTools 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-8006
Chromium: CVE-2026-8006 Insufficient policy enforcement in DevTools 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-7986
Chromium: CVE-2026-7986 Insufficient policy enforcement in Autofill 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-7962
Chromium: CVE-2026-7962 Insufficient policy enforcement in DirectSockets 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-7952
Chromium: CVE-2026-7952 Insufficient policy enforcement in Extensions 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-7946
Chromium: CVE-2026-7946 Insufficient policy enforcement in WebUI 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-7937
Chromium: CVE-2026-7937 Insufficient policy enforcement in DevTools 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Microsoft |
CVE-2026-7932
Chromium: CVE-2026-7932 Insufficient policy enforcement in Downloads 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Linux |
CVE-2026-43284
CVSS 7.8 CVE-2026-43284 — Dirty Frag: Linux Kernel XFRM/IPsec Privilege Escalation 📄 التفاصيل ← |
Linux Kernel CVEs | مجموعة ثغرات في IPsec ESP/XFRM و rxrpc modules تسمح بتصعيد الصلاحيات محلياً على RHEL/Ubuntu/Fedora. | Suspected | 🔴 Critical | RHEL 9.6 / RHEL 10.1 / Fedora 42 / Ubuntu 24.04 Kernel 6.x | Privilege Escalation | Red Hat RHSB-2026-003 | تحديثات kernel الرسمية |
UTC: 2026-05-07
EDT: 2026-05-07
SA: 2026-05-07
|
| Malware | Threat Activity Enablers: The Backbone of Today’s Threat Landscape 📄 التفاصيل ← | Recorded Future | Behind every ransomware demand, botnet, or threat activity group is a server sitting in a data cente… | Yes | 🔴 Critical | Threat Activity Enablers: | Ransomware | Apply vendor security patch |
UTC: 2026-05-06
EDT: 2026-05-06
SA: 2026-05-06
|
| Palo Alto |
CVE-2026-0300
CVSS 9.8 CVE-2026-0300 — A buffer overflow vulnerability in the User-ID™ Authentication P… 📄 التفاصيل ← |
NVD | A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service o… | No | 🔴 Critical | Palo Alto PAN-OS | Palo Alto Networks | APT | Refer to CVE-2026-0300 NVD advisory |
UTC: 2026-05-06
EDT: 2026-05-06
SA: 2026-05-06
|
| Containers |
CVE-2026-41930
CVSS 9.8 CVE-2026-41930 — VulnCheck: Vvveb before version 1.0.8.2 contains a hard-coded c… 📄 التفاصيل ← |
VulnCheck | Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-a… | No | 🔴 Critical | Apache HTTP Server | Docker | Exploit | Update to v1.0.8 |
UTC: 2026-05-06
EDT: 2026-05-06
SA: 2026-05-06
|
| Web |
CVE-2026-5081
CVSS 9.1 CVE-2026-5081 — VulnCheck: Apache::Session::Generate::ModUniqueId versions from … 📄 التفاصيل ← |
VulnCheck | Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are inse… | PoC Only | 🔴 Critical | Apache HTTP Server | Data Breach | Update to v1.54 |
UTC: 2026-05-06
EDT: 2026-05-06
SA: 2026-05-06
|
| Phishing | New Phishing Campaign Targets US with Credential Theft: What CISOs Need to Know 📄 التفاصيل ← | ANY.RUN Blog | A new large-scale phishing campaign is targeting U.S. organizations with fake event invitations that… | No | 🔴 Critical | New Phishing Campaign Targets | Phishing | Apply vendor security patch |
UTC: 2026-05-05
EDT: 2026-05-05
SA: 2026-05-05
|
| Containers | Kubernetes v1.36: Admission Policies That Can't Be Deleted 📄 التفاصيل ← | Kubernetes Security | If you've ever tried to enforce a security policy across a fleet of Kubernetes clusters, you�… | No | 🔴 Critical | Kubernetes 1.30.x | Exploit | Apply vendor security patch |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| Exploit |
CVE-2026-42364
CVSS 9.9 CVE-2026-42364 — An os command injection vulnerability exists in the DdnsSetting… 📄 التفاصيل ← |
NVD | An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC20… | No | 🔴 Critical | An os command | Exploit | Refer to CVE-2026-42364 NVD advisory |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| Exploit |
CVE-2026-42368
CVSS 9.9 CVE-2026-42368 — A privilege escalation vulnerability exists in the Web Interfac… 📄 التفاصيل ← |
NVD | A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/… | No | 🔴 Critical | A privilege escalation | Exploit | Refer to CVE-2026-42368 NVD advisory |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| Exploit |
CVE-2026-42369
CVSS 10 CVE-2026-42369 — GV-VMS V20 is a Video Monitoring Software used to gather the fe… 📄 التفاصيل ← |
NVD | GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and … | No | 🔴 Critical | GV-VMS | Exploit | Refer to CVE-2026-42369 NVD advisory |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| Exploit |
CVE-2026-42370
CVSS 9 CVE-2026-42370 — A stack overflow vulnerability exists in the WebCam Server Logi… 📄 التفاصيل ← |
NVD | A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V… | No | 🔴 Critical | A stack overflow | Exploit | Refer to CVE-2026-42370 NVD advisory |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| Exploit |
CVE-2026-7161
CVSS 9.3 CVE-2026-7161 — An insufficient encryption vulnerability exists in the Device Au… 📄 التفاصيل ← |
NVD | An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVis… | No | 🔴 Critical | An insufficient encryption | Exploit | Refer to CVE-2026-7161 NVD advisory |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| Exploit |
CVE-2026-7372
CVSS 9 CVE-2026-7372 — A stack overflow vulnerability exists in the WebCam Server Login… 📄 التفاصيل ← |
NVD | A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V… | No | 🔴 Critical | A stack overflow | Exploit | Refer to CVE-2026-7372 NVD advisory |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| Exploit |
CVE-2026-7719
CVSS 9.8 CVE-2026-7719 — A security flaw has been discovered in Totolink WA300 5.2cu.7112… 📄 التفاصيل ← |
NVD | A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is … | No | 🔴 Critical | A security flaw | Exploit | Refer to CVE-2026-7719 NVD advisory |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| Oracle |
CVE-2026-42233
CVSS 9.8 CVE-2026-42233 — n8n is an open source workflow automation platform. Prior to ve… 📄 التفاصيل ← |
NVD | n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, … | No | 🔴 Critical | Oracle Database | Exploit | Update to v1.123.32 |
UTC: 2026-05-04
EDT: 2026-05-04
SA: 2026-05-04
|
| General | Essential Data Sources for Detection Beyond the Endpoint 📄 التفاصيل ← | Palo Alto Unit42 | Unit 42 highlights the need for a comprehensive security strategy that spans every IT zone. Explore … | No | 🔴 Critical | Essential Data Sources | Exploit | Apply vendor security patch |
UTC: 2026-05-01
EDT: 2026-05-01
SA: 2026-05-01
|
| Containers | Kubernetes v1.36: Pod-Level Resource Managers (Alpha) 📄 التفاصيل ← | Kubernetes Security | Kubernetes v1.36 introduces Pod-Level Resource Managers as an alpha feature, bringing a more flexibl… | No | 🔴 Critical | Kubernetes 1.30.x | Exploit | Apply vendor security patch |
UTC: 2026-05-01
EDT: 2026-05-01
SA: 2026-05-01
|
| Exploit |
CVE-2026-7538
CVSS 9.8 CVE-2026-7538 — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20… 📄 التفاصيل ← |
NVD | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct… | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2026-7538 NVD advisory |
UTC: 2026-05-01
EDT: 2026-05-01
SA: 2026-05-01
|
| Exploit |
CVE-2026-7546
CVSS 9.8 CVE-2026-7546 — A security vulnerability has been detected in Totolink NR1800X 9… 📄 التفاصيل ← |
NVD | A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted e… | No | 🔴 Critical | A security vulnerability | Exploit | Refer to CVE-2026-7546 NVD advisory |
UTC: 2026-05-01
EDT: 2026-05-01
SA: 2026-05-01
|
| Supply Chain |
CVE-2026-42994
CVSS 9.8 CVE-2026-42994 — Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:… 📄 التفاصيل ← |
NVD | Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embe… | No | 🔴 Critical | Bitwarden CLI | Supply Chain | Refer to CVE-2026-42994 NVD advisory |
UTC: 2026-05-01
EDT: 2026-05-01
SA: 2026-05-01
|
| Web |
CVE-2026-7567
CVSS 9.8 CVE-2026-7567 — The Temporary Login plugin for WordPress is vulnerable to Authen… 📄 التفاصيل ← |
NVD | The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to an… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Update to v1.0.0 |
UTC: 2026-05-01
EDT: 2026-05-01
SA: 2026-05-01
|
| Web |
CVE-2026-42778
CVSS 9.8 CVE-2026-42778 — The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2… 📄 التفاصيل ← |
NVD | The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches. Here was the original is… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Update to v2.1.0 |
UTC: 2026-05-01
EDT: 2026-05-01
SA: 2026-05-01
|
| Web |
CVE-2026-42779
CVSS 9.8 CVE-2026-42779 — The fix for CVE-2026-41635 was not applied to the 2.1.X and 2.2… 📄 التفاصيل ← |
NVD | The fix for CVE-2026-41635 was not applied to the 2.1.X and 2.2.X branches. Here was the original is… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Update to v2.1.0 |
UTC: 2026-05-01
EDT: 2026-05-01
SA: 2026-05-01
|
| Exploit |
CVE-2026-34073
CVE-2026-34073 cryptography has incomplete DNS name constraint enforcement on pe… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | cryptography has incomplete | Exploit | Refer to CVE-2026-34073 NVD advisory |
UTC: 2026-04-30
EDT: 2026-04-30
SA: 2026-04-30
|
| General | This month in security with Tony Anscombe – April 2026 edition 📄 التفاصيل ← | ESET WeLiveSecurity | Warnings about helpdesk impersonation scams and Iran-linked hackers targeting critical sectors in th… | No | 🔴 Critical | This month in | Exploit | Apply vendor security patch |
UTC: 2026-04-30
EDT: 2026-04-30
SA: 2026-04-30
|
| OT/ICS | Risk Scenarios for the US’s Strategic Pivot 📄 التفاصيل ← | Recorded Future | The United States (US) is shifting toward a more force-driven security strategy primarily relying on… | No | 🔴 Critical | Apple iOS | Exploit | Apply vendor security patch |
UTC: 2026-04-30
EDT: 2026-04-30
SA: 2026-04-30
|
| Exploit |
CVE-2025-14543
CVSS 9.1 CVE-2025-14543 — Improper Restriction of XML External Entity Reference vulnerabi… 📄 التفاصيل ← |
NVD | Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Li… | No | 🔴 Critical | Improper Restriction of | Exploit | Refer to CVE-2025-14543 NVD advisory |
UTC: 2026-04-30
EDT: 2026-04-30
SA: 2026-04-30
|
| Exploit |
CVE-2026-4670
CVSS 9.8 CVE-2026-4670 — Authentication bypass by primary weakness vulnerability in Progr… 📄 التفاصيل ← |
NVD | Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allow… | No | 🔴 Critical | Authentication bypass by | Exploit | Update to v2024.0.0 |
UTC: 2026-04-30
EDT: 2026-04-30
SA: 2026-04-30
|
| Cloud |
CVE-2026-7424
CVE-2026-7424 - Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-T… 📄 التفاصيل ← |
AWS Security | Bulletin ID: 2026-022-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: … | No | 🔴 Critical | Integer Underflow in | Exploit | Refer to CVE-2026-7424 NVD advisory |
UTC: 2026-04-29
EDT: 2026-04-29
SA: 2026-04-29
|
| Cloud |
CVE-2026-7422
Issue with FreeRTOS-Plus-TCP - MAC Address Validation Bypass and ICMP Echo Reply… 📄 التفاصيل ← |
AWS Security | Bulletin ID: 2026-021-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: … | No | 🔴 Critical | Issue with FreeRTOS-Plus-TCP | Exploit | Refer to CVE-2026-7422 NVD advisory |
UTC: 2026-04-29
EDT: 2026-04-29
SA: 2026-04-29
|
| General |
CVE-2026-40478
CVSS 9.1 Don't Panic: The Thymeleaf Template Injection That Only Hurts If You Let It… 📄 التفاصيل ← |
Snyk Blog | CVE-2026-40478: The Thymeleaf template injection (CVSS 9.1) is conditional. Patch to 3.1.4+ immediat… | No | 🔴 Critical | Don't Panic: The | Exploit | Update to v3.1.4 |
UTC: 2026-04-29
EDT: 2026-04-29
SA: 2026-04-29
|
| OT/ICS |
CVE-2026-7191
CVE-2026-7191- Arbitrary Code Execution via Sandbox Bypass in QnABot on AWS 📄 التفاصيل ← |
AWS Security | Bulletin ID: 2026-020-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: … | No | 🔴 Critical | CVE-2026-7191- Arbitrary Code | Exploit | Refer to CVE-2026-7191 NVD advisory |
UTC: 2026-04-27
EDT: 2026-04-27
SA: 2026-04-27
|
| Containers | Kubernetes v1.36: Mutable Pod Resources for Suspended Jobs (beta) 📄 التفاصيل ← | Kubernetes Security | Kubernetes v1.36 promotes the ability to modify container resource requests and limits in the pod te… | No | 🔴 Critical | Kubernetes 1.30.x | Exploit | Apply vendor security patch |
UTC: 2026-04-27
EDT: 2026-04-27
SA: 2026-04-27
|
| Malware |
CVE-2026-3965
Qinglong task scheduler RCE vulnerabilities exploited in the wild for cryptomini… 📄 التفاصيل ← |
Snyk Blog | Two authentication bypass vulnerabilities (CVE-2026-3965, CVE-2026-4047) in the Qinglong task schedu… | Yes | 🔴 Critical | Qinglong task scheduler | Malware | Refer to CVE-2026-3965 NVD advisory |
UTC: 2026-04-27
EDT: 2026-04-27
SA: 2026-04-27
|
| Phishing |
CVE-2026-42363
CVSS 9.3 CVE-2026-42363 — An insufficient encryption vulnerability exists in the Device A… 📄 التفاصيل ← |
NVD | An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVis… | No | 🔴 Critical | An insufficient encryption | Exploit | Refer to CVE-2026-42363 NVD advisory |
UTC: 2026-04-27
EDT: 2026-04-27
SA: 2026-04-27
|
| Microsoft |
CVE-2026-40453
CVSS 9.9 CVE-2026-40453 — The fix for CVE-2025-27636 added setLowerCase(true) to HttpHead… 📄 التفاصيل ← |
NVD | The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant… | No | 🔴 Critical | The fix for | Exploit | Update to v4.20.0 |
UTC: 2026-04-27
EDT: 2026-04-27
SA: 2026-04-27
|
| Web |
CVE-2026-40860
CVSS 9.8 CVE-2026-40860 — JmsBinding.extractBodyFromJms() in camel-jms, and the equivalen… 📄 التفاصيل ← |
NVD | JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBinding class in camel-sjms, des… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Update to v4.20.0 |
UTC: 2026-04-27
EDT: 2026-04-27
SA: 2026-04-27
|
| OT/ICS |
CVE-2026-41635
CVSS 9.8 CVE-2026-41635 — Apache MINA's AbstractIoBuffer.resolveClass() contains two… 📄 التفاصيل ← |
NVD | Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static cl… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Exploit | Update to v2.0.0 |
UTC: 2026-04-27
EDT: 2026-04-27
SA: 2026-04-27
|
| General |
CVE-2026-31594
CVE-2026-31594 PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | PCI: endpoint: pci-epf-vntb: | Exploit | Refer to CVE-2026-31594 NVD advisory |
UTC: 2026-04-26
EDT: 2026-04-26
SA: 2026-04-26
|
| General |
CVE-2026-31574
CVE-2026-31574 clockevents: Add missing resets of the next_event_forced flag 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | clockevents: Add missing | Exploit | Refer to CVE-2026-31574 NVD advisory |
UTC: 2026-04-26
EDT: 2026-04-26
SA: 2026-04-26
|
| Network |
CVE-2026-7037
CVSS 9.8 CVE-2026-7037 — A security flaw has been discovered in Totolink A8000RU 7.1cu.64… 📄 التفاصيل ← |
NVD | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the … | No | 🔴 Critical | A security flaw | Exploit | Refer to CVE-2026-7037 NVD advisory |
UTC: 2026-04-26
EDT: 2026-04-26
SA: 2026-04-26
|
| Microsoft |
CVE-2026-33819
CVE-2026-33819 Microsoft Bing Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code … | No | 🔴 Critical | Microsoft Bing Remote | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-23
EDT: 2026-04-23
SA: 2026-04-23
|
| Microsoft |
CVE-2026-32172
CVE-2026-32172 Microsoft Power Apps Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute … | No | 🔴 Critical | Microsoft Power Apps | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-23
EDT: 2026-04-23
SA: 2026-04-23
|
| Web |
CVE-2026-6074
CVSS 9.8 CVE-2026-6074 — VulnCheck: Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x… 📄 التفاصيل ← |
VulnCheck | Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x contain a path traversal vulnerability in the … | No | 🔴 Critical | PHP | Exploit | Refer to CVE-2026-6074 NVD advisory |
UTC: 2026-04-23
EDT: 2026-04-23
SA: 2026-04-23
|
| Supply Chain | Hypersonic Supply Chain Attacks: One Solution That Didn’t Need to Know the Paylo… 📄 التفاصيل ← | SentinelOne Blog | Learn how SentinelOne has stopped three recent zero-day supply chain attacks with AI-driven defense … | Yes | 🔴 Critical | Hypersonic Supply Chain | Zero-Day | Apply vendor security patch |
UTC: 2026-04-22
EDT: 2026-04-22
SA: 2026-04-22
|
| General |
CVE-2026-41329
CVSS 9.9 CVE-2026-41329 — OpenClaw before 2026.3.31 contains a sandbox bypass vulnerabili… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate pri… | No | 🔴 Critical | OpenClaw before | Exploit | Refer to CVE-2026-41329 NVD advisory |
UTC: 2026-04-21
EDT: 2026-04-21
SA: 2026-04-21
|
| Network |
CVE-2026-39861
CVSS 10 CVE-2026-39861 — Claude Code is an agentic coding tool. Prior to version 2.1.64,… 📄 التفاصيل ← |
NVD | Claude Code is an agentic coding tool. Prior to version 2.1.64, Claude Code's sandbox did not p… | No | 🔴 Critical | Claude Code is | Exploit | Update to v2.1.64 |
UTC: 2026-04-21
EDT: 2026-04-21
SA: 2026-04-21
|
| Phishing |
CVE-2026-40496
CVSS 9.1 CVE-2026-40496 — FreeScout is a free self-hosted help desk and shared mailbox. P… 📄 التفاصيل ← |
NVD | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment d… | No | 🔴 Critical | FreeScout is a | Exploit | Update to v1.8.213 |
UTC: 2026-04-21
EDT: 2026-04-21
SA: 2026-04-21
|
| General |
CVE-2026-5965
CVSS 9.8 CVE-2026-5965 — NewSoftOA developed by NewSoft has an OS Command Injection vulne… 📄 التفاصيل ← |
NVD | NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated l… | No | 🔴 Critical | NewSoftOA developed by | Exploit | Refer to CVE-2026-5965 NVD advisory |
UTC: 2026-04-21
EDT: 2026-04-21
SA: 2026-04-21
|
| Cisco | The Internet Changes Before the Advisory Drops 📄 التفاصيل ← | GreyNoise Blog | Before Cisco disclosed a CVSS 10.0 zero-day, GreyNoise sensors had already observed eight surges of … | Yes | 🔴 Critical | Cisco | Zero-Day | Cisco Security Advisory |
UTC: 2026-04-20
EDT: 2026-04-20
SA: 2026-04-20
|
| Vulnerability |
CVE-2026-5760
CVSS 9.8 CVE-2026-5760 — VulnCheck: SGLang's reranking endpoint (/v1/rerank) achieve… 📄 التفاصيل ← |
VulnCheck | SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file… | No | 🔴 Critical | VulnCheck: SGLang's reranking | Exploit | Refer to CVE-2026-5760 NVD advisory |
UTC: 2026-04-20
EDT: 2026-04-20
SA: 2026-04-20
|
| Web |
CVE-2026-39918
CVSS 9.8 CVE-2026-39918 — VulnCheck: Vvveb prior to 1.0.8.1 contains a code injection vul… 📄 التفاصيل ← |
VulnCheck | Vvveb prior to 1.0.8.1 contains a code injection vulnerability in the installation endpoint where th… | No | 🔴 Critical | PHP | Exploit | Refer to CVE-2026-39918 NVD advisory |
UTC: 2026-04-20
EDT: 2026-04-20
SA: 2026-04-20
|
| Microsoft |
CVE-2026-6313
Chromium: CVE-2026-6313 Insufficient policy enforcement in CORS 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-17
EDT: 2026-04-17
SA: 2026-04-17
|
| Microsoft |
CVE-2026-6312
Chromium: CVE-2026-6312 Insufficient policy enforcement in Passwords 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-17
EDT: 2026-04-17
SA: 2026-04-17
|
| Windows |
CVE-2026-33689
CVSS 9.1 CVE-2026-33689 — VulnCheck: xrdp is an open source RDP server. Versions through … 📄 التفاصيل ← |
VulnCheck | xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability … | No | 🔴 Critical | VulnCheck: xrdp is | Exploit | Update to v0.10.5 |
UTC: 2026-04-17
EDT: 2026-04-17
SA: 2026-04-17
|
| Windows |
CVE-2026-33516
CVSS 9.1 CVE-2026-33516 — VulnCheck: xrdp is an open source RDP server. Versions through … 📄 التفاصيل ← |
VulnCheck | xrdp is an open source RDP server. Versions through 0.10.5 contain an out-of-bounds read vulnerabili… | No | 🔴 Critical | Microsoft Exchange | DDoS | Update to v0.10.5 |
UTC: 2026-04-17
EDT: 2026-04-17
SA: 2026-04-17
|
| AI/LLM | Frontier AI Reinforces the Future of Modern Cyber Defense 📄 التفاصيل ← | SentinelOne Blog | As OpenAI and Anthropic advance frontier AI, SentinelOne delivers AI-native, machine-speed cyber def… | No | 🔴 Critical | Frontier AI Reinforces | AI Attack | Apply vendor security patch |
UTC: 2026-04-16
EDT: 2026-04-16
SA: 2026-04-16
|
| Network | Defending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than Ev… 📄 التفاصيل ← | Mandiant OT | Introduction Advances in AI model-powered exploitation have demonstrated that general-purpose AI mo… | No | 🔴 Critical | Defending Your Enterprise | AI Attack | Apply vendor security patch |
UTC: 2026-04-16
EDT: 2026-04-16
SA: 2026-04-16
|
| Network | Defending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than Ev… 📄 التفاصيل ← | Mandiant Blog | Introduction Advances in AI model-powered exploitation have demonstrated that general-purpose AI mo… | No | 🔴 Critical | Defending Your Enterprise | AI Attack | Apply vendor security patch |
UTC: 2026-04-16
EDT: 2026-04-16
SA: 2026-04-16
|
| Microsoft | Patch Tuesday, April 2026 Edition 📄 التفاصيل ← | Krebs on Security | Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Wind… | Yes | 🔴 Critical | Google Chrome 124.x | Zero-Day | Microsoft Patch Tuesday |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Cloud | Issues with AWS Research and Engineering Studio (RES) 📄 التفاصيل ← | AWS Security | Bulletin ID: 2026-014-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: … | No | 🔴 Critical | Issues with AWS | Exploit | Apply vendor security patch |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Windows |
CVE-2026-32157
CVE-2026-32157 Remote Desktop Client Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a netwo… | No | 🔴 Critical | Remote Desktop Client | Exploit | Refer to CVE-2026-32157 NVD advisory |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| DDoS |
CVE-2026-32226
CVE-2026-32226 .NET Framework Denial of Service Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Concurrent execution using shared resource with improper synchronization ('race condition'… | No | 🔴 Critical | Microsoft .NET | DDoS | Refer to CVE-2026-32226 NVD advisory |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Microsoft |
CVE-2026-33120
CVE-2026-33120 Microsoft SQL Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a net… | No | 🔴 Critical | Microsoft SQL Server | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Microsoft |
CVE-2026-33826
CVE-2026-33826 Windows Active Directory Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Improper input validation in Windows Active Directory allows an authorized attacker to execute code … | No | 🔴 Critical | Microsoft Windows | Active Directory | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| DDoS |
CVE-2026-23666
CVE-2026-23666 .NET Framework Denial of Service Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Concurrent execution using shared resource with improper synchronization ('race condition'… | No | 🔴 Critical | Microsoft .NET | DDoS | Refer to CVE-2026-23666 NVD advisory |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| DDoS |
CVE-2026-26171
CVE-2026-26171 .NET Denial of Service Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a net… | No | 🔴 Critical | .NET Denial of | DDoS | Refer to CVE-2026-26171 NVD advisory |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Vulnerability |
CVE-2026-33827
CVE-2026-33827 Windows TCP/IP Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Concurrent execution using shared resource with improper synchronization ('race condition'… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Vulnerability |
CVE-2026-33824
CVE-2026-33824 Windows Internet Key Exchange (IKE) Service Extensions Remote Cod… 📄 التفاصيل ← |
Microsoft MSRC | Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Microsoft |
CVE-2026-32221
CVE-2026-32221 Windows Graphics Component Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execut… | No | 🔴 Critical | Microsoft Windows | ICS/OT | Microsoft Patch Tuesday |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Microsoft |
CVE-2026-32091
CVE-2026-32091 Microsoft Brokering File System Elevation of Privilege Vulnerabil… 📄 التفاصيل ← |
Microsoft MSRC | Concurrent execution using shared resource with improper synchronization ('race condition'… | No | 🔴 Critical | Microsoft Brokering File | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Vulnerability |
CVE-2026-35033
CVSS 9.1 CVE-2026-35033 — VulnCheck: Jellyfin is an open source self hosted media server.… 📄 التفاصيل ← |
VulnCheck | Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain an unauthenti… | No | 🔴 Critical | VulnCheck: Jellyfin is | Exploit | Update to v10.11.7 |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Vulnerability |
CVE-2026-35031
CVSS 9.9 CVE-2026-35031 — VulnCheck: Jellyfin is an open source self hosted media server.… 📄 التفاصيل ← |
VulnCheck | Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerabili… | No | 🔴 Critical | VulnCheck: Jellyfin is | Exploit | Update to v10.11.7 |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Fortinet |
CVE-2026-39808
CVSS 9.8 CVE-2026-39808 — A improper neutralization of special elements used in an os com… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an os command ('os command injection'… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Fortinet |
CVE-2026-39813
CVSS 9.8 CVE-2026-39813 — A path traversal: '../filedir' vulnerability in Forti… 📄 التفاصيل ← |
NVD | A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5,… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2026-04-14
EDT: 2026-04-14
SA: 2026-04-14
|
| Microsoft |
CVE-2026-5892
Chromium: CVE-2026-5892 Insufficient policy enforcement in PWAs 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-11
EDT: 2026-04-11
SA: 2026-04-11
|
| Microsoft |
CVE-2026-5891
Chromium: CVE-2026-5891 Insufficient policy enforcement in browser UI 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-11
EDT: 2026-04-11
SA: 2026-04-11
|
| Web |
CVE-2026-33698
CVSS 9.8 CVE-2026-33698 — VulnCheck: Chamilo LMS is a learning management system. Prior t… 📄 التفاصيل ← |
VulnCheck | Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise… | No | 🔴 Critical | HPE iLO | PHP | Exploit | Refer to CVE-2026-33698 NVD advisory |
UTC: 2026-04-10
EDT: 2026-04-10
SA: 2026-04-10
|
| Containers |
CVE-2026-40089
CVSS 9.9 CVE-2026-40089 — VulnCheck: Sonicverse is a Self-hosted Docker Compose stack for… 📄 التفاصيل ← |
VulnCheck | Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audi… | No | 🔴 Critical | Docker | Exploit | Refer to CVE-2026-40089 NVD advisory |
UTC: 2026-04-09
EDT: 2026-04-09
SA: 2026-04-09
|
| Juniper |
CVE-2026-33784
CVSS 9.8 CVE-2026-33784 — A Use of Default Password vulnerability in the Juniper Networks… 📄 التفاصيل ← |
NVD | A Use of Default Password vulnerability in the Juniper Networks Support Insights (JSI) Virtual L… | No | 🔴 Critical | A Use of | Exploit | Update to v3.0.94 |
UTC: 2026-04-09
EDT: 2026-04-09
SA: 2026-04-09
|
| Vulnerability |
CVE-2026-34582
CVSS 9.1 CVE-2026-34582 — VulnCheck: Botan is a C++ cryptography library. Prior to versio… 📄 التفاصيل ← |
VulnCheck | Botan is a C++ cryptography library. Prior to version 3.11.1, the TLS 1.3 implementation allowed App… | No | 🔴 Critical | VulnCheck: Botan is | Exploit | Update to v3.11.1 |
UTC: 2026-04-07
EDT: 2026-04-07
SA: 2026-04-07
|
| Vulnerability |
CVE-2026-33816
CVSS 9.8 CVE-2026-33816 — VulnCheck: Memory-safety vulnerability in github.com/jackc/pgx/… 📄 التفاصيل ← |
VulnCheck | Memory-safety vulnerability in github.com/jackc/pgx/v5. | No | 🔴 Critical | VulnCheck: Memory-safety vulnerability | Exploit | Refer to CVE-2026-33816 NVD advisory |
UTC: 2026-04-07
EDT: 2026-04-07
SA: 2026-04-07
|
| Vulnerability |
CVE-2026-33815
CVSS 9.8 CVE-2026-33815 — VulnCheck: Memory-safety vulnerability in github.com/jackc/pgx/… 📄 التفاصيل ← |
VulnCheck | Memory-safety vulnerability in github.com/jackc/pgx/v5. | No | 🔴 Critical | VulnCheck: Memory-safety vulnerability | Exploit | Refer to CVE-2026-33815 NVD advisory |
UTC: 2026-04-07
EDT: 2026-04-07
SA: 2026-04-07
|
| OT/ICS | Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US… 📄 التفاصيل ← | US-CERT | Advisory at a Glance Title Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers… | No | 🔴 Critical | Iranian-Affiliated Cyber Actors | APT | Apply vendor security patch |
UTC: 2026-04-06
EDT: 2026-04-06
SA: 2026-04-06
|
| Microsoft |
CVE-2026-5276
Chromium: CVE-2026-5276 Insufficient policy enforcement in WebUSB 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses t… | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-03
EDT: 2026-04-03
SA: 2026-04-03
|
| Exploit |
CVE-2026-23428
CVSS 9.8 CVE-2026-23428 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of sh… | No | 🔴 Critical | Linux Kernel | Exploit | Refer to CVE-2026-23428 NVD advisory |
UTC: 2026-04-03
EDT: 2026-04-03
SA: 2026-04-03
|
| iOS |
CVE-2026-23427
CVSS 9.8 CVE-2026-23427 — In the Linux kernel, the following vulnerability has been resol… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in du… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Ubuntu 22.04/20.04 LTS | Exploit | Refer to CVE-2026-23427 NVD advisory |
UTC: 2026-04-03
EDT: 2026-04-03
SA: 2026-04-03
|
| Containers |
CVE-2026-34612
CVSS 9.9 CVE-2026-34612 — VulnCheck: Kestra is an open-source, event-driven orchestration… 📄 التفاصيل ← |
VulnCheck | Kestra is an open-source, event-driven orchestration platform. Prior to version 1.3.7, Kestra (defau… | No | 🔴 Critical | Docker | PostgreSQL | Exploit | Update to v1.3.7 |
UTC: 2026-04-03
EDT: 2026-04-03
SA: 2026-04-03
|
| Fortinet |
CVE-2026-35616
CVSS 9.8 CVE-2026-35616 — A improper access control vulnerability in Fortinet FortiClient… 📄 التفاصيل ← |
NVD | A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an … | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2026-04-03
EDT: 2026-04-03
SA: 2026-04-03
|
| Web |
CVE-2026-26135
CVE-2026-26135 Azure Custom Locations Resource Provider (RP) Elevation of Privil… 📄 التفاصيل ← |
Microsoft MSRC | Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an author… | No | 🔴 Critical | Microsoft Azure | Exploit | Refer to CVE-2026-26135 NVD advisory |
UTC: 2026-04-02
EDT: 2026-04-02
SA: 2026-04-02
|
| Microsoft | Azure IaaS: Keep critical applications running with built-in resiliency at scale 📄 التفاصيل ← | Azure Security | Azure IaaS provides foundational capabilities across compute, storage, and networking to help organi… | No | 🔴 Critical | Microsoft Azure | Exploit | Microsoft Patch Tuesday |
UTC: 2026-04-01
EDT: 2026-04-01
SA: 2026-04-01
|
| Vulnerability |
CVE-2026-34060
CVSS 9.8 CVE-2026-34060 — VulnCheck: Ruby LSP is an implementation of the language server… 📄 التفاصيل ← |
VulnCheck | Ruby LSP is an implementation of the language server protocol for Ruby. Prior to Shopify.ruby-lsp ve… | No | 🔴 Critical | VulnCheck: Ruby LSP | Exploit | Update to v0.10.2 |
UTC: 2026-03-30
EDT: 2026-03-30
SA: 2026-03-30
|
| Vulnerability |
CVE-2026-32275
CVSS 9.1 CVE-2026-32275 — VulnCheck: Tautulli is a Python based monitoring and tracking t… 📄 التفاصيل ← |
VulnCheck | Tautulli is a Python based monitoring and tracking tool for Plex Media Server. From version 1.3.10 t… | No | 🔴 Critical | Python | Exploit | Update to v1.3.10 |
UTC: 2026-03-30
EDT: 2026-03-30
SA: 2026-03-30
|
| Cloud |
CVE-2026-28505
CVSS 10 CVE-2026-28505 — VulnCheck: Tautulli is a Python based monitoring and tracking t… 📄 التفاصيل ← |
VulnCheck | Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17… | No | 🔴 Critical | Python | Exploit | Update to v2.17.0 |
UTC: 2026-03-30
EDT: 2026-03-30
SA: 2026-03-30
|
| OT/ICS |
CVE-2026-27876
CVSS 9.1 CVE-2026-27876 — A chained attack via SQL Expressions and a Grafana Enterprise p… 📄 التفاصيل ← |
NVD | A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary … | No | 🔴 Critical | A chained attack | Exploit | Update to v11.6.0 |
UTC: 2026-03-27
EDT: 2026-03-27
SA: 2026-03-27
|
| iOS |
CVE-2026-34387
CVSS 9.8 CVE-2026-34387 — VulnCheck: Fleet is open source device management software. Pri… 📄 التفاصيل ← |
VulnCheck | Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability … | No | 🔴 Critical | Microsoft Windows | Apple macOS | Exploit | Update to v4.81.1 |
UTC: 2026-03-27
EDT: 2026-03-27
SA: 2026-03-27
|
| Supply Chain |
CVE-2026-26832
CVSS 9.8 CVE-2026-26832 — VulnCheck: node-tesseract-ocr is an npm package that provides a… 📄 التفاصيل ← |
VulnCheck | node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versi… | No | 🔴 Critical | Node.js | Exploit | Update to v2.2.1 |
UTC: 2026-03-25
EDT: 2026-03-25
SA: 2026-03-25
|
| Malware | The Operations of the Swarm: Inside the Complex World of Mirai-Based Botnets 📄 التفاصيل ← | Pulsedive Blog | Dive into a technical primer on the modern botnet landscape - including the evolution of Mirai-based… | No | 🔴 Critical | The Operations of | Botnet | Apply vendor security patch |
UTC: 2026-03-24
EDT: 2026-03-24
SA: 2026-03-24
|
| Microsoft | M-Trends 2026: Data, Insights, and Strategies From the Frontlines 📄 التفاصيل ← | Mandiant OT | Every year, the cyber threat landscape forces defenders to adapt to evolving adversary tactics, tech… | No | 🔴 Critical | M-Trends 2026: Data, | APT | Apply vendor security patch |
UTC: 2026-03-23
EDT: 2026-03-23
SA: 2026-03-23
|
| Microsoft | M-Trends 2026: Data, Insights, and Strategies From the Frontlines 📄 التفاصيل ← | Mandiant Blog | Every year, the cyber threat landscape forces defenders to adapt to evolving adversary tactics, tech… | No | 🔴 Critical | M-Trends 2026: Data, | APT | Apply vendor security patch |
UTC: 2026-03-23
EDT: 2026-03-23
SA: 2026-03-23
|
| Vulnerability |
CVE-2026-4404
CVSS 9.4 CVE-2026-4404 — VulnCheck: Use of hard coded credentials in GoHarbor Harbor vers… 📄 التفاصيل ← |
VulnCheck | Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use t… | No | 🔴 Critical | VulnCheck: Use of | Exploit | Update to v2.15.0 |
UTC: 2026-03-23
EDT: 2026-03-23
SA: 2026-03-23
|
| Vulnerability |
CVE-2026-32945
CVSS 9.8 CVE-2026-32945 — VulnCheck: PJSIP is a free and open source multimedia communica… 📄 التفاصيل ← |
VulnCheck | PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and bel… | No | 🔴 Critical | VulnCheck: PJSIP is | Exploit | Update to v2.16 |
UTC: 2026-03-20
EDT: 2026-03-20
SA: 2026-03-20
|
| Microsoft |
CVE-2026-32191
CVE-2026-32191 Microsoft Bing Images Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Improper neutralization of special elements used in an os command ('os command injection')… | No | 🔴 Critical | Microsoft Bing Images | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-19
EDT: 2026-03-19
SA: 2026-03-19
|
| Microsoft |
CVE-2026-32194
CVE-2026-32194 Microsoft Bing Images Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Improper neutralization of special elements used in a command ('command injection') in Mic… | No | 🔴 Critical | Microsoft Bing Images | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-19
EDT: 2026-03-19
SA: 2026-03-19
|
| Microsoft |
CVE-2026-26137
CVSS 9.9 CVE-2026-26137 — Server-side request forgery (ssrf) in Microsoft Exchange allows… 📄 التفاصيل ← |
NVD | Server-side request forgery (ssrf) in Microsoft Exchange allows an authorized attacker to elevate pr… | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-19
EDT: 2026-03-19
SA: 2026-03-19
|
| Network | The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Act… 📄 التفاصيل ← | Mandiant OT | Introduction Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit th… | Yes | 🔴 Critical | Apple iOS | Intel | Zero-Day | Apply vendor security patch |
UTC: 2026-03-18
EDT: 2026-03-18
SA: 2026-03-18
|
| Network | The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Act… 📄 التفاصيل ← | Mandiant Blog | Introduction Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit th… | Yes | 🔴 Critical | Apple iOS | Intel | Zero-Day | Apply vendor security patch |
UTC: 2026-03-18
EDT: 2026-03-18
SA: 2026-03-18
|
| Web |
CVE-2026-32703
CVSS 9 CVE-2026-32703 — VulnCheck: OpenProject is an open-source, web-based project man… 📄 التفاصيل ← |
VulnCheck | OpenProject is an open-source, web-based project management software. In versions prior to 16.6.9, 1… | No | 🔴 Critical | VulnCheck: OpenProject is | Exploit | Update to v16.6.9 |
UTC: 2026-03-18
EDT: 2026-03-18
SA: 2026-03-18
|
| Web |
CVE-2026-32698
CVSS 9.1 CVE-2026-32698 — VulnCheck: OpenProject is an open-source, web-based project man… 📄 التفاصيل ← |
VulnCheck | OpenProject is an open-source, web-based project management software. Versions prior to 16.6.9, 17.0… | No | 🔴 Critical | VulnCheck: OpenProject is | Exploit | Update to v16.6.9 |
UTC: 2026-03-18
EDT: 2026-03-18
SA: 2026-03-18
|
| Network | Ransomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Thr… 📄 التفاصيل ← | Mandiant OT | Written by: Bavi Sadayappan, Zach Riddle, Ioana Teaca, Kimberly Goody, Genevieve Stark Introduction… | Yes | 🔴 Critical | Ransomware Under Pressure: | Ransomware | Apply vendor security patch |
UTC: 2026-03-16
EDT: 2026-03-16
SA: 2026-03-16
|
| Network | Ransomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Thr… 📄 التفاصيل ← | Mandiant Blog | Written by: Bavi Sadayappan, Zach Riddle, Ioana Teaca, Kimberly Goody, Genevieve Stark Introduction… | Yes | 🔴 Critical | Ransomware Under Pressure: | Ransomware | Apply vendor security patch |
UTC: 2026-03-16
EDT: 2026-03-16
SA: 2026-03-16
|
| Microsoft |
CVE-2026-3941
Chromium: CVE-2026-3941 Insufficient policy enforcement in DevTools 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-14
EDT: 2026-03-14
SA: 2026-03-14
|
| Microsoft |
CVE-2026-3940
Chromium: CVE-2026-3940 Insufficient policy enforcement in DevTools 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-14
EDT: 2026-03-14
SA: 2026-03-14
|
| Microsoft |
CVE-2026-3938
Chromium: CVE-2026-3938 Insufficient policy enforcement in Clipboard 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-14
EDT: 2026-03-14
SA: 2026-03-14
|
| Microsoft |
CVE-2026-3934
Chromium: CVE-2026-3934 Insufficient policy enforcement in ChromeDriver 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-14
EDT: 2026-03-14
SA: 2026-03-14
|
| Microsoft |
CVE-2026-3932
Chromium: CVE-2026-3932 Insufficient policy enforcement in PDF 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-14
EDT: 2026-03-14
SA: 2026-03-14
|
| Microsoft |
CVE-2026-3929
Chromium: CVE-2026-3929 Side-channel information leakage in ResourceTiming 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-14
EDT: 2026-03-14
SA: 2026-03-14
|
| Microsoft |
CVE-2026-3928
Chromium: CVE-2026-3928 Insufficient policy enforcement in Extensions 📄 التفاصيل ← |
Microsoft MSRC | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses … | No | 🔴 Critical | Google Chrome 124.x | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-14
EDT: 2026-03-14
SA: 2026-03-14
|
| Windows |
CVE-2026-31806
CVSS 9.8 CVE-2026-31806 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_b… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-31806 NVD advisory |
UTC: 2026-03-13
EDT: 2026-03-13
SA: 2026-03-13
|
| Microsoft |
CVE-2026-20841
CVE-2026-20841 Windows Notepad App Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | To comprehensively address CVE-2026-20841, Microsoft has released February 2026 security updates for… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-12
EDT: 2026-03-12
SA: 2026-03-12
|
| Vulnerability |
CVE-2026-30903
CVSS 9.6 CVE-2026-30903 — VulnCheck: External Control of File Name or Path in the Mail fe… 📄 التفاصيل ← |
VulnCheck | External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-11
EDT: 2026-03-11
SA: 2026-03-11
|
| Microsoft |
CVE-2026-23668
CVE-2026-23668 Windows Graphics Component Elevation of Privilege Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Concurrent execution using shared resource with improper synchronization ('race condition'… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| Windows |
CVE-2026-23669
CVE-2026-23669 Windows Print Spooler Remote Code Execution Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Use after free in Windows Print Spooler Components allows an authorized attacker to execute code ove… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| Windows |
CVE-2026-24297
CVE-2026-24297 Windows Kerberos Security Feature Bypass Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Concurrent execution using shared resource with improper synchronization ('race condition'… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| Vulnerability |
CVE-2026-25172
CVE-2026-25172 Windows Routing and Remote Access Service (RRAS) Remote Code Exec… 📄 التفاصيل ← |
Microsoft MSRC | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unautho… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| Vulnerability |
CVE-2026-25173
CVE-2026-25173 Windows Routing and Remote Access Service (RRAS) Remote Code Exec… 📄 التفاصيل ← |
Microsoft MSRC | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authori… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| Microsoft |
CVE-2026-25177
CVE-2026-25177 Active Directory Domain Services Elevation of Privilege Vulnerabi… 📄 التفاصيل ← |
Microsoft MSRC | Improper restriction of names for files and other resources in Active Directory Domain Services allo… | No | 🔴 Critical | Active Directory | Exploit | Refer to CVE-2026-25177 NVD advisory |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| Vulnerability |
CVE-2026-26111
CVE-2026-26111 Windows Routing and Remote Access Service (RRAS) Remote Code Exec… 📄 التفاصيل ← |
Microsoft MSRC | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unautho… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| Supply Chain |
CVE-2026-23654
CVE-2026-23654 GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerabilit… 📄 التفاصيل ← |
Microsoft MSRC | Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unau… | No | 🔴 Critical | GitHub: Zero Shot | Exploit | Refer to CVE-2026-23654 NVD advisory |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| DDoS |
CVE-2026-26130
CVE-2026-26130 ASP.NET Core Denial of Service Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker… | No | 🔴 Critical | ASP.NET Core Denial | DDoS | Refer to CVE-2026-26130 NVD advisory |
UTC: 2026-03-10
EDT: 2026-03-10
SA: 2026-03-10
|
| Web |
CVE-2026-31816
CVSS 9.1 CVE-2026-31816 — VulnCheck: Budibase is a low code platform for creating interna… 📄 التفاصيل ← |
VulnCheck | Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.4 … | No | 🔴 Critical | VulnCheck: Budibase is | Exploit | Refer to CVE-2026-31816 NVD advisory |
UTC: 2026-03-09
EDT: 2026-03-09
SA: 2026-03-09
|
| Web |
CVE-2026-29789
CVSS 9.9 CVE-2026-29789 — VulnCheck: Vito is a self-hosted web application that helps man… 📄 التفاصيل ← |
VulnCheck | Vito is a self-hosted web application that helps manage servers and deploy PHP applications into pro… | No | 🔴 Critical | PHP | Exploit | Update to v3.20.3 |
UTC: 2026-03-06
EDT: 2026-03-06
SA: 2026-03-06
|
| Microsoft |
CVE-2026-21536
CVE-2026-21536 Microsoft Devices Pricing Program Remote Code Execution Vulnerabi… 📄 التفاصيل ← |
Microsoft MSRC | Information published. | No | 🔴 Critical | Microsoft Devices Pricing | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-05
EDT: 2026-03-05
SA: 2026-03-05
|
| Microsoft |
CVE-2026-28391
CVSS 9.8 CVE-2026-28391 — OpenClaw versions prior to 2026.2.2 fail to properly validate W… 📄 التفاصيل ← |
NVD | OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allo… | No | 🔴 Critical | Microsoft Windows | Exploit | Update to v2026.2.2 |
UTC: 2026-03-05
EDT: 2026-03-05
SA: 2026-03-05
|
| Microsoft | Azure IaaS: Explore new resources for building a stronger, more efficient infras… 📄 التفاصيل ← | Azure Security | As organizations accelerate digital transformation, infrastructure decisions increasingly shape how … | No | 🔴 Critical | Microsoft Azure | Exploit | Microsoft Patch Tuesday |
UTC: 2026-03-04
EDT: 2026-03-04
SA: 2026-03-04
|
| Exploit |
CVE-2026-3136
CVSS 9.8 CVE-2026-3136 — An improper authorization vulnerability in GitHub Trigger Commen… 📄 التفاصيل ← |
NVD | An improper authorization vulnerability in GitHub Trigger Comment Control in Google Cloud Build prio… | No | 🔴 Critical | An improper authorization vulnerability | Exploit | Refer to CVE-2026-3136 NVD advisory |
UTC: 2026-03-03
EDT: 2026-03-03
SA: 2026-03-03
|
| Cloud |
CVE-2026-3336
Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-20… 📄 التفاصيل ← |
AWS Security | Bulletin ID: 2026-005-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: … | No | 🔴 Critical | Issue with AWS-LC: | Exploit | Refer to CVE-2026-3336 NVD advisory |
UTC: 2026-03-02
EDT: 2026-03-02
SA: 2026-03-02
|
| Microsoft |
CVE-2026-28215
CVSS 9.1 CVE-2026-28215 — hoppscotch is an open source API development ecosystem. Prior t… 📄 التفاصيل ← |
NVD | hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticate… | No | 🔴 Critical | hoppscotch is an | APT | Update to v2026.2. |
UTC: 2026-02-26
EDT: 2026-02-26
SA: 2026-02-26
|
| Cisco |
CVE-2026-20129
CVSS 9.8 CVE-2026-20129 — A vulnerability in the API user authentication of Cisco Catalys… 📄 التفاصيل ← |
NVD | A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unaut… | No | 🔴 Critical | Cisco | Exploit | Cisco Security Advisory |
UTC: 2026-02-25
EDT: 2026-02-25
SA: 2026-02-25
|
| Windows |
CVE-2026-25997
CVSS 9.8 CVE-2026-25997 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipbo… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.23.0 |
UTC: 2026-02-25
EDT: 2026-02-25
SA: 2026-02-25
|
| Windows |
CVE-2026-25959
CVSS 9.8 CVE-2026-25959 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_cliprd… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.23.0 |
UTC: 2026-02-25
EDT: 2026-02-25
SA: 2026-02-25
|
| Windows |
CVE-2026-25955
CVSS 9.8 CVE-2026-25955 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpd… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.23.0 |
UTC: 2026-02-25
EDT: 2026-02-25
SA: 2026-02-25
|
| Windows |
CVE-2026-25953
CVSS 9.8 CVE-2026-25953 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpd… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.23.0 |
UTC: 2026-02-25
EDT: 2026-02-25
SA: 2026-02-25
|
| Windows |
CVE-2026-25952
CVSS 9.8 CVE-2026-25952 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_SetWin… | No | 🔴 Critical | Microsoft Windows | Exploit | Update to v3.23.0 |
UTC: 2026-02-25
EDT: 2026-02-25
SA: 2026-02-25
|
| Juniper |
CVE-2026-21902
CVSS 9.8 CVE-2026-21902 — An Incorrect Permission Assignment for Critical Resource vulner… 📄 التفاصيل ← |
NVD | An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detecti… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v25.4 |
UTC: 2026-02-25
EDT: 2026-02-25
SA: 2026-02-25
|
| Containers | How Medplum Secured Their Healthcare Platform with Docker Hardened Images (DHI) 📄 التفاصيل ← | Docker Security | Special thanks to Cody Ebberson and the Medplum team for their open-source contribution and for shar… | No | 🔴 Critical | Docker | Exploit | Apply vendor security patch |
UTC: 2026-02-19
EDT: 2026-02-19
SA: 2026-02-19
|
| Containers |
CVE-2026-25227
CVSS 9.1 CVE-2026-25227 — VulnCheck: authentik is an open-source identity provider. From … 📄 التفاصيل ← |
VulnCheck | authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025… | No | 🔴 Critical | VulnCheck: authentik is | Exploit | Refer to CVE-2026-25227 NVD advisory |
UTC: 2026-02-12
EDT: 2026-02-12
SA: 2026-02-12
|
| Windows |
CVE-2026-24679
CVSS 9.1 CVE-2026-24679 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client … | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-24679 NVD advisory |
UTC: 2026-02-09
EDT: 2026-02-09
SA: 2026-02-09
|
| Windows |
CVE-2026-24677
CVSS 9.1 CVE-2026-24677 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecam_encoder_compr… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-24677 NVD advisory |
UTC: 2026-02-09
EDT: 2026-02-09
SA: 2026-02-09
|
| Fortinet |
CVE-2026-21643
CVSS 9.8 CVE-2026-21643 — An improper neutralization of special elements used in an sql c… 📄 التفاصيل ← |
NVD | An improper neutralization of special elements used in an sql command ('sql injection') vu… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2026-02-06
EDT: 2026-02-06
SA: 2026-02-06
|
| Vulnerability |
CVE-2026-25763
CVSS 9.9 CVE-2026-25763 — VulnCheck: OpenProject is an open-source, web-based project man… 📄 التفاصيل ← |
VulnCheck | OpenProject is an open-source, web-based project management software. Prior to versions 16.6.7 and 1… | PoC Only | 🔴 Critical | VulnCheck: OpenProject is | PoC Research | Update to v16.6.7 |
UTC: 2026-02-06
EDT: 2026-02-06
SA: 2026-02-06
|
| Phishing | The 3Cs: A Framework for AI Agent Security 📄 التفاصيل ← | Docker Security | Every time execution models change, security frameworks need to change with them. Agents force the n… | No | 🔴 Critical | The 3Cs: A | APT | Apply vendor security patch |
UTC: 2026-02-04
EDT: 2026-02-04
SA: 2026-02-04
|
| Fortinet |
CVE-2026-24858
CVSS 9.8 CVE-2026-24858 — An Authentication Bypass Using an Alternate Path or Channel vul… 📄 التفاصيل ← |
NVD | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in… | No | 🔴 Critical | Fortinet FortiOS | Fortinet FortiManager | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2026-01-27
EDT: 2026-01-27
SA: 2026-01-27
|
| Juniper |
CVE-2025-21589
CVSS 9.8 CVE-2025-21589 — An Authentication Bypass Using an Alternate Path or Channel vul… 📄 التفاصيل ← |
NVD | An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Sessio… | No | 🔴 Critical | An Authentication Bypass | Exploit | Refer to CVE-2025-21589 NVD advisory |
UTC: 2026-01-27
EDT: 2026-01-27
SA: 2026-01-27
|
| Containers |
CVE-2026-1386
CVE-2026-1386 - Arbitrary Host File Overwrite via Symlink in Firecracker Jailer 📄 التفاصيل ← |
AWS Security | Bulletin ID: 2026-003-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2026-1386 NVD advisory |
UTC: 2026-01-23
EDT: 2026-01-23
SA: 2026-01-23
|
| VMware |
CVE-2026-21962
CVSS 10 CVE-2026-21962 — Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusi… | No | 🔴 Critical | Apache HTTP Server | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2026-01-20
EDT: 2026-01-20
SA: 2026-01-20
|
| Windows |
CVE-2026-23884
CVSS 9.8 CVE-2026-23884 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen … | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.21.0 |
UTC: 2026-01-19
EDT: 2026-01-19
SA: 2026-01-19
|
| Windows |
CVE-2026-23883
CVSS 9.8 CVE-2026-23883 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointe… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.21.0 |
UTC: 2026-01-19
EDT: 2026-01-19
SA: 2026-01-19
|
| Web |
CVE-2026-23836
CVSS 9.9 CVE-2026-23836 — VulnCheck: HotCRP is conference review software. A problem intr… 📄 التفاصيل ← |
VulnCheck | HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inade… | No | 🔴 Critical | PHP | Exploit | Update to v3.1 |
UTC: 2026-01-19
EDT: 2026-01-19
SA: 2026-01-19
|
| Windows |
CVE-2026-23534
CVSS 9.8 CVE-2026-23534 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-s… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.21.0 |
UTC: 2026-01-19
EDT: 2026-01-19
SA: 2026-01-19
|
| Windows |
CVE-2026-23533
CVSS 9.8 CVE-2026-23533 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-s… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.21.0 |
UTC: 2026-01-19
EDT: 2026-01-19
SA: 2026-01-19
|
| Windows |
CVE-2026-23532
CVSS 9.8 CVE-2026-23532 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-s… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.21.0 |
UTC: 2026-01-19
EDT: 2026-01-19
SA: 2026-01-19
|
| Windows |
CVE-2026-23531
CVSS 9.8 CVE-2026-23531 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCo… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.21.0 |
UTC: 2026-01-19
EDT: 2026-01-19
SA: 2026-01-19
|
| Windows |
CVE-2026-23530
CVSS 9.8 CVE-2026-23530 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bi… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Update to v3.21.0 |
UTC: 2026-01-19
EDT: 2026-01-19
SA: 2026-01-19
|
| Windows |
CVE-2026-22859
CVSS 9.1 CVE-2026-22859 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client … | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-22859 NVD advisory |
UTC: 2026-01-14
EDT: 2026-01-14
SA: 2026-01-14
|
| Windows |
CVE-2026-22858
CVSS 9.1 CVE-2026-22858 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-over… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-22858 NVD advisory |
UTC: 2026-01-14
EDT: 2026-01-14
SA: 2026-01-14
|
| Windows |
CVE-2026-22857
CVSS 9.8 CVE-2026-22857 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-f… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-22857 NVD advisory |
UTC: 2026-01-14
EDT: 2026-01-14
SA: 2026-01-14
|
| Windows |
CVE-2026-22855
CVSS 9.1 CVE-2026-22855 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-boun… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-22855 NVD advisory |
UTC: 2026-01-14
EDT: 2026-01-14
SA: 2026-01-14
|
| Windows |
CVE-2026-22854
CVSS 9.8 CVE-2026-22854 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-over… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-22854 NVD advisory |
UTC: 2026-01-14
EDT: 2026-01-14
SA: 2026-01-14
|
| Windows |
CVE-2026-22853
CVSS 9.8 CVE-2026-22853 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-22853 NVD advisory |
UTC: 2026-01-14
EDT: 2026-01-14
SA: 2026-01-14
|
| Windows |
CVE-2026-22852
CVSS 9.8 CVE-2026-22852 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP se… | No | 🔴 Critical | VulnCheck: FreeRDP is | Exploit | Refer to CVE-2026-22852 NVD advisory |
UTC: 2026-01-14
EDT: 2026-01-14
SA: 2026-01-14
|
| Vulnerability |
CVE-2026-22708
CVSS 9.8 CVE-2026-22708 — VulnCheck: Cursor is a code editor built for programming with A… 📄 التفاصيل ← |
VulnCheck | Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running… | No | 🔴 Critical | VulnCheck: Cursor is | Exploit | Refer to CVE-2026-22708 NVD advisory |
UTC: 2026-01-14
EDT: 2026-01-14
SA: 2026-01-14
|
| Microsoft |
CVE-2026-20963
CVSS 9.8 CVE-2026-20963 — Deserialization of untrusted data in Microsoft Office SharePoin… 📄 التفاصيل ← |
NVD | Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to … | No | 🔴 Critical | Microsoft SharePoint | Exploit | Microsoft Patch Tuesday |
UTC: 2026-01-13
EDT: 2026-01-13
SA: 2026-01-13
|
| Fortinet |
CVE-2025-47855
CVSS 9.8 CVE-2025-47855 — An exposure of sensitive information to an unauthorized actor [… 📄 التفاصيل ← |
NVD | An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet Fo… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2026-01-13
EDT: 2026-01-13
SA: 2026-01-13
|
| Fortinet |
CVE-2025-64155
CVSS 9.8 CVE-2025-64155 — An improper neutralization of special elements used in an os co… 📄 التفاصيل ← |
NVD | An improper neutralization of special elements used in an os command ('os command injection… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2026-01-13
EDT: 2026-01-13
SA: 2026-01-13
|
| Vulnerability |
CVE-2025-66398
CVSS 9.6 CVE-2025-66398 — Signal K Server is a server application that runs on a central … 📄 التفاصيل ← |
NVD | Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.… | No | 🔴 Critical | Signal K Server | Exploit | Update to v2.19.0 |
UTC: 2026-01-01
EDT: 2026-01-01
SA: 2026-01-01
|
| Vulnerability |
CVE-2025-68620
CVSS 9.1 CVE-2025-68620 — Signal K Server is a server application that runs on a central … 📄 التفاصيل ← |
NVD | Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19… | No | 🔴 Critical | Signal K Server | Exploit | Update to v2.19.0 |
UTC: 2026-01-01
EDT: 2026-01-01
SA: 2026-01-01
|
| Windows |
CVE-2025-68118
CVSS 9.1 CVE-2025-68118 — VulnCheck: FreeRDP is a free implementation of the Remote Deskt… 📄 التفاصيل ← |
VulnCheck | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerab… | No | 🔴 Critical | Microsoft Windows | Exploit | Update to v3.20.0 |
UTC: 2025-12-17
EDT: 2025-12-17
SA: 2025-12-17
|
| Fortinet |
CVE-2025-59718
CVSS 9.8 CVE-2025-59718 — A improper verification of cryptographic signature vulnerabilit… 📄 التفاصيل ← |
NVD | A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7… | No | 🔴 Critical | Fortinet FortiOS | Fortinet | Apple iOS | Exploit | Fortinet PSIRT Advisory |
UTC: 2025-12-09
EDT: 2025-12-09
SA: 2025-12-09
|
| Fortinet |
CVE-2025-59719
CVSS 9.8 CVE-2025-59719 — An improper verification of cryptographic signature vulnerabili… 📄 التفاصيل ← |
NVD | An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiW… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2025-12-09
EDT: 2025-12-09
SA: 2025-12-09
|
| OT/ICS | Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Criti… 📄 التفاصيل ← | US-CERT | Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecuri… | No | 🔴 Critical | Pro-Russia Hacktivists Conduct | Exploit | Apply vendor security patch |
UTC: 2025-12-05
EDT: 2025-12-05
SA: 2025-12-05
|
| Exploit |
CVE-2025-55182
Meta React Server Components Remote Code Execution Vulnerability — KEV 📄 التفاصيل ← |
CISA KEV | Meta React Server Components contains a remote code execution vulnerability that could allow unauthe… | Yes | 🔴 Critical | Meta React Server Components | Exploit | Apply patch by 2025-12-12 |
UTC: 2025-12-05
EDT: 2025-12-05
SA: 2025-12-05
|
| Fortinet |
CVE-2025-64446
CVSS 9.8 CVE-2025-64446 — Fortinet: A relative path traversal vulnerability in Fortinet F… 📄 التفاصيل ← |
NVD | A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 thr… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2025-11-14
EDT: 2025-11-14
SA: 2025-11-14
|
| Network |
CVE-2025-53521
CVSS 9.8 CVE-2025-53521 — F5: When a BIG-IP APM access policy is configured on a virtual … 📄 التفاصيل ← |
NVD | When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can le… | No | 🔴 Critical | F5 BIG-IP | Exploit | Refer to CVE-2025-53521 NVD advisory |
UTC: 2025-10-15
EDT: 2025-10-15
SA: 2025-10-15
|
| Juniper |
CVE-2025-59978
CVSS 9 CVE-2025-59978 — Juniper: An Improper Neutralization of Input During Web Page Ge… 📄 التفاصيل ← |
NVD | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vu… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v24.1 |
UTC: 2025-10-09
EDT: 2025-10-09
SA: 2025-10-09
|
| Cisco |
CVE-2025-20333
Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Thre… 📄 التفاصيل ← |
CISA KEV | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Sof… | Yes | 🔴 Critical | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense | APT | Apply patch by 2025-09-26 |
UTC: 2025-09-25
EDT: 2025-09-25
SA: 2025-09-25
|
| Cisco |
CVE-2025-20363
CVSS 9 CVE-2025-20363 — A vulnerability in the web services of Cisco Secure Firewall Ad… 📄 التفاصيل ← |
NVD | A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Softw… | No | 🔴 Critical | Cisco IOS XE 17.x | APT | Cisco Security Advisory |
UTC: 2025-09-25
EDT: 2025-09-25
SA: 2025-09-25
|
| Exploit |
CVE-2025-59528
Exploit for Code Injection in Flowiseai Flowise 📄 التفاصيل ← |
Vulners | CVE-2025-59528: Flowise CustomMCP Remote Code Execution PoC A Go proof of concept for CVE-2025-59528… | Yes | 🔴 Critical | AI Attack | Refer to CVE-2025-59528 NVD advisory |
UTC: 2025-09-22
EDT: 2025-09-22
SA: 2025-09-22
|
|
| Malware | Thorium 101: Inside CISA’s Open Source Malware Analysis Platform 📄 التفاصيل ← | Pulsedive Blog | CISA’s new open-source malware analysis tool Thorium is designed for customization, safety, and real… | No | 🔴 Critical | Thorium 101: Inside | Malware | Apply vendor security patch |
UTC: 2025-09-10
EDT: 2025-09-10
SA: 2025-09-10
|
| General |
CVE-2025-36890
CVSS 9.8 CVE-2025-36890 — Elevation of Privilege 📄 التفاصيل ← |
NVD | Elevation of Privilege | No | 🔴 Critical | Elevation of Privilege | Exploit | Refer to CVE-2025-36890 NVD advisory |
UTC: 2025-09-04
EDT: 2025-09-04
SA: 2025-09-04
|
| Android |
CVE-2025-36896
CVSS 9.8 CVE-2025-36896 — WLAN in Android before 2025-09-05 on Google Pixel devices allow… 📄 التفاصيل ← |
NVD | WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-39476… | No | 🔴 Critical | Android 14/13 | Exploit | Refer to CVE-2025-36896 NVD advisory |
UTC: 2025-09-04
EDT: 2025-09-04
SA: 2025-09-04
|
| OT/ICS |
CVE-2025-36897
CVSS 9.8 CVE-2025-36897 — In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out… 📄 التفاصيل ← |
NVD | In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing bou… | No | 🔴 Critical | In unknown of | Exploit | Refer to CVE-2025-36897 NVD advisory |
UTC: 2025-09-04
EDT: 2025-09-04
SA: 2025-09-04
|
| Android |
CVE-2025-36904
CVSS 9.8 CVE-2025-36904 — WLAN in Android before 2025-09-05 on Google Pixel devices allow… 📄 التفاصيل ← |
NVD | WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-39645… | No | 🔴 Critical | Android 14/13 | Exploit | Refer to CVE-2025-36904 NVD advisory |
UTC: 2025-09-04
EDT: 2025-09-04
SA: 2025-09-04
|
| General |
CVE-2025-58357
CVSS 9.6 CVE-2025-58357 — 5ire is a cross-platform desktop artificial intelligence assist… 📄 التفاصيل ← |
NVD | 5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client… | No | 🔴 Critical | Intel | Exploit | Update to v0.13.2 |
UTC: 2025-09-04
EDT: 2025-09-04
SA: 2025-09-04
|
| Check Point |
CVE-2025-57052
CVSS 9.8 CVE-2025-57052 — Check Point: cJSON 1.5.0 through 1.7.18 allows out-of-bounds ac… 📄 التفاصيل ← |
NVD | cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer funct… | No | 🔴 Critical | Check Point | Exploit | Refer to CVE-2025-57052 NVD advisory |
UTC: 2025-09-03
EDT: 2025-09-03
SA: 2025-09-03
|
| Vulnerability |
CVE-2025-1740
CVSS 9.8 CVE-2025-1740 — GHSA: Improper Restriction of Excessive Authentication Attempts … 📄 التفاصيل ← |
GHSA | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows … | No | 🔴 Critical | GHSA: Improper Restriction | Exploit |
UTC: 2025-09-03
EDT: 2025-09-03
SA: 2025-09-03
|
|
| Fortinet |
CVE-2025-25256
CVSS 9.8 CVE-2025-25256 — An improper neutralization of special elements used in an OS co… 📄 التفاصيل ← |
NVD | An improper neutralization of special elements used in an OS command ('OS Command Injection… | No | 🔴 Critical | Fortinet | Exploit | Update to v7.3.0 | Fortinet PSIRT Advisory |
UTC: 2025-08-12
EDT: 2025-08-12
SA: 2025-08-12
|
| Dell |
CVE-2025-36594
CVSS 9.8 CVE-2025-36594 — Dell: Dell PowerProtect Data Domain with Data Domain Operating … 📄 التفاصيل ← |
NVD | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions … | No | 🔴 Critical | Dell: Dell PowerProtect | Exploit | Update to v7.7.1 |
UTC: 2025-08-04
EDT: 2025-08-04
SA: 2025-08-04
|
| Microsoft | CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proa… 📄 التفاصيل ← | US-CERT | Summary The Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Coast Guard (USCG) are … | No | 🔴 Critical | CISA and USCG | Exploit | Apply vendor security patch |
UTC: 2025-07-29
EDT: 2025-07-29
SA: 2025-07-29
|
| Microsoft | #StopRansomware: Interlock 📄 التفاصيل ← | US-CERT | Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publ… | Yes | 🔴 Critical | #StopRansomware: Interlock | Ransomware | Apply vendor security patch |
UTC: 2025-07-21
EDT: 2025-07-21
SA: 2025-07-21
|
| Fortinet |
CVE-2025-25257
CVSS 9.8 CVE-2025-25257 — Fortinet: An improper neutralization of special elements used i… 📄 التفاصيل ← |
NVD | An improper neutralization of special elements used in an SQL command ('SQL Injection') vu… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2025-07-17
EDT: 2025-07-17
SA: 2025-07-17
|
| VMware |
CVE-2025-41236
CVSS 9.3 CVE-2025-41236 — VMware ESXi, Workstation, and Fusion contain an integer-overflo… 📄 التفاصيل ← |
NVD | VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtua… | No | 🔴 Critical | VMware vSphere/ESXi 8.0 | APT | Refer to CVE-2025-41236 NVD advisory |
UTC: 2025-07-15
EDT: 2025-07-15
SA: 2025-07-15
|
| VMware |
CVE-2025-41237
CVSS 9.3 CVE-2025-41237 — VMware ESXi, Workstation, and Fusion contain an integer-underfl… 📄 التفاصيل ← |
NVD | VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communica… | No | 🔴 Critical | VMware vSphere/ESXi 8.0 | Exploit | Refer to CVE-2025-41237 NVD advisory |
UTC: 2025-07-15
EDT: 2025-07-15
SA: 2025-07-15
|
| VMware |
CVE-2025-41238
CVSS 9.3 CVE-2025-41238 — VMware ESXi, Workstation, and Fusion contain a heap-overflow vu… 📄 التفاصيل ← |
NVD | VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtua… | No | 🔴 Critical | VMware vSphere/ESXi 8.0 | Exploit | Refer to CVE-2025-41238 NVD advisory |
UTC: 2025-07-15
EDT: 2025-07-15
SA: 2025-07-15
|
| Juniper |
CVE-2025-52950
CVSS 9.6 CVE-2025-52950 — Juniper: A Missing Authorization vulnerability in Juniper Netwo… 📄 التفاصيل ← |
NVD | A Missing Authorization vulnerability in Juniper Networks Security Director allows an unauthenticate… | No | 🔴 Critical | Juniper: A Missing Authorization | Exploit | Update to v24.4.1 |
UTC: 2025-07-11
EDT: 2025-07-11
SA: 2025-07-11
|
| IBM |
CVE-2025-36038
CVSS 9 CVE-2025-36038 — IBM: IBM WebSphere Application Server 8.5 and 9.0 could allow a… 📄 التفاصيل ← |
NVD | IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code… | No | 🔴 Critical | IBM: IBM WebSphere | Exploit | Refer to CVE-2025-36038 NVD advisory |
UTC: 2025-06-25
EDT: 2025-06-25
SA: 2025-06-25
|
| Network | Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management … 📄 التفاصيل ← | US-CERT | Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in re… | Yes | 🔴 Critical | Ransomware Actors Exploit | Ransomware | Apply vendor security patch |
UTC: 2025-06-12
EDT: 2025-06-12
SA: 2025-06-12
|
| Exploit |
CVE-2025-40908
CVSS 9.1 CVE-2025-40908 — YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowi… 📄 التفاصيل ← |
NVD | YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified | No | 🔴 Critical | YAML-LibYAML prior to | Exploit | Refer to CVE-2025-40908 NVD advisory |
UTC: 2025-06-01
EDT: 2025-06-01
SA: 2025-06-01
|
| Exploit |
CVE-2025-5408
CVSS 9.8 CVE-2025-5408 — A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, W… 📄 التفاصيل ← |
NVD | A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 … | No | 🔴 Critical | A vulnerability was | Exploit | Refer to CVE-2025-5408 NVD advisory |
UTC: 2025-06-01
EDT: 2025-06-01
SA: 2025-06-01
|
| Fortinet |
CVE-2025-22252
CVSS 9.8 CVE-2025-22252 — Fortinet: A missing authentication for critical function in For… 📄 التفاصيل ← |
NVD | A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, … | No | 🔴 Critical | Fortinet FortiOS 7.4.x | Exploit | Update to v7.6.0 | Fortinet PSIRT Advisory |
UTC: 2025-05-28
EDT: 2025-05-28
SA: 2025-05-28
|
| Exploit |
CVE-2025-4428
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability — KEV 📄 التفاصيل ← |
CISA KEV | Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component t… | Yes | 🔴 Critical | Ivanti Endpoint Manager Mobile (EPMM) | Exploit | Apply patch by 2025-06-09 |
UTC: 2025-05-19
EDT: 2025-05-19
SA: 2025-05-19
|
| OT/ICS |
CVE-2023-49641
CVSS 9.8 CVE-2023-49641 — Billing Software v1.0 is vulnerable to multiple Unauthenticated… 📄 التفاصيل ← |
NVD | Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The &… | No | 🔴 Critical | PHP | Exploit | Refer to CVE-2023-49641 NVD advisory |
UTC: 2025-05-13
EDT: 2025-05-13
SA: 2025-05-13
|
| iOS |
CVE-2025-30012
CVSS 10 CVE-2025-30012 — The Live Auction Cockpit in SAP Supplier Relationship Managemen… 📄 التفاصيل ← |
NVD | The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet… | No | 🔴 Critical | SAP | Exploit | Refer to CVE-2025-30012 NVD advisory |
UTC: 2025-05-13
EDT: 2025-05-13
SA: 2025-05-13
|
| Fortinet |
CVE-2025-32756
CVSS 9.8 CVE-2025-32756 — A stack-based buffer overflow vulnerability [CWE-121] vulnerabi… 📄 التفاصيل ← |
NVD | A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 th… | No | 🔴 Critical | Fortinet | Exploit | Update to v1.1 | Fortinet PSIRT Advisory |
UTC: 2025-05-13
EDT: 2025-05-13
SA: 2025-05-13
|
| Check Point |
CVE-2025-30159
CVSS 9.1 CVE-2025-30159 — Check Point: Kirby is an open-source content management system.… 📄 التفاصيل ← |
NVD | Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.1… | No | 🔴 Critical | Check Point | Exploit | Update to v3.9.8 |
UTC: 2025-05-13
EDT: 2025-05-13
SA: 2025-05-13
|
| Check Point |
CVE-2025-31493
CVSS 9.1 CVE-2025-31493 — Check Point: Kirby is an open-source content management system.… 📄 التفاصيل ← |
NVD | Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.1… | No | 🔴 Critical | Check Point | Exploit | Update to v3.9.8 |
UTC: 2025-05-13
EDT: 2025-05-13
SA: 2025-05-13
|
| Cisco |
CVE-2025-20188
CVSS 10 CVE-2025-20188 — A vulnerability in the Out-of-Band Access Point (AP) Image Down… 📄 التفاصيل ← |
NVD | A vulnerability in the Out-of-Band Access Point (AP) Image Download, the Clean Air Spectral Recordin… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2025-05-07
EDT: 2025-05-07
SA: 2025-05-07
|
| Vulnerability |
CVE-2025-2905
CVSS 9.1 CVE-2025-2905 — Due to the improper configuration of XML parser, user-supplied X… 📄 التفاصيل ← |
NVD | Due to the improper configuration of XML parser, user-supplied XML is parsed without applying suffic… | No | 🔴 Critical | Due to the | Exploit | Refer to CVE-2025-2905 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-45042
CVSS 9.8 CVE-2025-45042 — Tenda AC9 v15.03.05.14 was discovered to contain a command inje… 📄 التفاصيل ← |
NVD | Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet fu… | No | 🔴 Critical | Tenda AC9 | Exploit | Refer to CVE-2025-45042 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Network |
CVE-2024-57229
CVSS 9.8 CVE-2024-57229 — NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to c… 📄 التفاصيل ← |
NVD | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerabil… | No | 🔴 Critical | NETGEAR RAX5 (AX1600 | Exploit | Refer to CVE-2024-57229 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Network |
CVE-2024-57230
CVSS 9.8 CVE-2024-57230 — NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to c… 📄 التفاصيل ← |
NVD | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerabil… | No | 🔴 Critical | NETGEAR RAX5 (AX1600 | Exploit | Refer to CVE-2024-57230 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Network |
CVE-2024-57231
CVSS 9.8 CVE-2024-57231 — NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to c… 📄 التفاصيل ← |
NVD | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerabil… | No | 🔴 Critical | NETGEAR RAX5 (AX1600 | Exploit | Refer to CVE-2024-57231 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Network |
CVE-2024-57232
CVSS 9.8 CVE-2024-57232 — NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to c… 📄 التفاصيل ← |
NVD | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerabil… | No | 🔴 Critical | NETGEAR RAX5 (AX1600 | Exploit | Refer to CVE-2024-57232 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Network |
CVE-2024-57233
CVSS 9.8 CVE-2024-57233 — NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to c… 📄 التفاصيل ← |
NVD | NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerabil… | No | 🔴 Critical | NETGEAR RAX5 (AX1600 | Exploit | Refer to CVE-2024-57233 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Network |
CVE-2024-57234
CVSS 9.8 CVE-2024-57234 — NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to c… 📄 التفاصيل ← |
NVD | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerabil… | No | 🔴 Critical | NETGEAR RAX5 (AX1600 | Exploit | Refer to CVE-2024-57234 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Network |
CVE-2024-57235
CVSS 9.8 CVE-2024-57235 — NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to c… 📄 التفاصيل ← |
NVD | NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerabil… | No | 🔴 Critical | NETGEAR RAX5 (AX1600 | Exploit | Refer to CVE-2024-57235 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Containers |
CVE-2025-24977
CVSS 9.1 CVE-2025-24977 — OpenCTI is an open cyber threat intelligence (CTI) platform. Pr… 📄 التفاصيل ← |
NVD | OpenCTI is an open cyber threat intelligence (CTI) platform. Prior to version 6.4.11 any user with t… | No | 🔴 Critical | Intel | Exploit | Update to v6.4.11 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43842
CVSS 9.8 CVE-2025-43842 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43843
CVSS 9.8 CVE-2025-43843 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43844
CVSS 9.8 CVE-2025-43844 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43845
CVSS 9.8 CVE-2025-43845 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43846
CVSS 9.8 CVE-2025-43846 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43847
CVSS 9.8 CVE-2025-43847 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43848
CVSS 9.8 CVE-2025-43848 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-45238
CVSS 9.1 CVE-2025-45238 — foxcms v1.2.5 was discovered to contain an arbitrary file delet… 📄 التفاصيل ← |
NVD | foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreS… | No | 🔴 Critical | foxcms | Exploit | Refer to CVE-2025-45238 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Browser |
CVE-2025-4052
CVSS 9.8 CVE-2025-4052 — Inappropriate implementation in DevTools in Google Chrome prior … 📄 التفاصيل ← |
NVD | Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote at… | No | 🔴 Critical | Google Chrome 124.x | Exploit | Refer to CVE-2025-4052 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43849
CVSS 9.8 CVE-2025-43849 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43850
CVSS 9.8 CVE-2025-43850 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43851
CVSS 9.8 CVE-2025-43851 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-43852
CVSS 9.8 CVE-2025-43852 — Retrieval-based-Voice-Conversion-WebUI is a voice changing fram… 📄 التفاصيل ← |
NVD | Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231… | No | 🔴 Critical | Retrieval-based-Voice-Conversion-WebUI is a | Exploit | Update to v2.2.231006 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| iOS |
CVE-2025-1909
CVSS 9.8 CVE-2025-1909 — The BuddyBoss Platform Pro plugin for WordPress is vulnerable to… 📄 التفاصيل ← |
NVD | The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions u… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Update to v2.7.01 |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-45607
CVSS 9.8 CVE-2025-45607 — An issue in the component /manage/ of itranswarp v2.19 allows a… 📄 التفاصيل ← |
NVD | An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via… | No | 🔴 Critical | An issue in | Exploit | Refer to CVE-2025-45607 NVD advisory |
UTC: 2025-05-05
EDT: 2025-05-05
SA: 2025-05-05
|
| Vulnerability |
CVE-2025-4144
CVSS 9.8 CVE-2025-4144 — PKCE was implemented in the OAuth implementation in workers-oaut… 📄 التفاصيل ← |
NVD | PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP fram… | No | 🔴 Critical | PKCE was implemented | Exploit | Refer to CVE-2025-4144 NVD advisory |
UTC: 2025-05-01
EDT: 2025-05-01
SA: 2025-05-01
|
| Vulnerability |
CVE-2025-47154
CVSS 9 CVE-2025-47154 — LibJS in Ladybird before f5a6704 mishandles the freeing of the … 📄 التفاصيل ← |
NVD | LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that arguments_list references… | No | 🔴 Critical | LibJS in Ladybird | Exploit | Refer to CVE-2025-47154 NVD advisory |
UTC: 2025-05-01
EDT: 2025-05-01
SA: 2025-05-01
|
| Vulnerability |
CVE-2025-27007
CVSS 9.8 CVE-2025-27007 — Incorrect Privilege Assignment vulnerability in Brainstorm Forc… 📄 التفاصيل ← |
NVD | Incorrect Privilege Assignment vulnerability in Brainstorm Force OttoKit suretriggers allows Privile… | Yes | 🔴 Critical | Incorrect Privilege Assignment | Exploit | Refer to CVE-2025-27007 NVD advisory |
UTC: 2025-05-01
EDT: 2025-05-01
SA: 2025-05-01
|
| Cloud | Shadow Roles: AWS Defaults Can Open the Door to Service Takeover 📄 التفاصيل ← | Aqua Security | What if the biggest risk to your cloud environment wasn’t a misconfiguration you made, but one baked… | No | 🔴 Critical | Shadow Roles: AWS | Exploit | Apply vendor security patch |
UTC: 2025-04-29
EDT: 2025-04-29
SA: 2025-04-29
|
| OT/ICS | What’s Really Happening in Your Containers? Aqua’s Risk Assessment Has the Answe… 📄 التفاصيل ← | Aqua Security | Containers may be mainstream, but securing them in production remains a moving target. As AI adoptio… | No | 🔴 Critical | What’s Really Happening | AI Attack | Apply vendor security patch |
UTC: 2025-04-23
EDT: 2025-04-23
SA: 2025-04-23
|
| Fortinet |
CVE-2024-48887
CVSS 9.8 CVE-2024-48887 — A unverified password change vulnerability in Fortinet FortiSw… 📄 التفاصيل ← |
NVD | A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthent… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2025-04-08
EDT: 2025-04-08
SA: 2025-04-08
|
| Web | Tomcat in the Crosshairs: New Research Reveals Ongoing Attacks 📄 التفاصيل ← | Aqua Security | News headlines reported that it took just 30 hours for attackers to exploit a newly discovered vulne… | No | 🔴 Critical | Apache HTTP Server 2.4.x | Malware | Apply vendor security patch |
UTC: 2025-04-02
EDT: 2025-04-02
SA: 2025-04-02
|
| Fortinet |
CVE-2023-40714
CVSS 9.9 CVE-2023-40714 — A relative path traversal in Fortinet FortiSIEM versions 7.0.0,… 📄 التفاصيل ← |
NVD | A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6… | No | 🔴 Critical | Fortinet | Exploit | Update to v7.0.0 | Fortinet PSIRT Advisory |
UTC: 2025-04-02
EDT: 2025-04-02
SA: 2025-04-02
|
| Containers |
CVE-2025-1097
IngressNightmare Vulnerabilities: All You Need to Know 📄 التفاصيل ← |
Aqua Security | On March 24, 2025, a series of several critical vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2… | No | 🔴 Critical | Kubernetes 1.30.x | Exploit | Refer to CVE-2025-1097 NVD advisory |
UTC: 2025-03-26
EDT: 2025-03-26
SA: 2025-03-26
|
| Fortinet |
CVE-2023-25610
CVSS 9.8 CVE-2023-25610 — Fortinet: A buffer underwrite ('buffer underflow') vu… 📄 التفاصيل ← |
NVD | A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of … | No | 🔴 Critical | Fortinet FortiOS 7.4.x | Exploit | Update to v7.2.0 | Fortinet PSIRT Advisory |
UTC: 2025-03-24
EDT: 2025-03-24
SA: 2025-03-24
|
| Synology |
CVE-2024-10441
CVSS 9.8 CVE-2024-10441 — Synology: Improper encoding or escaping of output vulnerability… 📄 التفاصيل ← |
NVD | Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeSta… | No | 🔴 Critical | Synology | Exploit | Refer to CVE-2024-10441 NVD advisory |
UTC: 2025-03-19
EDT: 2025-03-19
SA: 2025-03-19
|
| OT/ICS | Enhancing CA Practices: Key Updates in Mozilla Root Store Policy, v3.0 📄 التفاصيل ← | Mozilla Security | Mozilla remains committed to fostering a secure, agile, and transparent Web PKI ecosystem. The new M… | No | 🔴 Critical | Enhancing CA Practices: | Exploit | Update to v3.0 |
UTC: 2025-03-12
EDT: 2025-03-12
SA: 2025-03-12
|
| Web |
CVE-2025-22623
CVE-2025-22623 — Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be … 📄 التفاصيل ← |
NVD | Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be vulnerable. The web application dynam… | No | 🔴 Critical | Ad Inserter | Exploit | Refer to CVE-2025-22623 NVD advisory |
UTC: 2025-03-06
EDT: 2025-03-06
SA: 2025-03-06
|
| General |
CVE-2024-12144
CVSS 9.8 CVE-2024-12144 — Improper Neutralization of Special Elements used in an SQL Comm… 📄 التفاصيل ← |
NVD | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulne… | No | 🔴 Critical | Improper Neutralization of | Exploit | Refer to CVE-2024-12144 NVD advisory |
UTC: 2025-03-06
EDT: 2025-03-06
SA: 2025-03-06
|
| Web |
CVE-2025-1515
CVSS 9.8 CVE-2025-1515 — The WP Real Estate Manager plugin for WordPress is vulnerable to… 📄 التفاصيل ← |
NVD | The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versio… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Update to v2.8. |
UTC: 2025-03-05
EDT: 2025-03-05
SA: 2025-03-05
|
| VMware |
CVE-2025-22224
CVSS 9.3 CVE-2025-22224 — VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Ti… 📄 التفاصيل ← |
NVD | VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads t… | No | 🔴 Critical | VMware vSphere/ESXi 8.0 | Exploit | Refer to CVE-2025-22224 NVD advisory |
UTC: 2025-03-04
EDT: 2025-03-04
SA: 2025-03-04
|
| Intel |
CVE-2023-6875
GreyNoise Detects Active Exploitation of CVEs Mentioned in Black Basta’s Leaked … 📄 التفاصيل ← |
GreyNoise Blog | Ransomware group Black Basta’s chat logs were leaked, revealing 62 mentioned CVEs (Source: VulnCheck… | Yes | 🔴 Critical | Intel Processor | Ransomware | Refer to CVE-2023-6875 NVD advisory |
UTC: 2025-02-26
EDT: 2025-02-26
SA: 2025-02-26
|
| OT/ICS |
CVE-2025-25286
CVSS 9.8 CVE-2025-25286 — Crayfish is a collection of Islandora 8 microservices, one of w… 📄 التفاصيل ← |
NVD | Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a m… | No | 🔴 Critical | Crayfish is a | Exploit | Update to v4.1.0 |
UTC: 2025-02-13
EDT: 2025-02-13
SA: 2025-02-13
|
| Palo Alto |
CVE-2025-0108
CVSS 9.1 CVE-2025-0108 — Palo Alto: An authentication bypass in the Palo Alto Networks PA… 📄 التفاصيل ← |
NVD | An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attack… | No | 🔴 Critical | Palo Alto PAN-OS | Palo Alto Networks | Exploit | Refer to CVE-2025-0108 NVD advisory |
UTC: 2025-02-12
EDT: 2025-02-12
SA: 2025-02-12
|
| Linux |
CVE-2022-1736
CVSS 9.8 CVE-2022-1736 — Linux: Ubuntu's configuration of gnome-control-center allow… 📄 التفاصيل ← |
NVD | Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by … | No | 🔴 Critical | Ubuntu 22.04/20.04 LTS | Exploit | Refer to CVE-2022-1736 NVD advisory |
UTC: 2025-01-31
EDT: 2025-01-31
SA: 2025-01-31
|
| General |
CVE-2025-24601
CVSS 9.8 CVE-2025-24601 — Deserialization of Untrusted Data vulnerability in ThimPress Fu… 📄 التفاصيل ← |
NVD | Deserialization of Untrusted Data vulnerability in ThimPress FundPress fundpress allows Object Injec… | No | 🔴 Critical | Deserialization of Untrusted | Exploit | Refer to CVE-2025-24601 NVD advisory |
UTC: 2025-01-27
EDT: 2025-01-27
SA: 2025-01-27
|
| VMware |
CVE-2025-21535
CVSS 9.8 CVE-2025-21535 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). … | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2025-01-21
EDT: 2025-01-21
SA: 2025-01-21
|
| Fortinet |
CVE-2024-55591
CVSS 9.8 CVE-2024-55591 — Fortinet: An Authentication Bypass Using an Alternate Path or C… 📄 التفاصيل ← |
NVD | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiO… | No | 🔴 Critical | Fortinet FortiOS 7.4.x | Exploit | Update to v7.0.0 | Fortinet PSIRT Advisory |
UTC: 2025-01-14
EDT: 2025-01-14
SA: 2025-01-14
|
| Fortinet |
CVE-2024-48886
CVSS 9 CVE-2024-48886 — Fortinet: A weak authentication in Fortinet FortiOS versions 7.… 📄 التفاصيل ← |
NVD | A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 t… | No | 🔴 Critical | Fortinet FortiOS 7.4.x | Exploit | Update to v7.4.0 | Fortinet PSIRT Advisory |
UTC: 2025-01-14
EDT: 2025-01-14
SA: 2025-01-14
|
| Fortinet |
CVE-2023-37936
CVSS 9.8 CVE-2023-37936 — A use of hard-coded cryptographic key in Fortinet FortiSwitch v… 📄 التفاصيل ← |
NVD | A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 … | No | 🔴 Critical | Fortinet | Exploit | Update to v7.4.0 | Fortinet PSIRT Advisory |
UTC: 2025-01-14
EDT: 2025-01-14
SA: 2025-01-14
|
| Fortinet |
CVE-2024-47572
CVSS 9 CVE-2024-47572 — An improper neutralization of formula elements in a csv file in… 📄 التفاصيل ← |
NVD | An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through 7.4… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2025-01-14
EDT: 2025-01-14
SA: 2025-01-14
|
| Palo Alto |
CVE-2025-0107
CVSS 9.8 CVE-2025-0107 — Palo Alto: An OS command injection vulnerability in Palo Alto Ne… 📄 التفاصيل ← |
NVD | An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated at… | No | 🔴 Critical | Palo Alto PAN-OS | Palo Alto Networks | Exploit | Refer to CVE-2025-0107 NVD advisory |
UTC: 2025-01-11
EDT: 2025-01-11
SA: 2025-01-11
|
| Palo Alto |
CVE-2025-0105
CVSS 9.1 CVE-2025-0105 — An arbitrary file deletion vulnerability in Palo Alto Networks E… 📄 التفاصيل ← |
NVD | An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Exploit | Refer to CVE-2025-0105 NVD advisory |
UTC: 2025-01-11
EDT: 2025-01-11
SA: 2025-01-11
|
| Fortinet |
CVE-2023-34990
CVSS 9.8 CVE-2023-34990 — A relative path traversal in Fortinet FortiWLM version 8.6.0 th… 📄 التفاصيل ← |
NVD | A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 a… | No | 🔴 Critical | Fortinet | Exploit | Update to v8.6.0 | Fortinet PSIRT Advisory |
UTC: 2024-12-18
EDT: 2024-12-18
SA: 2024-12-18
|
| QNAP |
CVE-2024-48859
CVSS 9.1 CVE-2024-48859 — QNAP: An improper authentication vulnerability has been reporte… 📄 التفاصيل ← |
NVD | An improper authentication vulnerability has been reported to affect several QNAP operating system v… | No | 🔴 Critical | QNAP NAS | Exploit | Update to v5.1.9 |
UTC: 2024-12-06
EDT: 2024-12-06
SA: 2024-12-06
|
| QNAP |
CVE-2024-50393
CVSS 9.8 CVE-2024-50393 — QNAP: A command injection vulnerability has been reported to af… 📄 التفاصيل ← |
NVD | A command injection vulnerability has been reported to affect several QNAP operating system versions… | No | 🔴 Critical | QNAP NAS | Exploit | Update to v5.1.9 |
UTC: 2024-12-06
EDT: 2024-12-06
SA: 2024-12-06
|
| Oracle |
CVE-2024-53908
CVSS 9.8 CVE-2024-53908 — An issue was discovered in Django 5.1 before 5.1.4, 5.0 before … 📄 التفاصيل ← |
NVD | An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct… | No | 🔴 Critical | Oracle Database | Exploit | Refer to CVE-2024-53908 NVD advisory |
UTC: 2024-12-06
EDT: 2024-12-06
SA: 2024-12-06
|
| Supermicro |
CVE-2023-48010
CVSS 9.8 CVE-2023-48010 — Supermicro: STMicroelectronics SPC58 is vulnerable to Missing P… 📄 التفاصيل ← |
NVD | STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware Interf… | No | 🔴 Critical | Supermicro: STMicroelectronics SPC58 | ICS/OT | Refer to CVE-2023-48010 NVD advisory |
UTC: 2024-12-05
EDT: 2024-12-05
SA: 2024-12-05
|
| Palo Alto |
CVE-2024-0012
CVSS 9.8 CVE-2024-0012 — Palo Alto: An authentication bypass in Palo Alto Networks PAN-OS… 📄 التفاصيل ← |
NVD | An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker w… | No | 🔴 Critical | Palo Alto PAN-OS | Palo Alto Networks | Exploit | Refer to CVE-2024-0012 NVD advisory |
UTC: 2024-11-18
EDT: 2024-11-18
SA: 2024-11-18
|
| OT/ICS |
CVE-2024-8956
PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability — KEV 📄 التفاصيل ← |
CISA KEV | PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability tha… | Yes | 🔴 Critical | PTZOptics PT30X-SDI/NDI Cameras | ICS/OT | Apply patch by 2024-11-25 |
UTC: 2024-11-04
EDT: 2024-11-04
SA: 2024-11-04
|
| Fortinet |
CVE-2024-47575
CVSS 9.8 CVE-2024-47575 — A missing authentication for critical function in FortiManager … 📄 التفاصيل ← |
NVD | A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4… | Yes | 🔴 Critical | Fortinet FortiManager | Exploit | Fortinet PSIRT Advisory |
UTC: 2024-10-23
EDT: 2024-10-23
SA: 2024-10-23
|
| VMware |
CVE-2024-21216
CVSS 9.8 CVE-2024-21216 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). … | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2024-10-15
EDT: 2024-10-15
SA: 2024-10-15
|
| Browser | Behind the Scenes: Fixing an In-the-Wild Firefox Exploit 📄 التفاصيل ← | Mozilla Security | At Mozilla, browser security is a critical mission, and part of that mission involves responding swi… | No | 🔴 Critical | Mozilla Firefox 125.x | Exploit | Apply vendor security patch |
UTC: 2024-10-11
EDT: 2024-10-11
SA: 2024-10-11
|
| General |
CVE-2024-32608
CVSS 9.8 CVE-2024-32608 — HDF5 library through 1.14.3 has memory corruption in H5A__close… 📄 التفاصيل ← |
NVD | HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the i… | No | 🔴 Critical | HDF5 library | DDoS | Refer to CVE-2024-32608 NVD advisory |
UTC: 2024-10-09
EDT: 2024-10-09
SA: 2024-10-09
|
| General |
CVE-2024-45160
CVSS 9.1 CVE-2024-45160 — Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.1… 📄 التفاصيل ← |
NVD | Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to… | No | 🔴 Critical | Incorrect credential validation | Exploit | Refer to CVE-2024-45160 NVD advisory |
UTC: 2024-10-09
EDT: 2024-10-09
SA: 2024-10-09
|
| General |
CVE-2023-46586
CVSS 9.1 CVE-2023-46586 — cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks … 📄 التفاصيل ← |
NVD | cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\0' termination of the pat… | No | 🔴 Critical | cgi.c in weborf | Exploit | Refer to CVE-2023-46586 NVD advisory |
UTC: 2024-10-09
EDT: 2024-10-09
SA: 2024-10-09
|
| Palo Alto |
CVE-2024-9465
CVSS 9.1 CVE-2024-9465 — An SQL injection vulnerability in Palo Alto Networks Expedition … 📄 التفاصيل ← |
NVD | An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker t… | Yes | 🔴 Critical | Palo Alto PAN-OS 11.x | Exploit | Refer to CVE-2024-9465 NVD advisory |
UTC: 2024-10-09
EDT: 2024-10-09
SA: 2024-10-09
|
| VMware |
CVE-2024-25825
CVSS 9.8 CVE-2024-25825 — FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS fo… 📄 التفاصيل ← |
NVD | FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114 we… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2024-25825 NVD advisory |
UTC: 2024-10-09
EDT: 2024-10-09
SA: 2024-10-09
|
| Palo Alto |
CVE-2024-5914
CVSS 9.8 CVE-2024-5914 — A command injection issue in Palo Alto Networks Cortex XSOAR Com… 📄 التفاصيل ← |
NVD | A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenti… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Exploit | Refer to CVE-2024-5914 NVD advisory |
UTC: 2024-08-14
EDT: 2024-08-14
SA: 2024-08-14
|
| VMware |
CVE-2024-21181
CVSS 9.8 CVE-2024-21181 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). … | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2024-07-16
EDT: 2024-07-16
SA: 2024-07-16
|
| Palo Alto |
CVE-2024-5910
CVSS 9.8 CVE-2024-5910 — Missing authentication for a critical function in Palo Alto Netw… 📄 التفاصيل ← |
NVD | Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Exped… | Yes | 🔴 Critical | Palo Alto PAN-OS 11.x | Exploit | Refer to CVE-2024-5910 NVD advisory |
UTC: 2024-07-10
EDT: 2024-07-10
SA: 2024-07-10
|
| Juniper |
CVE-2024-2973
CVSS 10 CVE-2024-2973 — Juniper: An Authentication Bypass Using an Alternate Path or Cha… 📄 التفاصيل ← |
NVD | An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Sessio… | No | 🔴 Critical | Juniper: An Authentication | Exploit | Update to v5.6.15 |
UTC: 2024-06-27
EDT: 2024-06-27
SA: 2024-06-27
|
| Check Point |
CVE-2024-38541
CVSS 9.8 CVE-2024-38541 — Check Point: In the Linux kernel, the following vulnerability h… 📄 التفاصيل ← |
NVD | In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2024-38541 NVD advisory |
UTC: 2024-06-19
EDT: 2024-06-19
SA: 2024-06-19
|
| Check Point |
CVE-2024-5695
CVSS 9.8 CVE-2024-5695 — Check Point: If an out-of-memory condition occurs at a specific … 📄 التفاصيل ← |
NVD | If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap… | No | 🔴 Critical | Mozilla Firefox 125.x | Exploit | Refer to CVE-2024-5695 NVD advisory |
UTC: 2024-06-11
EDT: 2024-06-11
SA: 2024-06-11
|
| VMware |
CVE-2024-22267
CVSS 9.3 CVE-2024-22267 — VMware Workstation and Fusion contain a use-after-free vulnerab… 📄 التفاصيل ← |
NVD | VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A mal… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2024-22267 NVD advisory |
UTC: 2024-05-14
EDT: 2024-05-14
SA: 2024-05-14
|
| QNAP |
CVE-2024-32766
CVSS 10 CVE-2024-32766 — QNAP: An OS command injection vulnerability has been reported t… 📄 التفاصيل ← |
NVD | An OS command injection vulnerability has been reported to affect several QNAP operating system vers… | No | 🔴 Critical | QNAP NAS | Exploit | Update to v5.1.3 |
UTC: 2024-04-26
EDT: 2024-04-26
SA: 2024-04-26
|
| Palo Alto |
CVE-2024-3400
CVSS 10 CVE-2024-3400 — A command injection as a result of arbitrary file creation vulne… 📄 التفاصيل ← |
NVD | A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect featur… | Yes | 🔴 Critical | Palo Alto PAN-OS | Palo Alto Networks | Palo Alto GlobalProtect | Exploit | Refer to CVE-2024-3400 NVD advisory |
UTC: 2024-04-12
EDT: 2024-04-12
SA: 2024-04-12
|
| Fortinet |
CVE-2023-45590
CVSS 9.6 CVE-2023-45590 — An improper control of generation of code ('code injection… 📄 التفاصيل ← |
NVD | An improper control of generation of code ('code injection') in Fortinet FortiClientLinux … | No | 🔴 Critical | Fortinet | Exploit | Update to v7.2.0 | Fortinet PSIRT Advisory |
UTC: 2024-04-09
EDT: 2024-04-09
SA: 2024-04-09
|
| Synology |
CVE-2024-29241
CVSS 9.9 CVE-2024-29241 — Synology: Missing authorization vulnerability in System webapi … 📄 التفاصيل ← |
NVD | Missing authorization vulnerability in System webapi component in Synology Surveillance Station befo… | No | 🔴 Critical | Synology | Exploit | Refer to CVE-2024-29241 NVD advisory |
UTC: 2024-03-28
EDT: 2024-03-28
SA: 2024-03-28
|
| Fortinet |
CVE-2023-48788
CVSS 9.8 CVE-2023-48788 — A improper neutralization of special elements used in an sql co… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an sql command ('sql injection') in … | Yes | 🔴 Critical | Fortinet | Exploit | Update to v7.2.0 | Fortinet PSIRT Advisory |
UTC: 2024-03-12
EDT: 2024-03-12
SA: 2024-03-12
|
| Fortinet |
CVE-2023-42789
CVSS 9.8 CVE-2023-42789 — A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, … 📄 التفاصيل ← |
NVD | A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.… | No | 🔴 Critical | Fortinet FortiOS | Apple iOS | Exploit | Fortinet PSIRT Advisory |
UTC: 2024-03-12
EDT: 2024-03-12
SA: 2024-03-12
|
| Fortinet |
CVE-2023-47534
CVSS 9.6 CVE-2023-47534 — A improper neutralization of formula elements in a csv file in … 📄 التفاصيل ← |
NVD | A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0… | No | 🔴 Critical | Fortinet | Exploit | Update to v7.2.0 | Fortinet PSIRT Advisory |
UTC: 2024-03-12
EDT: 2024-03-12
SA: 2024-03-12
|
| QNAP |
CVE-2024-21899
CVSS 9.8 CVE-2024-21899 — QNAP: An improper authentication vulnerability has been reporte… 📄 التفاصيل ← |
NVD | An improper authentication vulnerability has been reported to affect several QNAP operating system v… | No | 🔴 Critical | QNAP NAS | Exploit | Update to v5.1.3 |
UTC: 2024-03-08
EDT: 2024-03-08
SA: 2024-03-08
|
| Check Point |
CVE-2024-22857
CVSS 9.8 CVE-2024-22857 — Check Point: Heap based buffer flow in zlog v1.1.0 to v1.2.17 i… 📄 التفاصيل ← |
NVD | Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlog_rule_new().The size of record_name is MAXLE… | No | 🔴 Critical | Check Point | Exploit | Refer to CVE-2024-22857 NVD advisory |
UTC: 2024-03-07
EDT: 2024-03-07
SA: 2024-03-07
|
| VMware |
CVE-2024-22252
CVSS 9.3 CVE-2024-22252 — VMware: VMware ESXi, Workstation, and Fusion contain a use-afte… 📄 التفاصيل ← |
NVD | VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controll… | No | 🔴 Critical | VMware vSphere/ESXi 8.0 | Exploit | Refer to CVE-2024-22252 NVD advisory |
UTC: 2024-03-05
EDT: 2024-03-05
SA: 2024-03-05
|
| VMware |
CVE-2024-22253
CVSS 9.3 CVE-2024-22253 — VMware: VMware ESXi, Workstation, and Fusion contain a use-afte… 📄 التفاصيل ← |
NVD | VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controll… | No | 🔴 Critical | VMware vSphere/ESXi 8.0 | Exploit | Refer to CVE-2024-22253 NVD advisory |
UTC: 2024-03-05
EDT: 2024-03-05
SA: 2024-03-05
|
| Microsoft |
CVE-2024-22245
CVSS 9.6 CVE-2024-22245 — Arbitrary Authentication Relay and Session Hijack vulnerabiliti… 📄 التفاصيل ← |
NVD | Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced … | No | 🔴 Critical | Microsoft Active Directory | Exploit | Refer to CVE-2024-22245 NVD advisory |
UTC: 2024-02-20
EDT: 2024-02-20
SA: 2024-02-20
|
| Fortinet |
CVE-2024-23113
CVSS 9.8 CVE-2024-23113 — A use of externally-controlled format string in Fortinet FortiO… 📄 التفاصيل ← |
NVD | A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0… | No | 🔴 Critical | Fortinet FortiOS | Fortinet | Apple iOS | Exploit | Update to v7.4.0 | Fortinet PSIRT Advisory |
UTC: 2024-02-15
EDT: 2024-02-15
SA: 2024-02-15
|
| Microsoft |
CVE-2024-21410
CVSS 9.8 CVE-2024-21410 — Microsoft: Microsoft Exchange Server Elevation of Privilege Vul… 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Elevation of Privilege Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2024-02-13
EDT: 2024-02-13
SA: 2024-02-13
|
| Fortinet |
CVE-2024-21762
CVSS 9.8 CVE-2024-21762 — A out-of-bounds write in Fortinet FortiOS versions 7.4.0 throug… 📄 التفاصيل ← |
NVD | A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 t… | Yes | 🔴 Critical | Fortinet FortiOS | Fortinet | Apple iOS | Exploit | Update to v7.4.0 | Fortinet PSIRT Advisory |
UTC: 2024-02-09
EDT: 2024-02-09
SA: 2024-02-09
|
| Browser |
CVE-2024-1283
CVSS 9.8 CVE-2024-1283 — Heap buffer overflow in Skia in Google Chrome prior to 121.0.616… 📄 التفاصيل ← |
NVD | Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to p… | No | 🔴 Critical | Google Chrome 124.x | Exploit | Refer to CVE-2024-1283 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| Browser |
CVE-2024-1284
CVSS 9.8 CVE-2024-1284 — Use after free in Mojo in Google Chrome prior to 121.0.6167.160 … 📄 التفاصيل ← |
NVD | Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potenti… | No | 🔴 Critical | Google Chrome 124.x | Exploit | Refer to CVE-2024-1284 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| OT/ICS |
CVE-2024-24001
CVSS 9.8 CVE-2024-24001 — jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp… 📄 التفاصيل ← |
NVD | jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController: com.… | No | 🔴 Critical | jshERP | Exploit | Refer to CVE-2024-24001 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| OT/ICS |
CVE-2024-24002
CVSS 9.8 CVE-2024-24002 — jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.con… 📄 التفاصيل ← |
NVD | jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.MaterialController: com.jsh.e… | No | 🔴 Critical | jshERP | Exploit | Refer to CVE-2024-24002 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| OT/ICS |
CVE-2024-24004
CVSS 9.8 CVE-2024-24004 — jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.con… 📄 التفاصيل ← |
NVD | jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com.jsh.… | No | 🔴 Critical | jshERP | Exploit | Refer to CVE-2024-24004 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| General |
CVE-2024-24019
CVSS 9.8 CVE-2024-24019 — A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 a… 📄 التفاصيل ← |
NVD | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pa… | No | 🔴 Critical | A SQL injection | Exploit | Update to v4.3.0 |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| OT/ICS |
CVE-2023-46914
CVSS 9.8 CVE-2023-46914 — SQL Injection vulnerability in RM bookingcalendar module for Pr… 📄 التفاصيل ← |
NVD | SQL Injection vulnerability in RM bookingcalendar module for PrestaShop versions 2.7.9 and before, a… | No | 🔴 Critical | SQL Injection vulnerability | ICS/OT | Update to v2.7.9 |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| General |
CVE-2024-24303
CVSS 9.8 CVE-2024-24303 — SQL Injection vulnerability in HiPresta "Gift Wrapping Pro… 📄 التفاصيل ← |
NVD | SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) modul… | No | 🔴 Critical | SQL Injection vulnerability | Exploit | Update to v1.4.1 |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| General |
CVE-2024-24133
CVSS 9.8 CVE-2024-24133 — Atmail v6.6.0 was discovered to contain a SQL injection vulnera… 📄 التفاصيل ← |
NVD | Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on … | No | 🔴 Critical | Atmail | Exploit | Refer to CVE-2024-24133 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| General |
CVE-2024-24186
CVSS 9.8 CVE-2024-24186 — Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack… 📄 التفاصيل ← |
NVD | Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component IterGetKe… | No | 🔴 Critical | Jsish | Exploit | Refer to CVE-2024-24186 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| General |
CVE-2024-24188
CVSS 9.8 CVE-2024-24188 — Jsish v3.5.0 was discovered to contain a heap-buffer-overflow i… 📄 التفاصيل ← |
NVD | Jsish v3.5.0 was discovered to contain a heap-buffer-overflow in ./src/jsiUtils.c. | No | 🔴 Critical | Jsish | Exploit | Refer to CVE-2024-24188 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| General |
CVE-2024-24189
CVSS 9.8 CVE-2024-24189 — Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-a… 📄 التفاصيل ← |
NVD | Jsish v3.5.0 (commit 42c694c) was discovered to contain a use-after-free via the SplitChar at ./src/… | No | 🔴 Critical | Jsish | Exploit | Refer to CVE-2024-24189 NVD advisory |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| General |
CVE-2024-24811
CVSS 9.8 CVE-2024-24811 — SQLAlchemyDA is a generic database adapter for ZSQL methods. A … 📄 التفاصيل ← |
NVD | SQLAlchemyDA is a generic database adapter for ZSQL methods. A vulnerability found in versions prior… | No | 🔴 Critical | SQLAlchemyDA is a | APT | Update to v2.2 |
UTC: 2024-02-07
EDT: 2024-02-07
SA: 2024-02-07
|
| Network | [MàJ] Incident affectant les solutions AnyDesk (05 février 2024) 📄 التفاصيل ← | CERT-FR | \[Mise à jour du 27 février 2024\] Le 29 janvier 2024 l'ANSSI a été alertée par le BSI que l�… | No | 🔴 Critical | [MàJ] Incident affectant | Exploit | Apply vendor security patch |
UTC: 2024-02-05
EDT: 2024-02-05
SA: 2024-02-05
|
| Fortinet |
CVE-2024-23108
CVSS 10 CVE-2024-23108 — An improper neutralization of special elements used in an os co… 📄 التفاصيل ← |
NVD | An improper neutralization of special elements used in an os command ('os command injection… | Yes | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2024-02-05
EDT: 2024-02-05
SA: 2024-02-05
|
| Fortinet |
CVE-2024-23109
CVSS 10 CVE-2024-23109 — An improper neutralization of special elements used in an os co… 📄 التفاصيل ← |
NVD | An improper neutralization of special elements used in an os command ('os command injection… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2024-02-05
EDT: 2024-02-05
SA: 2024-02-05
|
| QNAP |
CVE-2023-45025
CVSS 9 CVE-2023-45025 — QNAP: An OS command injection vulnerability has been reported t… 📄 التفاصيل ← |
NVD | An OS command injection vulnerability has been reported to affect several QNAP operating system vers… | No | 🔴 Critical | QNAP NAS | Exploit | Update to v5.1.4 |
UTC: 2024-02-02
EDT: 2024-02-02
SA: 2024-02-02
|
| Juniper |
CVE-2024-21591
CVSS 9.8 CVE-2024-21591 — Juniper: An Out-of-bounds Write vulnerability in J-Web of Junip… 📄 التفاصيل ← |
NVD | An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Seri… | No | 🔴 Critical | Juniper JunOS | DDoS | Update to v20.4 |
UTC: 2024-01-12
EDT: 2024-01-12
SA: 2024-01-12
|
| OT/ICS |
CVE-2023-46805
Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability — KE… 📄 التفاصيل ← |
CISA KEV | Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateway… | Yes | 🔴 Critical | Ivanti Connect Secure and Policy Secure | ICS/OT | Apply patch by 2024-01-22 |
UTC: 2024-01-10
EDT: 2024-01-10
SA: 2024-01-10
|
| Fortinet |
CVE-2023-34991
CVSS 9.8 CVE-2023-34991 — A improper neutralization of special elements used in an sql co… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an sql command ('sql injection') in … | No | 🔴 Critical | Fortinet | Exploit | Update to v8.6.0 | Fortinet PSIRT Advisory |
UTC: 2023-11-14
EDT: 2023-11-14
SA: 2023-11-14
|
| Fortinet |
CVE-2023-36553
CVSS 9.8 CVE-2023-36553 — A improper neutralization of special elements used in an os com… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an os command ('os command injection'… | No | 🔴 Critical | Fortinet | Exploit | Update to v5.4.0 | Fortinet PSIRT Advisory |
UTC: 2023-11-14
EDT: 2023-11-14
SA: 2023-11-14
|
| VMware |
CVE-2023-34060
CVSS 9.8 CVE-2023-34060 — VMware Cloud Director Appliance contains an authentication bypa… 📄 التفاصيل ← |
NVD | VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud… | No | 🔴 Critical | VMware | Exploit | Update to v10.5 |
UTC: 2023-11-14
EDT: 2023-11-14
SA: 2023-11-14
|
| Network |
CVE-2023-46747
F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability — KEV 📄 التفاصيل ← |
CISA KEV | F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel… | Yes | 🔴 Critical | F5 BIG-IP Configuration Utility | Exploit | Apply patch by 2023-11-21 |
UTC: 2023-10-31
EDT: 2023-10-31
SA: 2023-10-31
|
| VMware |
CVE-2023-34051
CVSS 9.8 CVE-2023-34051 — VMware Aria Operations for Logs contains an authentication bypa… 📄 التفاصيل ← |
NVD | VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated,… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2023-34051 NVD advisory |
UTC: 2023-10-20
EDT: 2023-10-20
SA: 2023-10-20
|
| VMware |
CVE-2023-22069
CVSS 9.8 CVE-2023-22069 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). … | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2023-10-17
EDT: 2023-10-17
SA: 2023-10-17
|
| VMware |
CVE-2023-22072
CVSS 9.8 CVE-2023-22072 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). … | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2023-10-17
EDT: 2023-10-17
SA: 2023-10-17
|
| VMware |
CVE-2023-22089
CVSS 9.8 CVE-2023-22089 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). … | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2023-10-17
EDT: 2023-10-17
SA: 2023-10-17
|
| Cisco |
CVE-2023-20198
CVSS 10 CVE-2023-20198 — Cisco is providing an update for the ongoing investigation into… 📄 التفاصيل ← |
NVD | Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI … | Yes | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2023-10-16
EDT: 2023-10-16
SA: 2023-10-16
|
| Fortinet |
CVE-2023-34992
CVSS 10 CVE-2023-34992 — A improper neutralization of special elements used in an os com… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an os command ('os command injection'… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2023-10-10
EDT: 2023-10-10
SA: 2023-10-10
|
| Fortinet |
CVE-2023-34993
CVSS 9.8 CVE-2023-34993 — A improper neutralization of special elements used in an os com… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an os command ('os command injection'… | Yes | 🔴 Critical | Fortinet | Exploit | Update to v8.6.0 | Fortinet PSIRT Advisory |
UTC: 2023-10-10
EDT: 2023-10-10
SA: 2023-10-10
|
| Fortinet |
CVE-2023-36547
CVSS 9.8 CVE-2023-36547 — A improper neutralization of special elements used in an os com… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an os command ('os command injection'… | No | 🔴 Critical | Fortinet | Exploit | Update to v8.6.0 | Fortinet PSIRT Advisory |
UTC: 2023-10-10
EDT: 2023-10-10
SA: 2023-10-10
|
| Fortinet |
CVE-2023-36548
CVSS 9.8 CVE-2023-36548 — A improper neutralization of special elements used in an os com… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an os command ('os command injection'… | No | 🔴 Critical | Fortinet | Exploit | Update to v8.6.0 | Fortinet PSIRT Advisory |
UTC: 2023-10-10
EDT: 2023-10-10
SA: 2023-10-10
|
| Fortinet |
CVE-2023-36550
CVSS 9.8 CVE-2023-36550 — A improper neutralization of special elements used in an os com… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an os command ('os command injection'… | No | 🔴 Critical | Fortinet | Exploit | Update to v8.6.0 | Fortinet PSIRT Advisory |
UTC: 2023-10-10
EDT: 2023-10-10
SA: 2023-10-10
|
| Network |
CVE-2023-36845
CVSS 9.8 CVE-2023-36845 — A PHP External Variable Modification vulnerability in J-Web of … 📄 التفاصيل ← |
NVD | A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Serie… | Yes | 🔴 Critical | Juniper JunOS | Exploit | Update to v20.4 |
UTC: 2023-08-17
EDT: 2023-08-17
SA: 2023-08-17
|
| Microsoft |
CVE-2023-21709
CVSS 9.8 CVE-2023-21709 — Microsoft Exchange Server Elevation of Privilege Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Elevation of Privilege Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2023-08-08
EDT: 2023-08-08
SA: 2023-08-08
|
| Intel |
CVE-2023-37470
CVSS 10 CVE-2023-37470 — Metabase is an open-source business intelligence and analytics … 📄 التفاصيل ← |
NVD | Metabase is an open-source business intelligence and analytics platform. Prior to versions 0.43.7.3,… | No | 🔴 Critical | Intel Processor | ICS/OT | Update to v0.43.7 |
UTC: 2023-08-04
EDT: 2023-08-04
SA: 2023-08-04
|
| Fortinet |
CVE-2023-33308
CVSS 9.8 CVE-2023-33308 — A stack-based overflow vulnerability [CWE-124] in Fortinet Fort… 📄 التفاصيل ← |
NVD | A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and … | No | 🔴 Critical | Fortinet FortiOS | Apple iOS | Exploit | Update to v7.0.0 | Fortinet PSIRT Advisory |
UTC: 2023-07-26
EDT: 2023-07-26
SA: 2023-07-26
|
| Office |
CVE-2023-33150
CVSS 9.6 CVE-2023-33150 — Microsoft Office Security Feature Bypass Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Office Security Feature Bypass Vulnerability | No | 🔴 Critical | Microsoft Office Security | Exploit | Microsoft Patch Tuesday |
UTC: 2023-07-11
EDT: 2023-07-11
SA: 2023-07-11
|
| Fortinet |
CVE-2023-33299
CVSS 9.8 CVE-2023-33299 — A deserialization of untrusted data in Fortinet FortiNAC below … 📄 التفاصيل ← |
NVD | A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and a… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2023-06-23
EDT: 2023-06-23
SA: 2023-06-23
|
| VMware |
CVE-2023-20887
CVSS 9.8 CVE-2023-20887 — Aria Operations for Networks contains a command injection vulne… 📄 التفاصيل ← |
NVD | Aria Operations for Networks contains a command injection vulnerability. A malicious actor with netw… | Yes | 🔴 Critical | VMware | Exploit | Refer to CVE-2023-20887 NVD advisory |
UTC: 2023-06-07
EDT: 2023-06-07
SA: 2023-06-07
|
| Linux |
CVE-2023-2319
CVSS 9.8 CVE-2023-2319 — It was discovered that an update for PCS package in RHBA-2023:21… 📄 التفاصيل ← |
NVD | It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red H… | No | 🔴 Critical | Red Hat Enterprise Linux | Exploit | Refer to CVE-2023-2319 NVD advisory |
UTC: 2023-05-17
EDT: 2023-05-17
SA: 2023-05-17
|
| VMware |
CVE-2023-20864
CVSS 9.8 CVE-2023-20864 — VMware Aria Operations for Logs contains a deserialization vuln… 📄 التفاصيل ← |
NVD | VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malici… | Yes | 🔴 Critical | VMware | Exploit | Refer to CVE-2023-20864 NVD advisory |
UTC: 2023-04-20
EDT: 2023-04-20
SA: 2023-04-20
|
| Fortinet |
CVE-2022-38375
CVSS 9.1 CVE-2022-38375 — An improper authorization vulnerability [CWE-285] in Fortinet … 📄 التفاصيل ← |
NVD | An improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 … | No | 🔴 Critical | Fortinet | Exploit | Update to v9.4.0 | Fortinet PSIRT Advisory |
UTC: 2023-02-16
EDT: 2023-02-16
SA: 2023-02-16
|
| Fortinet |
CVE-2022-39952
CVSS 9.8 CVE-2022-39952 — A external control of file name or path in Fortinet FortiNAC ve… 📄 التفاصيل ← |
NVD | A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.… | Yes | 🔴 Critical | Fortinet | Exploit | Update to v9.4.0 | Fortinet PSIRT Advisory |
UTC: 2023-02-16
EDT: 2023-02-16
SA: 2023-02-16
|
| Microsoft |
CVE-2022-42970
CVSS 9.8 CVE-2022-42970 — A CWE-306: Missing Authentication for Critical Function The sof… 📄 التفاصيل ← |
NVD | A CWE-306: Missing Authentication for Critical Function The software does not perform any authentica… | No | 🔴 Critical | Windows Server | Microsoft Windows | Exploit | Update to v2.5 |
UTC: 2023-02-01
EDT: 2023-02-01
SA: 2023-02-01
|
| Microsoft |
CVE-2022-42971
CVSS 9.8 CVE-2022-42971 — A CWE-434: Unrestricted Upload of File with Dangerous Type vuln… 📄 التفاصيل ← |
NVD | A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause rem… | No | 🔴 Critical | Windows 11 | Windows Server 2019 | Windows Server | Exploit | Update to v2.5 |
UTC: 2023-02-01
EDT: 2023-02-01
SA: 2023-02-01
|
| VMware |
CVE-2022-38650
CVSS 10 CVE-2022-38650 — A remote unauthenticated insecure deserialization vulnerability… 📄 التفاصيل ← |
NVD | A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.… | No | 🔴 Critical | VMware | Malware | Refer to CVE-2022-38650 NVD advisory |
UTC: 2022-11-12
EDT: 2022-11-12
SA: 2022-11-12
|
| VMware |
CVE-2022-38651
CVSS 9.8 CVE-2022-38651 — A security filter misconfiguration exists in VMware Hyperic Ser… 📄 التفاصيل ← |
NVD | A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulne… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-38651 NVD advisory |
UTC: 2022-11-12
EDT: 2022-11-12
SA: 2022-11-12
|
| VMware |
CVE-2022-38652
CVSS 9.9 CVE-2022-38652 — A remote insecure deserialization vulnerability exixsts in VMWa… 📄 التفاصيل ← |
NVD | A remote insecure deserialization vulnerability exixsts in VMWare Hyperic Agent 5.8.6. Exploitation … | No | 🔴 Critical | Microsoft Windows | Malware | Microsoft Patch Tuesday |
UTC: 2022-11-12
EDT: 2022-11-12
SA: 2022-11-12
|
| VMware |
CVE-2022-31685
CVSS 9.8 CVE-2022-31685 — VMware Workspace ONE Assist prior to 22.10 contains an Authenti… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malici… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-31685 NVD advisory |
UTC: 2022-11-09
EDT: 2022-11-09
SA: 2022-11-09
|
| VMware |
CVE-2022-31686
CVSS 9.8 CVE-2022-31686 — VMware Workspace ONE Assist prior to 22.10 contains a Broken Au… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A … | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-31686 NVD advisory |
UTC: 2022-11-09
EDT: 2022-11-09
SA: 2022-11-09
|
| VMware |
CVE-2022-31687
CVSS 9.8 CVE-2022-31687 — VMware Workspace ONE Assist prior to 22.10 contains a Broken Ac… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicio… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-31687 NVD advisory |
UTC: 2022-11-09
EDT: 2022-11-09
SA: 2022-11-09
|
| VMware |
CVE-2022-31689
CVSS 9.8 CVE-2022-31689 — VMware Workspace ONE Assist prior to 22.10 contains a Session f… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious ac… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-31689 NVD advisory |
UTC: 2022-11-09
EDT: 2022-11-09
SA: 2022-11-09
|
| VMware |
CVE-2022-31678
CVSS 9.1 CVE-2022-31678 — VMware Cloud Foundation (NSX-V) contains an XML External Entity… 📄 التفاصيل ← |
NVD | VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x inst… | Yes | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-31678 NVD advisory |
UTC: 2022-10-27
EDT: 2022-10-27
SA: 2022-10-27
|
| Fortinet |
CVE-2022-40684
CVSS 9.8 CVE-2022-40684 — An authentication bypass using an alternate path or channel [CW… 📄 التفاصيل ← |
NVD | An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.… | Yes | 🔴 Critical | Fortinet FortiOS | Fortinet | Apple iOS | Exploit | Update to v7.2.0 | Fortinet PSIRT Advisory |
UTC: 2022-10-18
EDT: 2022-10-18
SA: 2022-10-18
|
| Fortinet |
CVE-2021-44171
CVSS 9 CVE-2021-44171 — A improper neutralization of special elements used in an os com… 📄 التفاصيل ← |
NVD | A improper neutralization of special elements used in an os command ('os command injection'… | No | 🔴 Critical | Fortinet FortiOS | Apple iOS | Exploit | Update to v6.0.0 | Fortinet PSIRT Advisory |
UTC: 2022-10-10
EDT: 2022-10-10
SA: 2022-10-10
|
| Microsoft |
CVE-2022-38221
CVSS 9.8 CVE-2022-38221 — A buffer overflow in the FTcpListener thread in The Isle Evrima… 📄 التفاصيل ← |
NVD | A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2022-08-15
EDT: 2022-08-15
SA: 2022-08-15
|
| Exploit |
CVE-2022-27925
Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability — K… 📄 التفاصيل ← |
CISA KEV | Synacor Zimbra Collaboration Suite (ZCS) contains flaw in the mboximport functionality, allowing an … | Yes | 🔴 Critical | Synacor Zimbra Collaboration Suite (ZCS) | Exploit | Apply patch by 2022-09-01 |
UTC: 2022-08-11
EDT: 2022-08-11
SA: 2022-08-11
|
| Exploit |
CVE-2022-37042
Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability — K… 📄 التفاصيل ← |
CISA KEV | Synacor Zimbra Collaboration Suite (ZCS) contains an authentication bypass vulnerability in MailboxI… | Yes | 🔴 Critical | Synacor Zimbra Collaboration Suite (ZCS) | Exploit | Apply patch by 2022-09-01 |
UTC: 2022-08-11
EDT: 2022-08-11
SA: 2022-08-11
|
| VMware |
CVE-2022-31656
CVSS 9.8 CVE-2022-31656 — VMware Workspace ONE Access, Identity Manager and vRealize Auto… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypa… | Yes | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-31656 NVD advisory |
UTC: 2022-08-05
EDT: 2022-08-05
SA: 2022-08-05
|
| VMware |
CVE-2022-31657
CVSS 9.8 CVE-2022-31657 — VMware Workspace ONE Access and Identity Manager contain a URL … 📄 التفاصيل ← |
NVD | VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious … | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-31657 NVD advisory |
UTC: 2022-08-05
EDT: 2022-08-05
SA: 2022-08-05
|
| Cisco |
CVE-2022-20829
CVSS 9.1 CVE-2022-20829 — A vulnerability in the packaging of Cisco Adaptive Security Dev… 📄 التفاصيل ← |
NVD | A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the val… | No | 🔴 Critical | Cisco ASA | Cisco | APT | Cisco Security Advisory |
UTC: 2022-06-24
EDT: 2022-06-24
SA: 2022-06-24
|
| Intel |
CVE-2022-31479
CVSS 9.6 CVE-2022-31479 — An unauthenticated attacker can update the hostname with a spec… 📄 التفاصيل ← |
NVD | An unauthenticated attacker can update the hostname with a specially crafted name that will allow fo… | No | 🔴 Critical | Intel Processor | Exploit | Update to v1.302 |
UTC: 2022-06-06
EDT: 2022-06-06
SA: 2022-06-06
|
| Exploit |
CVE-2022-24422
CVSS 9.6 CVE-2022-24422 — Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.… 📄 التفاصيل ← |
NVD | Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authenticatio… | No | 🔴 Critical | Dell iDRAC | Exploit | Update to v5.00.00 |
UTC: 2022-05-26
EDT: 2022-05-26
SA: 2022-05-26
|
| Exploit |
CVE-2022-26857
CVSS 9 CVE-2022-26857 — Dell OpenManage Enterprise Versions 3.8.3 and prior contain an … 📄 التفاصيل ← |
NVD | Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability.… | No | 🔴 Critical | Dell OpenManage Enterprise | Exploit | Update to v3.8.3 |
UTC: 2022-05-26
EDT: 2022-05-26
SA: 2022-05-26
|
| VMware |
CVE-2022-22972
CVSS 9.8 CVE-2022-22972 — VMware Workspace ONE Access, Identity Manager and vRealize Auto… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypa… | Yes | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-22972 NVD advisory |
UTC: 2022-05-20
EDT: 2022-05-20
SA: 2022-05-20
|
| Vulnerability |
CVE-2022-28118
CVSS 9.8 CVE-2022-28118 — SiteServer CMS v7.x allows attackers to execute arbitrary code … 📄 التفاصيل ← |
NVD | SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in. | No | 🔴 Critical | SiteServer CMS | Exploit | Refer to CVE-2022-28118 NVD advisory |
UTC: 2022-05-03
EDT: 2022-05-03
SA: 2022-05-03
|
| Network |
CVE-2022-28560
CVSS 9.8 CVE-2022-28560 — There is a stack overflow vulnerability in the goform/fast_sett… 📄 التفاصيل ← |
NVD | There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd se… | No | 🔴 Critical | There is a | Exploit | Refer to CVE-2022-28560 NVD advisory |
UTC: 2022-05-03
EDT: 2022-05-03
SA: 2022-05-03
|
| Network |
CVE-2022-28561
CVSS 9.8 CVE-2022-28561 — There is a stack overflow vulnerability in the /goform/setMacFi… 📄 التفاصيل ← |
NVD | There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service… | No | 🔴 Critical | There is a | Exploit | Refer to CVE-2022-28561 NVD advisory |
UTC: 2022-05-03
EDT: 2022-05-03
SA: 2022-05-03
|
| Web |
CVE-2022-27962
CVSS 9.8 CVE-2022-27962 — Bluecms 1.6 has a SQL injection vulnerability at cooike. 📄 التفاصيل ← |
NVD | Bluecms 1.6 has a SQL injection vulnerability at cooike. | No | 🔴 Critical | Bluecms | Exploit | Refer to CVE-2022-27962 NVD advisory |
UTC: 2022-05-03
EDT: 2022-05-03
SA: 2022-05-03
|
| Web |
CVE-2022-28585
CVSS 9.8 CVE-2022-28585 — EmpireCMS 7.5 has a SQL injection vulnerability in AdClass.php 📄 التفاصيل ← |
NVD | EmpireCMS 7.5 has a SQL injection vulnerability in AdClass.php | No | 🔴 Critical | EmpireCMS | Exploit | Refer to CVE-2022-28585 NVD advisory |
UTC: 2022-05-03
EDT: 2022-05-03
SA: 2022-05-03
|
| VMware |
CVE-2022-22955
CVSS 9.8 CVE-2022-22955 — VMware Workspace ONE Access has two authentication bypass vulne… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-22955 NVD advisory |
UTC: 2022-04-13
EDT: 2022-04-13
SA: 2022-04-13
|
| VMware |
CVE-2022-22956
CVSS 9.8 CVE-2022-22956 — VMware Workspace ONE Access has two authentication bypass vulne… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-… | Yes | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-22956 NVD advisory |
UTC: 2022-04-13
EDT: 2022-04-13
SA: 2022-04-13
|
| VMware |
CVE-2022-22954
CVSS 9.8 CVE-2022-22954 — VMware Workspace ONE Access and Identity Manager contain a remo… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due t… | Yes | 🔴 Critical | VMware | Exploit | Refer to CVE-2022-22954 NVD advisory |
UTC: 2022-04-11
EDT: 2022-04-11
SA: 2022-04-11
|
| Vulnerability |
CVE-2022-27534
CVSS 9.8 CVE-2022-27534 — Kaspersky Anti-Virus products for home and Kaspersky Endpoint S… 📄 التفاصيل ← |
NVD | Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases rele… | No | 🔴 Critical | Kaspersky Anti-Virus products | Exploit | Refer to CVE-2022-27534 NVD advisory |
UTC: 2022-04-01
EDT: 2022-04-01
SA: 2022-04-01
|
| VMware |
CVE-2022-22951
CVSS 9.1 CVE-2022-22951 — VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x p… 📄 التفاصيل ← |
NVD | VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 a… | No | 🔴 Critical | VMware vSphere/ESXi 8.0 | Exploit | Refer to CVE-2022-22951 NVD advisory |
UTC: 2022-03-23
EDT: 2022-03-23
SA: 2022-03-23
|
| VMware |
CVE-2022-22952
CVSS 9.1 CVE-2022-22952 — VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x p… 📄 التفاصيل ← |
NVD | VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 a… | No | 🔴 Critical | VMware vSphere/ESXi 8.0 | Exploit | Microsoft Patch Tuesday |
UTC: 2022-03-23
EDT: 2022-03-23
SA: 2022-03-23
|
| Intel |
CVE-2021-45977
CVSS 9.8 CVE-2021-45977 — JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.… 📄 التفاصيل ← |
NVD | JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 R… | No | 🔴 Critical | Intel Processor | Exploit | Update to v2021.3.1 |
UTC: 2022-02-25
EDT: 2022-02-25
SA: 2022-02-25
|
| Linux |
CVE-2021-20325
CVSS 9.8 CVE-2021-20325 — Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the vers… 📄 التفاصيل ← |
NVD | Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat … | No | 🔴 Critical | Red Hat Enterprise Linux | Exploit | Update to v8.5.0 |
UTC: 2022-02-18
EDT: 2022-02-18
SA: 2022-02-18
|
| VMware |
CVE-2022-21306
CVSS 9.8 CVE-2022-21306 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.1.3 |
UTC: 2022-01-19
EDT: 2022-01-19
SA: 2022-01-19
|
| Microsoft |
CVE-2022-21846
CVSS 9 CVE-2022-21846 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2022-01-11
EDT: 2022-01-11
SA: 2022-01-11
|
| Microsoft |
CVE-2022-21855
CVSS 9 CVE-2022-21855 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2022-01-11
EDT: 2022-01-11
SA: 2022-01-11
|
| Microsoft |
CVE-2022-21969
CVSS 9 CVE-2022-21969 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2022-01-11
EDT: 2022-01-11
SA: 2022-01-11
|
| VMware |
CVE-2019-8643
CVSS 9.8 CVE-2019-8643 — CVE-2019-8643: Arun Sharma of VMWare This issue is fixed in macO… 📄 التفاصيل ← |
NVD | CVE-2019-8643: Arun Sharma of VMWare This issue is fixed in macOS Mojave 10.14. Description: A logic… | No | 🔴 Critical | Apple macOS | Exploit | Refer to CVE-2019-8643 NVD advisory |
UTC: 2021-12-23
EDT: 2021-12-23
SA: 2021-12-23
|
| Office |
CVE-2021-43905
CVSS 9.6 CVE-2021-43905 — Microsoft Office app Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Office app Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Office app | Exploit | Microsoft Patch Tuesday |
UTC: 2021-12-15
EDT: 2021-12-15
SA: 2021-12-15
|
| Oracle |
CVE-2021-42064
CVSS 9.8 CVE-2021-42064 — If configured to use an Oracle database and if a query is creat… 📄 التفاصيل ← |
NVD | If configured to use an Oracle database and if a query is created using the flexible search java api… | No | 🔴 Critical | Java | Oracle Database | SAP | Exploit | Refer to CVE-2021-42064 NVD advisory |
UTC: 2021-12-14
EDT: 2021-12-14
SA: 2021-12-14
|
| Microsoft |
CVE-2021-34423
CVSS 9.8 CVE-2021-34423 — A buffer overflow vulnerability was discovered in Zoom Client f… 📄 التفاصيل ← |
NVD | A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux,… | No | 🔴 Critical | Microsoft Windows | Android | Apple macOS | Exploit | Update to v5.8.4 |
UTC: 2021-11-24
EDT: 2021-11-24
SA: 2021-11-24
|
| Palo Alto |
CVE-2021-3064
CVSS 9.8 CVE-2021-3064 — A memory corruption vulnerability exists in Palo Alto Networks G… 📄 التفاصيل ← |
NVD | A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway inte… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Palo Alto GlobalProtect VP | Exploit | Update to v8.1.17 |
UTC: 2021-11-10
EDT: 2021-11-10
SA: 2021-11-10
|
| Android |
CVE-2020-15999
Google Chrome FreeType Heap Buffer Overflow Vulnerability — KEV 📄 التفاصيل ← |
CISA KEV | Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap … | Yes | 🔴 Critical | Google Chrome FreeType | Exploit | Apply patch by 2021-11-17 |
UTC: 2021-11-03
EDT: 2021-11-03
SA: 2021-11-03
|
| Intel |
CVE-2020-5955
CVSS 9.8 CVE-2020-5955 — An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O… 📄 التفاصيل ← |
NVD | An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client c… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2020-5955 NVD advisory |
UTC: 2021-11-02
EDT: 2021-11-02
SA: 2021-11-02
|
| VMware |
CVE-2021-35617
CVSS 9.8 CVE-2021-35617 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherenc… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.1.3 |
UTC: 2021-10-20
EDT: 2021-10-20
SA: 2021-10-20
|
| Juniper |
CVE-2021-31349
CVSS 9.8 CVE-2021-31349 — The usage of an internal HTTP header created an authentication … 📄 التفاصيل ← |
NVD | The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allow… | No | 🔴 Critical | The usage of | Exploit | Update to v4.5.11 |
UTC: 2021-10-19
EDT: 2021-10-19
SA: 2021-10-19
|
| Microsoft |
CVE-2021-26427
CVSS 9 CVE-2021-26427 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-10-13
EDT: 2021-10-13
SA: 2021-10-13
|
| Cisco |
CVE-2021-1619
CVSS 9.8 CVE-2021-1619 — A vulnerability in the authentication, authorization, and accoun… 📄 التفاصيل ← |
NVD | A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE … | No | 🔴 Critical | Cisco IOS XE 17.x | DDoS | Cisco Security Advisory |
UTC: 2021-09-23
EDT: 2021-09-23
SA: 2021-09-23
|
| Cisco |
CVE-2021-34727
CVSS 9.8 CVE-2021-34727 — A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN S… 📄 التفاصيل ← |
NVD | A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticate… | No | 🔴 Critical | Cisco IOS XE 17.x | DDoS | Cisco Security Advisory |
UTC: 2021-09-23
EDT: 2021-09-23
SA: 2021-09-23
|
| Cisco |
CVE-2021-34770
CVSS 10 CVE-2021-34770 — A vulnerability in the Control and Provisioning of Wireless Acc… 📄 التفاصيل ← |
NVD | A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processi… | No | 🔴 Critical | Cisco IOS XE 17.x | DDoS | Cisco Security Advisory |
UTC: 2021-09-23
EDT: 2021-09-23
SA: 2021-09-23
|
| VMware |
CVE-2021-22002
CVSS 9.8 CVE-2021-22002 — VMware Workspace ONE Access and Identity Manager, allow the /cf… 📄 التفاصيل ← |
NVD | VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, o… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2021-22002 NVD advisory |
UTC: 2021-08-31
EDT: 2021-08-31
SA: 2021-08-31
|
| VMware |
CVE-2021-2382
CVSS 9.8 CVE-2021-2382 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Security… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2021-07-21
EDT: 2021-07-21
SA: 2021-07-21
|
| VMware |
CVE-2021-2394
CVSS 9.8 CVE-2021-2394 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2021-07-21
EDT: 2021-07-21
SA: 2021-07-21
|
| VMware |
CVE-2021-2397
CVSS 9.8 CVE-2021-2397 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2021-07-21
EDT: 2021-07-21
SA: 2021-07-21
|
| Intel |
CVE-2021-2456
CVSS 9.8 CVE-2021-2456 — Vulnerability in the Oracle Business Intelligence Enterprise Edi… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle… | No | 🔴 Critical | Intel Processor | ICS/OT | Update to v12.2.1 |
UTC: 2021-07-20
EDT: 2021-07-20
SA: 2021-07-20
|
| Juniper |
CVE-2021-0276
CVSS 9.8 CVE-2021-0276 — A stack-based Buffer Overflow vulnerability in Juniper Networks … 📄 التفاصيل ← |
NVD | A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Aut… | No | 🔴 Critical | A stack-based Buffer | DDoS | Update to v8.4.1 |
UTC: 2021-07-15
EDT: 2021-07-15
SA: 2021-07-15
|
| Microsoft |
CVE-2021-34523
CVSS 9 CVE-2021-34523 — Microsoft Exchange Server Elevation of Privilege Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Elevation of Privilege Vulnerability | Yes | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-07-14
EDT: 2021-07-14
SA: 2021-07-14
|
| Microsoft |
CVE-2021-34473
CVSS 9.1 CVE-2021-34473 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | Yes | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-07-14
EDT: 2021-07-14
SA: 2021-07-14
|
| Intel |
CVE-2021-30117
CVSS 9.8 CVE-2021-30117 — The API call /InstallTab/exportFldr.asp is vulnerable to a semi… 📄 التفاصيل ← |
NVD | The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQ… | No | 🔴 Critical | Mozilla Firefox | Intel Processor | Exploit | Refer to CVE-2021-30117 NVD advisory |
UTC: 2021-07-09
EDT: 2021-07-09
SA: 2021-07-09
|
| Carbon Black |
CVE-2021-21998
CVSS 9.8 CVE-2021-21998 — VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, a… 📄 التفاصيل ← |
NVD | VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authenti… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2021-21998 NVD advisory |
UTC: 2021-06-23
EDT: 2021-06-23
SA: 2021-06-23
|
| Palo Alto |
CVE-2021-3044
CVSS 9.8 CVE-2021-3044 — An improper authorization vulnerability in Palo Alto Networks Co… 📄 التفاصيل ← |
NVD | An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthen… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Exploit | Refer to CVE-2021-3044 NVD advisory |
UTC: 2021-06-22
EDT: 2021-06-22
SA: 2021-06-22
|
| VMware |
CVE-2021-21986
CVSS 9.8 CVE-2021-21986 — The vSphere Client (HTML5) contains a vulnerability in a vSpher… 📄 التفاصيل ← |
NVD | The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Vi… | No | 🔴 Critical | VMware vSphere | VMware vCenter | Exploit | Refer to CVE-2021-21986 NVD advisory |
UTC: 2021-05-26
EDT: 2021-05-26
SA: 2021-05-26
|
| VMware |
CVE-2021-21984
CVSS 9.8 CVE-2021-21984 — VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains … 📄 التفاصيل ← |
NVD | VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution vulnerability… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2021-21984 NVD advisory |
UTC: 2021-05-07
EDT: 2021-05-07
SA: 2021-05-07
|
| VMware |
CVE-2021-2135
CVSS 9.8 CVE-2021-2135 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherenc… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2021-04-22
EDT: 2021-04-22
SA: 2021-04-22
|
| VMware |
CVE-2021-2136
CVSS 9.8 CVE-2021-2136 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.1.3 |
UTC: 2021-04-22
EDT: 2021-04-22
SA: 2021-04-22
|
| VMware |
CVE-2021-2302
CVSS 9.8 CVE-2021-2302 — Vulnerability in the Oracle Platform Security for Java product o… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle Platform Security for Java product of Oracle Fusion Middleware (componen… | No | 🔴 Critical | Java | Exploit | Update to v11.1.1 |
UTC: 2021-04-22
EDT: 2021-04-22
SA: 2021-04-22
|
| Juniper |
CVE-2021-0248
CVSS 10 CVE-2021-0248 — This issue is not applicable to NFX NextGen Software. On NFX Ser… 📄 التفاصيل ← |
NVD | This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Cr… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v19.1 |
UTC: 2021-04-22
EDT: 2021-04-22
SA: 2021-04-22
|
| Juniper |
CVE-2021-0254
CVSS 9.8 CVE-2021-0254 — A buffer size validation vulnerability in the overlayd service o… 📄 التفاصيل ← |
NVD | A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allo… | No | 🔴 Critical | Juniper JunOS | DDoS | Update to v15.1 |
UTC: 2021-04-22
EDT: 2021-04-22
SA: 2021-04-22
|
| Microsoft |
CVE-2021-28480
CVSS 9.8 CVE-2021-28480 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | Yes | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-04-13
EDT: 2021-04-13
SA: 2021-04-13
|
| Microsoft |
CVE-2021-28481
CVSS 9.8 CVE-2021-28481 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-04-13
EDT: 2021-04-13
SA: 2021-04-13
|
| Microsoft |
CVE-2021-28483
CVSS 9 CVE-2021-28483 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-04-13
EDT: 2021-04-13
SA: 2021-04-13
|
| Intel |
CVE-2021-23281
CVSS 10 CVE-2021-23281 — Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerab… 📄 التفاصيل ← |
NVD | Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code exe… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2021-23281 NVD advisory |
UTC: 2021-04-13
EDT: 2021-04-13
SA: 2021-04-13
|
| Carbon Black |
CVE-2021-21982
CVSS 9.1 CVE-2021-21982 — VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has… 📄 التفاصيل ← |
NVD | VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerabili… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2021-21982 NVD advisory |
UTC: 2021-04-01
EDT: 2021-04-01
SA: 2021-04-01
|
| Microsoft |
CVE-2021-26855
CVSS 9.1 CVE-2021-26855 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | Yes | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-03-03
EDT: 2021-03-03
SA: 2021-03-03
|
| Microsoft |
CVE-2021-26412
CVSS 9.1 CVE-2021-26412 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-03-03
EDT: 2021-03-03
SA: 2021-03-03
|
| Microsoft |
CVE-2021-27078
CVSS 9.1 CVE-2021-27078 — Microsoft Exchange Server Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Server Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2021-03-03
EDT: 2021-03-03
SA: 2021-03-03
|
| VMware |
CVE-2021-21978
CVSS 9.8 CVE-2021-21978 — VMware View Planner 4.x prior to 4.6 Security Patch 1 contains … 📄 التفاصيل ← |
NVD | VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability… | Yes | 🔴 Critical | VMware | Exploit | Refer to CVE-2021-21978 NVD advisory |
UTC: 2021-03-03
EDT: 2021-03-03
SA: 2021-03-03
|
| VMware |
CVE-2021-21972
CVSS 9.8 CVE-2021-21972 — The vSphere Client (HTML5) contains a remote code execution vul… 📄 التفاصيل ← |
NVD | The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin… | Yes | 🔴 Critical | VMware vSphere | VMware vCenter | VMware | Exploit | Refer to CVE-2021-21972 NVD advisory |
UTC: 2021-02-24
EDT: 2021-02-24
SA: 2021-02-24
|
| Cisco |
CVE-2021-1361
CVSS 9.8 CVE-2021-1361 — A vulnerability in the implementation of an internal file manage… 📄 التفاصيل ← |
NVD | A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Se… | No | 🔴 Critical | Cisco NX-OS | Cisco | Exploit | Cisco Security Advisory |
UTC: 2021-02-24
EDT: 2021-02-24
SA: 2021-02-24
|
| Palo Alto |
CVE-2021-3033
CVSS 9.1 CVE-2021-3033 — An improper verification of cryptographic signature vulnerabilit… 📄 التفاصيل ← |
NVD | An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks P… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Exploit | Update to v19.11 |
UTC: 2021-02-10
EDT: 2021-02-10
SA: 2021-02-10
|
| Office |
CVE-2021-25139
CVSS 9.8 CVE-2021-25139 — A potential security vulnerability has been identified in the H… 📄 التفاصيل ← |
NVD | A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.2… | No | 🔴 Critical | Microsoft Hyper-V | DDoS | Microsoft Patch Tuesday |
UTC: 2021-02-09
EDT: 2021-02-09
SA: 2021-02-09
|
| Office |
CVE-2021-25140
CVSS 9.8 CVE-2021-25140 — A potential security vulnerability has been identified in the H… 📄 التفاصيل ← |
NVD | A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.2… | No | 🔴 Critical | Microsoft Hyper-V | DDoS | Microsoft Patch Tuesday |
UTC: 2021-02-09
EDT: 2021-02-09
SA: 2021-02-09
|
| Fortinet |
CVE-2020-6649
CVSS 9.8 CVE-2020-6649 — An insufficient session expiration vulnerability in FortiNet… 📄 التفاصيل ← |
NVD | An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and … | No | 🔴 Critical | Fortinet | Exploit | Update to v2.0.1 | Fortinet PSIRT Advisory |
UTC: 2021-02-08
EDT: 2021-02-08
SA: 2021-02-08
|
| IBM |
CVE-2020-4958
CVSS 9.8 CVE-2020-4958 — IBM Security Identity Governance and Intelligence 5.2.6 does not… 📄 التفاصيل ← |
NVD | IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for func… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2020-4958 NVD advisory |
UTC: 2021-01-21
EDT: 2021-01-21
SA: 2021-01-21
|
| VMware |
CVE-2021-1994
CVSS 9.8 CVE-2021-1994 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Serv… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2021-01-20
EDT: 2021-01-20
SA: 2021-01-20
|
| VMware |
CVE-2021-2047
CVSS 9.8 CVE-2021-2047 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Com… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2021-01-20
EDT: 2021-01-20
SA: 2021-01-20
|
| VMware |
CVE-2021-2064
CVSS 9.8 CVE-2021-2064 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Com… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.1.3 |
UTC: 2021-01-20
EDT: 2021-01-20
SA: 2021-01-20
|
| VMware |
CVE-2021-2075
CVSS 9.8 CVE-2021-2075 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples)… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2021-01-20
EDT: 2021-01-20
SA: 2021-01-20
|
| VMware |
CVE-2021-2108
CVSS 9.8 CVE-2021-2108 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Com… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.1.3 |
UTC: 2021-01-20
EDT: 2021-01-20
SA: 2021-01-20
|
| Juniper |
CVE-2021-0211
CVSS 10 CVE-2021-0211 — An improper check for unusual or exceptional conditions in Junip… 📄 التفاصيل ← |
NVD | An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Ev… | No | 🔴 Critical | Juniper JunOS | DDoS | Update to v17.3 |
UTC: 2021-01-15
EDT: 2021-01-15
SA: 2021-01-15
|
| Web |
CVE-2016-20001
CVSS 9.8 CVE-2016-20001 — The REST/JSON project 7.x-1.x for Drupal allows node access byp… 📄 التفاصيل ← |
NVD | The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: T… | No | 🔴 Critical | Drupal | Exploit | Refer to CVE-2016-20001 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2016-20002
CVSS 9.8 CVE-2016-20002 — The REST/JSON project 7.x-1.x for Drupal allows comment access … 📄 التفاصيل ← |
NVD | The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE… | No | 🔴 Critical | Drupal | Exploit | Refer to CVE-2016-20002 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2016-20004
CVSS 9.8 CVE-2016-20004 — The REST/JSON project 7.x-1.x for Drupal allows field access by… 📄 التفاصيل ← |
NVD | The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: … | No | 🔴 Critical | Drupal | Exploit | Refer to CVE-2016-20004 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2016-20005
CVSS 9.8 CVE-2016-20005 — The REST/JSON project 7.x-1.x for Drupal allows user registrati… 📄 التفاصيل ← |
NVD | The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. N… | No | 🔴 Critical | Drupal | Exploit | Refer to CVE-2016-20005 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2020-35945
CVSS 9.9 CVE-2020-35945 — An issue was discovered in the Divi Builder plugin, Divi theme,… 📄 التفاصيل ← |
NVD | An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 fo… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2020-35945 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2020-35948
CVSS 9.9 CVE-2020-35948 — An issue was discovered in the XCloner Backup and Restore plugi… 📄 التفاصيل ← |
NVD | An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gav… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2020-35948 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2020-35949
CVSS 10 CVE-2020-35949 — An issue was discovered in the Quiz and Survey Master plugin be… 📄 التفاصيل ← |
NVD | An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it … | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2020-35949 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2020-35950
CVSS 9.8 CVE-2020-35950 — An issue was discovered in the XCloner Backup and Restore plugi… 📄 التفاصيل ← |
NVD | An issue was discovered in the XCloner Backup and Restore plugin before 4.2.153 for WordPress. It al… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2020-35950 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2020-35951
CVSS 9.9 CVE-2020-35951 — An issue was discovered in the Quiz and Survey Master plugin be… 📄 التفاصيل ← |
NVD | An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows u… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2020-35951 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Network |
CVE-2020-35391
CVSS 9.6 CVE-2020-35391 — Tenda N300 F3 12.01.01.48 devices allow remote attackers to obt… 📄 التفاصيل ← |
NVD | Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly i… | No | 🔴 Critical | Tenda N300 F3 | Exploit | Refer to CVE-2020-35391 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Web |
CVE-2020-35717
CVSS 9 CVE-2020-35717 — zonote through 0.4.0 allows XSS via a crafted note, with result… 📄 التفاصيل ← |
NVD | zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because no… | No | 🔴 Critical | zonote | Exploit | Refer to CVE-2020-35717 NVD advisory |
UTC: 2021-01-01
EDT: 2021-01-01
SA: 2021-01-01
|
| Microsoft |
CVE-2020-17132
CVSS 9.1 CVE-2020-17132 — Microsoft Exchange Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2020-12-10
EDT: 2020-12-10
SA: 2020-12-10
|
| Microsoft |
CVE-2020-17142
CVSS 9.1 CVE-2020-17142 — Microsoft Exchange Remote Code Execution Vulnerability 📄 التفاصيل ← |
NVD | Microsoft Exchange Remote Code Execution Vulnerability | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2020-12-10
EDT: 2020-12-10
SA: 2020-12-10
|
| VMware |
CVE-2020-4006
CVSS 9.1 CVE-2020-4006 — VMware Workspace One Access, Access Connector, Identity Manager,… 📄 التفاصيل ← |
NVD | VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector addr… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2020-4006 NVD advisory |
UTC: 2020-11-23
EDT: 2020-11-23
SA: 2020-11-23
|
| Intel |
CVE-2020-8747
CVSS 9.1 CVE-2020-8747 — Out-of-bounds read in subsystem for Intel(R) AMT versions before… 📄 التفاصيل ← |
NVD | Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.7… | No | 🔴 Critical | Intel Processor | DDoS | Update to v11.8.80 |
UTC: 2020-11-12
EDT: 2020-11-12
SA: 2020-11-12
|
| Intel |
CVE-2020-8752
CVSS 9.8 CVE-2020-8752 — Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R)… 📄 التفاصيل ← |
NVD | Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.… | No | 🔴 Critical | Intel Processor | Exploit | Update to v11.8.80 |
UTC: 2020-11-12
EDT: 2020-11-12
SA: 2020-11-12
|
| Intel |
CVE-2020-12315
CVSS 9.8 CVE-2020-12315 — Path traversal in the Intel(R) EMA before version 1.3.3 may all… 📄 التفاصيل ← |
NVD | Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potenti… | No | 🔴 Critical | Intel Processor | Exploit | Update to v1.3.3 |
UTC: 2020-11-12
EDT: 2020-11-12
SA: 2020-11-12
|
| Cisco |
CVE-2020-3284
CVSS 9.8 CVE-2020-3284 — A vulnerability in the enhanced Preboot eXecution Environment (P… 📄 التفاصيل ← |
NVD | A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2020-11-06
EDT: 2020-11-06
SA: 2020-11-06
|
| VMware |
CVE-2020-14750
CVSS 9.8 CVE-2020-14750 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console)… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-11-02
EDT: 2020-11-02
SA: 2020-11-02
|
| VMware |
CVE-2020-14825
CVSS 9.8 CVE-2020-14825 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2020-10-21
EDT: 2020-10-21
SA: 2020-10-21
|
| VMware |
CVE-2020-14841
CVSS 9.8 CVE-2020-14841 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-10-21
EDT: 2020-10-21
SA: 2020-10-21
|
| VMware |
CVE-2020-14859
CVSS 9.8 CVE-2020-14859 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-10-21
EDT: 2020-10-21
SA: 2020-10-21
|
| VMware |
CVE-2020-14882
CVSS 9.8 CVE-2020-14882 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console)… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-10-21
EDT: 2020-10-21
SA: 2020-10-21
|
| VMware |
CVE-2020-3992
CVSS 9.8 CVE-2020-3992 — OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.168508… 📄 التفاصيل ← |
NVD | OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG,… | Yes | 🔴 Critical | VMware ESXi | Exploit | Refer to CVE-2020-3992 NVD advisory |
UTC: 2020-10-20
EDT: 2020-10-20
SA: 2020-10-20
|
| Intel |
CVE-2020-24629
CVSS 9.8 CVE-2020-24629 — A remote urlaccesscontroller authentication bypass vulnerabilit… 📄 التفاصيل ← |
NVD | A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent M… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-24646
CVSS 9.8 CVE-2020-24646 — A tftpserver stack-based buffer overflow remote code execution … 📄 التفاصيل ← |
NVD | A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE I… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-24647
CVSS 9.8 CVE-2020-24647 — A remote accessmgrservlet classname input validation code execu… 📄 التفاصيل ← |
NVD | A remote accessmgrservlet classname input validation code execution vulnerability was discovered in … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-24648
CVSS 9.8 CVE-2020-24648 — A accessmgrservlet classname deserialization of untrusted data … 📄 التفاصيل ← |
NVD | A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability w… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-24649
CVSS 9.8 CVE-2020-24649 — A remote bytemessageresource transformentity" input valida… 📄 التفاصيل ← |
NVD | A remote bytemessageresource transformentity" input validation code execution vulnerability was… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-24650
CVSS 9.8 CVE-2020-24650 — A legend expression language injection remote code execution vu… 📄 التفاصيل ← |
NVD | A legend expression language injection remote code execution vulnerability was discovered in HPE Int… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-24651
CVSS 9.8 CVE-2020-24651 — A syslogtempletselectwin expression language injection remote c… 📄 التفاصيل ← |
NVD | A syslogtempletselectwin expression language injection remote code execution vulnerability was disco… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-24652
CVSS 9.8 CVE-2020-24652 — A addvsiinterfaceinfo expression language injection remote code… 📄 التفاصيل ← |
NVD | A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discover… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7141
CVSS 9.8 CVE-2020-7141 — A adddevicetoview expression language injection remote code exec… 📄 التفاصيل ← |
NVD | A adddevicetoview expression language injection remote code execution vulnerability was discovered i… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7142
CVSS 9.8 CVE-2020-7142 — A eventinfo_content expression language injection remote code ex… 📄 التفاصيل ← |
NVD | A eventinfo_content expression language injection remote code execution vulnerability was discovered… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7143
CVSS 9.8 CVE-2020-7143 — A faultdevparasset expression language injection remote code exe… 📄 التفاصيل ← |
NVD | A faultdevparasset expression language injection remote code execution vulnerability was discovered … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7144
CVSS 9.8 CVE-2020-7144 — A comparefilesresult expression language injection remote code e… 📄 التفاصيل ← |
NVD | A comparefilesresult expression language injection remote code execution vulnerability was discovere… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7145
CVSS 9.8 CVE-2020-7145 — A chooseperfview expression language injection remote code execu… 📄 التفاصيل ← |
NVD | A chooseperfview expression language injection remote code execution vulnerability was discovered in… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7146
CVSS 9.8 CVE-2020-7146 — A devgroupselect expression language injection remote code execu… 📄 التفاصيل ← |
NVD | A devgroupselect expression language injection remote code execution vulnerability was discovered in… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7147
CVSS 9.8 CVE-2020-7147 — A deployselectbootrom expression language injection remote code … 📄 التفاصيل ← |
NVD | A deployselectbootrom expression language injection remote code execution vulnerability was discover… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7148
CVSS 9.8 CVE-2020-7148 — A deployselectsoftware expression language injection remote code… 📄 التفاصيل ← |
NVD | A deployselectsoftware expression language injection remote code execution vulnerability was discove… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7149
CVSS 9.8 CVE-2020-7149 — A ictexpertcsvdownload expression language injection remote code… 📄 التفاصيل ← |
NVD | A ictexpertcsvdownload expression language injection remote code execution vulnerability was discove… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7150
CVSS 9.8 CVE-2020-7150 — A faultstatchoosefaulttype expression language injection remote … 📄 التفاصيل ← |
NVD | A faultstatchoosefaulttype expression language injection remote code execution vulnerability was dis… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7151
CVSS 9.8 CVE-2020-7151 — A faulttrapgroupselect expression language injection remote code… 📄 التفاصيل ← |
NVD | A faulttrapgroupselect expression language injection remote code execution vulnerability was discove… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7152
CVSS 9.8 CVE-2020-7152 — A faultparasset expression language injection remote code execut… 📄 التفاصيل ← |
NVD | A faultparasset expression language injection remote code execution vulnerability was discovered in … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7153
CVSS 9.8 CVE-2020-7153 — A iccselectdevtype expression language injection remote code exe… 📄 التفاصيل ← |
NVD | A iccselectdevtype expression language injection remote code execution vulnerability was discovered … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7154
CVSS 9.8 CVE-2020-7154 — A ifviewselectpage expression language injection remote code exe… 📄 التفاصيل ← |
NVD | A ifviewselectpage expression language injection remote code execution vulnerability was discovered … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7155
CVSS 9.8 CVE-2020-7155 — A select expression language injection remote code execution vul… 📄 التفاصيل ← |
NVD | A select expression language injection remote code execution vulnerability was discovered in HPE Int… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7156
CVSS 9.8 CVE-2020-7156 — A faultinfo_content expression language injection remote code ex… 📄 التفاصيل ← |
NVD | A faultinfo_content expression language injection remote code execution vulnerability was discovered… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7157
CVSS 9.8 CVE-2020-7157 — A selviewnavcontent expression language injection remote code ex… 📄 التفاصيل ← |
NVD | A selviewnavcontent expression language injection remote code execution vulnerability was discovered… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7158
CVSS 9.8 CVE-2020-7158 — A perfselecttask expression language injection remote code execu… 📄 التفاصيل ← |
NVD | A perfselecttask expression language injection remote code execution vulnerability was discovered in… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7159
CVSS 9.8 CVE-2020-7159 — A customtemplateselect expression language injection remote code… 📄 التفاصيل ← |
NVD | A customtemplateselect expression language injection remote code execution vulnerability was discove… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7160
CVSS 9.8 CVE-2020-7160 — A iccselectdeviceseries expression language injection remote cod… 📄 التفاصيل ← |
NVD | A iccselectdeviceseries expression language injection remote code execution vulnerability was discov… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7161
CVSS 9.8 CVE-2020-7161 — A reporttaskselect expression language injection remote code exe… 📄 التفاصيل ← |
NVD | A reporttaskselect expression language injection remote code execution vulnerability was discovered … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7162
CVSS 9.8 CVE-2020-7162 — A operatorgroupselectcontent expression language injection remot… 📄 التفاصيل ← |
NVD | A operatorgroupselectcontent expression language injection remote code execution vulnerability was d… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7163
CVSS 9.8 CVE-2020-7163 — A navigationto expression language injection remote code executi… 📄 التفاصيل ← |
NVD | A navigationto expression language injection remote code execution vulnerability was discovered in H… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7164
CVSS 9.8 CVE-2020-7164 — A operationselect expression language injection remote code exec… 📄 التفاصيل ← |
NVD | A operationselect expression language injection remote code execution vulnerability was discovered i… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7165
CVSS 9.8 CVE-2020-7165 — A iccselectcommand expression language injection remote code exe… 📄 التفاصيل ← |
NVD | A iccselectcommand expression language injection remote code execution vulnerability was discovered … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7166
CVSS 9.8 CVE-2020-7166 — A operatorgrouptreeselectcontent expression language injection r… 📄 التفاصيل ← |
NVD | A operatorgrouptreeselectcontent expression language injection remote code execution vulnerability w… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7167
CVSS 9.8 CVE-2020-7167 — A quicktemplateselect expression language injection remote code … 📄 التفاصيل ← |
NVD | A quicktemplateselect expression language injection remote code execution vulnerability was discover… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7168
CVSS 9.8 CVE-2020-7168 — A selectusergroup expression language injection remote code exec… 📄 التفاصيل ← |
NVD | A selectusergroup expression language injection remote code execution vulnerability was discovered i… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7169
CVSS 9.8 CVE-2020-7169 — A ictexpertcsvdownload expression language injection remote code… 📄 التفاصيل ← |
NVD | A ictexpertcsvdownload expression language injection remote code execution vulnerability was discove… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7170
CVSS 9.8 CVE-2020-7170 — A select expression language injection remote code execution vul… 📄 التفاصيل ← |
NVD | A select expression language injection remote code execution vulnerability was discovered in HPE Int… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7171
CVSS 9.8 CVE-2020-7171 — A guidatadetail expression language injection remote code execut… 📄 التفاصيل ← |
NVD | A guidatadetail expression language injection remote code execution vulnerability was discovered in … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Intel |
CVE-2020-7172
CVSS 9.8 CVE-2020-7172 — A templateselect expression language injection remote code execu… 📄 التفاصيل ← |
NVD | A templateselect expression language injection remote code execution vulnerability was discovered in… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2020-10-19
EDT: 2020-10-19
SA: 2020-10-19
|
| Vulnerability |
CVE-1999-0199
CVSS 9.8 CVE-1999-0199 — manual/search.texi in the GNU C Library (aka glibc) before 2.2 l… 📄 التفاصيل ← |
NVD | manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecifi… | No | 🔴 Critical | manual/search.texi in the | Exploit | Refer to CVE-1999-0199 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| Vulnerability |
CVE-2020-24214
CVSS 9.8 CVE-2020-24214 — An issue was discovered in the box application on HiSilicon bas… 📄 التفاصيل ← |
NVD | An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. A… | No | 🔴 Critical | An issue was | Exploit | Refer to CVE-2020-24214 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| Vulnerability |
CVE-2020-24215
CVSS 9.8 CVE-2020-24215 — An issue was discovered in the box application on HiSilicon bas… 📄 التفاصيل ← |
NVD | An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. A… | No | 🔴 Critical | An issue was | Exploit | Refer to CVE-2020-24215 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| Vulnerability |
CVE-2020-24217
CVSS 9.8 CVE-2020-24217 — An issue was discovered in the box application on HiSilicon bas… 📄 التفاصيل ← |
NVD | An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. T… | No | 🔴 Critical | An issue was | Exploit | Refer to CVE-2020-24217 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| Vulnerability |
CVE-2020-24218
CVSS 9.8 CVE-2020-24218 — An issue was discovered on URayTech IPTV/H.264/H.265 video enco… 📄 التفاصيل ← |
NVD | An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log … | No | 🔴 Critical | An issue was | Exploit | Refer to CVE-2020-24218 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| DDoS |
CVE-2020-7465
CVSS 9.8 CVE-2020-7465 — The L2TP implementation of MPD before 5.9 allows a remote attack… 📄 التفاصيل ← |
NVD | The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted… | No | 🔴 Critical | The L2TP implementation of MPD before | DDoS | Refer to CVE-2020-7465 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| IBM |
CVE-2020-26574
CVSS 9.6 CVE-2020-26574 — Leostream Connection Broker 8.2.x is affected by stored XSS. An… 📄 التفاصيل ← |
NVD | Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject … | No | 🔴 Critical | Leostream Connection Broker | Exploit | Refer to CVE-2020-26574 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| Web |
CVE-2020-7741
CVSS 9.9 CVE-2020-7741 — This affects the package hellojs before 1.18.6. The code get the… 📄 التفاصيل ← |
NVD | This affects the package hellojs before 1.18.6. The code get the param oauth_redirect from url and p… | No | 🔴 Critical | This affects the package hellojs before | Exploit | Refer to CVE-2020-7741 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| Android |
CVE-2020-1907
CVSS 9.8 CVE-2020-1907 — A stack overflow in WhatsApp for Android prior to v2.20.196.16, … 📄 التفاصيل ← |
NVD | A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior … | No | 🔴 Critical | Android 14/13 | Exploit | Refer to CVE-2020-1907 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| Samsung |
CVE-2020-26607
CVSS 9.8 CVE-2020-26607 — An issue was discovered in TimaService on Samsung mobile device… 📄 التفاصيل ← |
NVD | An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) so… | No | 🔴 Critical | An issue was | Exploit | Refer to CVE-2020-26607 NVD advisory |
UTC: 2020-10-06
EDT: 2020-10-06
SA: 2020-10-06
|
| Intel |
CVE-2020-8758
CVSS 9.8 CVE-2020-8758 — Improper buffer restrictions in network subsystem in provisioned… 📄 التفاصيل ← |
NVD | Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versi… | No | 🔴 Critical | Intel Processor | Exploit | Update to v11.8.79 |
UTC: 2020-09-10
EDT: 2020-09-10
SA: 2020-09-10
|
| Intel |
CVE-2020-6294
CVSS 9.1 CVE-2020-6294 — Xvfb of SAP Business Objects Business Intelligence Platform, ver… 📄 التفاصيل ← |
NVD | Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix d… | No | 🔴 Critical | Intel Processor | SAP | Exploit | Update to v4.2 |
UTC: 2020-08-12
EDT: 2020-08-12
SA: 2020-08-12
|
| VMware |
CVE-2019-11286
CVSS 9.1 CVE-2019-11286 — VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.… 📄 التفاصيل ← |
NVD | VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs v… | No | 🔴 Critical | VMware | Exploit | Update to v9.10.0 |
UTC: 2020-07-31
EDT: 2020-07-31
SA: 2020-07-31
|
| Cisco |
CVE-2020-6100
CVSS 9.9 CVE-2020-6100 — An exploitable memory corruption vulnerability exists in AMD ati… 📄 التفاصيل ← |
NVD | An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics… | No | 🔴 Critical | Microsoft Hyper-V | AMD Processor | ICS/OT | Refer to CVE-2020-6100 NVD advisory |
UTC: 2020-07-20
EDT: 2020-07-20
SA: 2020-07-20
|
| Juniper |
CVE-2020-1647
CVSS 9.8 CVE-2020-1647 — On Juniper Networks SRX Series with ICAP (Internet Content Adapt… 📄 التفاصيل ← |
NVD | On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service ena… | No | 🔴 Critical | Juniper JunOS | APT | Update to v18.1 |
UTC: 2020-07-17
EDT: 2020-07-17
SA: 2020-07-17
|
| Juniper |
CVE-2020-1654
CVSS 9.8 CVE-2020-1654 — On Juniper Networks SRX Series with ICAP (Internet Content Adapt… 📄 التفاصيل ← |
NVD | On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service ena… | No | 🔴 Critical | Juniper JunOS | APT | Update to v18.1 |
UTC: 2020-07-17
EDT: 2020-07-17
SA: 2020-07-17
|
| VMware |
CVE-2020-14625
CVSS 9.8 CVE-2020-14625 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2020-07-15
EDT: 2020-07-15
SA: 2020-07-15
|
| VMware |
CVE-2020-14644
CVSS 9.8 CVE-2020-14644 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2020-07-15
EDT: 2020-07-15
SA: 2020-07-15
|
| VMware |
CVE-2020-14645
CVSS 9.8 CVE-2020-14645 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-07-15
EDT: 2020-07-15
SA: 2020-07-15
|
| VMware |
CVE-2020-14687
CVSS 9.8 CVE-2020-14687 — Vulnerability in the Oracle WebLogic Server product of Oracle F… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2020-07-15
EDT: 2020-07-15
SA: 2020-07-15
|
| Palo Alto |
CVE-2020-2021
CVSS 10 CVE-2020-2021 — When Security Assertion Markup Language (SAML) authentication is… 📄 التفاصيل ← |
NVD | When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Iden… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Palo Alto Panorama Managem | APT | Update to v9.1.3 |
UTC: 2020-06-29
EDT: 2020-06-29
SA: 2020-06-29
|
| Intel |
CVE-2020-0594
CVSS 9.8 CVE-2020-0594 — Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R… 📄 التفاصيل ← |
NVD | Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12… | No | 🔴 Critical | Intel Processor | Exploit | Update to v11.8.77 |
UTC: 2020-06-15
EDT: 2020-06-15
SA: 2020-06-15
|
| Intel |
CVE-2020-0595
CVSS 9.8 CVE-2020-0595 — Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) IS… 📄 التفاصيل ← |
NVD | Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77,… | No | 🔴 Critical | Intel Processor | Exploit | Update to v11.8.77 |
UTC: 2020-06-15
EDT: 2020-06-15
SA: 2020-06-15
|
| Cisco |
CVE-2020-3198
CVSS 9.8 CVE-2020-3198 — Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and… 📄 التفاصيل ← |
NVD | Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services … | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2020-06-03
EDT: 2020-06-03
SA: 2020-06-03
|
| Cisco |
CVE-2020-3227
CVSS 9.8 CVE-2020-3227 — A vulnerability in the authorization controls for the Cisco IOx … 📄 التفاصيل ← |
NVD | A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure i… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2020-06-03
EDT: 2020-06-03
SA: 2020-06-03
|
| Cisco |
CVE-2020-3258
CVSS 9.8 CVE-2020-3258 — Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and… 📄 التفاصيل ← |
NVD | Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services … | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2020-06-03
EDT: 2020-06-03
SA: 2020-06-03
|
| Intel |
CVE-2020-11844
CVSS 10 CVE-2020-11844 — Incorrect Authorization vulnerability in Micro Focus Container … 📄 التفاصيل ← |
NVD | Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affec… | No | 🔴 Critical | Intel Processor | Exploit | Update to v2018.05 |
UTC: 2020-05-29
EDT: 2020-05-29
SA: 2020-05-29
|
| Intel |
CVE-2020-1112
CVSS 9.9 CVE-2020-1112 — An elevation of privilege vulnerability exists when the Windows … 📄 التفاصيل ← |
NVD | An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Serv… | No | 🔴 Critical | Microsoft Windows | Intel Processor | Exploit | Microsoft Patch Tuesday |
UTC: 2020-05-21
EDT: 2020-05-21
SA: 2020-05-21
|
| Intel |
CVE-2020-6242
CVSS 9.8 CVE-2020-6242 — SAP Business Objects Business Intelligence Platform (Live Data C… 📄 التفاصيل ← |
NVD | SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2… | No | 🔴 Critical | Intel Processor | SAP | Exploit | Update to v1.0 |
UTC: 2020-05-12
EDT: 2020-05-12
SA: 2020-05-12
|
| Cisco |
CVE-2020-3125
CVSS 9.8 CVE-2020-3125 — A vulnerability in the Kerberos authentication feature of Cisco … 📄 التفاصيل ← |
NVD | A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) So… | No | 🔴 Critical | Cisco | APT | Cisco Security Advisory |
UTC: 2020-05-06
EDT: 2020-05-06
SA: 2020-05-06
|
| Cisco |
CVE-2020-3187
CVSS 9.1 CVE-2020-3187 — A vulnerability in the web services interface of Cisco Adaptive … 📄 التفاصيل ← |
NVD | A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software an… | Yes | 🔴 Critical | Cisco Firepower | Cisco | APT | Cisco Security Advisory |
UTC: 2020-05-06
EDT: 2020-05-06
SA: 2020-05-06
|
| Intel |
CVE-2020-11016
CVSS 9.1 CVE-2020-11016 — IntelMQ Manager from version 1.1.0 and before version 2.1.1 has… 📄 التفاصيل ← |
NVD | IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vulnerability where the backend in… | No | 🔴 Critical | Intel Processor | Exploit | Update to v1.1.0 |
UTC: 2020-04-30
EDT: 2020-04-30
SA: 2020-04-30
|
| VMware |
CVE-2020-3955
CVSS 9.3 CVE-2020-3955 — ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without… 📄 التفاصيل ← |
NVD | ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not p… | No | 🔴 Critical | VMware ESXi | Exploit | Refer to CVE-2020-3955 NVD advisory |
UTC: 2020-04-28
EDT: 2020-04-28
SA: 2020-04-28
|
| Intel |
CVE-2020-11690
CVSS 9.8 CVE-2020-11690 — In JetBrains IntelliJ IDEA before 2020.1, the license server co… 📄 التفاصيل ← |
NVD | In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host … | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2020-11690 NVD advisory |
UTC: 2020-04-22
EDT: 2020-04-22
SA: 2020-04-22
|
| VMware |
CVE-2020-2801
CVSS 9.8 CVE-2020-2801 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-04-15
EDT: 2020-04-15
SA: 2020-04-15
|
| VMware |
CVE-2020-2883
CVSS 9.8 CVE-2020-2883 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-04-15
EDT: 2020-04-15
SA: 2020-04-15
|
| VMware |
CVE-2020-2884
CVSS 9.8 CVE-2020-2884 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-04-15
EDT: 2020-04-15
SA: 2020-04-15
|
| Intel |
CVE-2020-2950
CVSS 9.8 CVE-2020-2950 — Vulnerability in the Oracle Business Intelligence Enterprise Edi… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle… | Yes | 🔴 Critical | Intel Processor | ICS/OT | Update to v5.5.0 |
UTC: 2020-04-15
EDT: 2020-04-15
SA: 2020-04-15
|
| Intel |
CVE-2020-6195
CVSS 9.8 CVE-2020-6195 — SAP Business Objects Business Intelligence Platform (CMC), versi… 📄 التفاصيل ← |
NVD | SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext passwor… | No | 🔴 Critical | Intel Processor | SAP | Exploit | Update to v4.1 |
UTC: 2020-04-14
EDT: 2020-04-14
SA: 2020-04-14
|
| VMware |
CVE-2020-3952
CVSS 9.8 CVE-2020-3952 — Under certain conditions, vmdir that ships with VMware vCenter S… 📄 التفاصيل ← |
NVD | Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or ext… | Yes | 🔴 Critical | VMware vCenter | Exploit | Refer to CVE-2020-3952 NVD advisory |
UTC: 2020-04-10
EDT: 2020-04-10
SA: 2020-04-10
|
| Juniper |
CVE-2020-1614
CVSS 10 CVE-2020-1614 — A Use of Hard-coded Credentials vulnerability exists in the NFX2… 📄 التفاصيل ← |
NVD | A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Netwo… | No | 🔴 Critical | A Use of | Exploit | Update to v19.2 |
UTC: 2020-04-08
EDT: 2020-04-08
SA: 2020-04-08
|
| Juniper |
CVE-2020-1615
CVSS 9.8 CVE-2020-1615 — The factory configuration for vMX installations, as shipped, inc… 📄 التفاصيل ← |
NVD | The factory configuration for vMX installations, as shipped, includes default credentials for the ro… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v17.1 |
UTC: 2020-04-08
EDT: 2020-04-08
SA: 2020-04-08
|
| Intel |
CVE-2020-6852
CVSS 9.8 CVE-2020-6852 — CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmw… 📄 التفاصيل ← |
NVD | CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 has weak authenticati… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2020-6852 NVD advisory |
UTC: 2020-04-02
EDT: 2020-04-02
SA: 2020-04-02
|
| iOS |
CVE-2015-5684
CVSS 9.8 CVE-2015-5684 — MITRE is populating this ID because it was assigned prior to Len… 📄 التفاصيل ← |
NVD | MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflo… | No | 🔴 Critical | Apple iOS | Exploit | Refer to CVE-2015-5684 NVD advisory |
UTC: 2020-03-27
EDT: 2020-03-27
SA: 2020-03-27
|
| Vulnerability |
CVE-2013-7487
CVSS 9.8 CVE-2013-7487 — On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharp… 📄 التفاصيل ← |
NVD | On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable cal… | No | 🔴 Critical | On Swann DVR04B, | Exploit | Refer to CVE-2013-7487 NVD advisory |
UTC: 2020-03-21
EDT: 2020-03-21
SA: 2020-03-21
|
| Web |
CVE-2014-1634
CVSS 9.8 CVE-2014-1634 — SQL Injection exists in Advanced Newsletter Magento extension be… 📄 التفاصيل ← |
NVD | SQL Injection exists in Advanced Newsletter Magento extension before 2.3.5 via the /store/advancedne… | No | 🔴 Critical | SQL Injection exists | Exploit | Refer to CVE-2014-1634 NVD advisory |
UTC: 2020-03-09
EDT: 2020-03-09
SA: 2020-03-09
|
| Vulnerability |
CVE-2015-0565
CVSS 10 CVE-2015-0565 — NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer a… 📄 التفاصيل ← |
NVD | NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. | No | 🔴 Critical | NaCl in 2015 | Exploit | Refer to CVE-2015-0565 NVD advisory |
UTC: 2020-02-25
EDT: 2020-02-25
SA: 2020-02-25
|
| DDoS |
CVE-2012-0828
CVSS 9.8 CVE-2012-0828 — Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-1… 📄 التفاصيل ← |
NVD | Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture… | No | 🔴 Critical | Heap-based buffer overflow | DDoS | Refer to CVE-2012-0828 NVD advisory |
UTC: 2020-02-21
EDT: 2020-02-21
SA: 2020-02-21
|
| Web |
CVE-2013-2018
CVSS 9.8 CVE-2013-2018 — Multiple SQL injection vulnerabilities in BOINC allow remote att… 📄 التفاصيل ← |
NVD | Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL comm… | No | 🔴 Critical | Multiple SQL injection | Exploit | Refer to CVE-2013-2018 NVD advisory |
UTC: 2020-02-20
EDT: 2020-02-20
SA: 2020-02-20
|
| Vulnerability |
CVE-2014-4678
CVSS 9.8 CVE-2014-4678 — The safe_eval function in Ansible before 1.6.4 does not properly… 📄 التفاصيل ← |
NVD | The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which all… | No | 🔴 Critical | The safe_eval function in Ansible before | Exploit | Refer to CVE-2014-4678 NVD advisory |
UTC: 2020-02-20
EDT: 2020-02-20
SA: 2020-02-20
|
| DDoS |
CVE-2014-3484
CVSS 9.8 CVE-2014-3484 — Multiple stack-based buffer overflows in the __dn_expand functio… 📄 التفاصيل ← |
NVD | Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl lib… | No | 🔴 Critical | Multiple stack-based buffer | DDoS | Refer to CVE-2014-3484 NVD advisory |
UTC: 2020-02-20
EDT: 2020-02-20
SA: 2020-02-20
|
| Vulnerability |
CVE-2014-4657
CVSS 9.8 CVE-2014-4657 — The safe_eval function in Ansible before 1.5.4 does not properly… 📄 التفاصيل ← |
NVD | The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which all… | No | 🔴 Critical | The safe_eval function in Ansible before | Exploit | Refer to CVE-2014-4657 NVD advisory |
UTC: 2020-02-20
EDT: 2020-02-20
SA: 2020-02-20
|
| Vulnerability |
CVE-2014-4650
CVSS 9.8 CVE-2014-4650 — The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not prop… 📄 التفاصيل ← |
NVD | The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encodi… | No | 🔴 Critical | The CGIHTTPServer module in Python | Exploit | Refer to CVE-2014-4650 NVD advisory |
UTC: 2020-02-20
EDT: 2020-02-20
SA: 2020-02-20
|
| Web |
CVE-2014-3622
CVSS 9.8 CVE-2014-3622 — Use-after-free vulnerability in the add_post_var function in the… 📄 التفاصيل ← |
NVD | Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x … | No | 🔴 Critical | Use-after-free vulnerability in | Exploit | Refer to CVE-2014-3622 NVD advisory |
UTC: 2020-02-19
EDT: 2020-02-19
SA: 2020-02-19
|
| Vulnerability |
CVE-2014-2228
CVSS 9.8 CVE-2014-2228 — The XStream extension in HP Fortify SCA before 2.2 RC3 allows re… 📄 التفاصيل ← |
NVD | The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote attackers to execute arbitrary … | No | 🔴 Critical | The XStream extension | Exploit | Refer to CVE-2014-2228 NVD advisory |
UTC: 2020-02-19
EDT: 2020-02-19
SA: 2020-02-19
|
| Vulnerability |
CVE-2014-2727
CVSS 9.8 CVE-2014-2727 — The STARTTLS implementation in MailMarshal before 7.2 allows pla… 📄 التفاصيل ← |
NVD | The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection. | No | 🔴 Critical | The STARTTLS implementation | Exploit | Refer to CVE-2014-2727 NVD advisory |
UTC: 2020-02-19
EDT: 2020-02-19
SA: 2020-02-19
|
| Web |
CVE-2014-9612
CVSS 9.8 CVE-2014-9612 — SQL injection vulnerability in remotereporter/load_logfiles.php … 📄 التفاصيل ← |
NVD | SQL injection vulnerability in remotereporter/load_logfiles.php in Netsweeper before 3.1.10, 4.0.x b… | No | 🔴 Critical | SQL injection vulnerability | Exploit | Refer to CVE-2014-9612 NVD advisory |
UTC: 2020-02-19
EDT: 2020-02-19
SA: 2020-02-19
|
| Web |
CVE-2014-9613
CVSS 9.8 CVE-2014-9613 — Multiple SQL injection vulnerabilities in Netsweeper before 2.6.… 📄 التفاصيل ← |
NVD | Multiple SQL injection vulnerabilities in Netsweeper before 2.6.29.10 allow remote attackers to exec… | No | 🔴 Critical | Multiple SQL injection | Exploit | Refer to CVE-2014-9613 NVD advisory |
UTC: 2020-02-19
EDT: 2020-02-19
SA: 2020-02-19
|
| Vulnerability |
CVE-2014-9614
CVSS 9.8 CVE-2014-9614 — The Web Panel in Netsweeper before 4.0.5 has a default password … 📄 التفاصيل ← |
NVD | The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account… | No | 🔴 Critical | The Web Panel in Netsweeper before | Exploit | Refer to CVE-2014-9614 NVD advisory |
UTC: 2020-02-19
EDT: 2020-02-19
SA: 2020-02-19
|
| Vulnerability |
CVE-2015-1425
CVSS 9.8 CVE-2015-1425 — JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities 📄 التفاصيل ← |
NVD | JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities | No | 🔴 Critical | JAKWEB Gecko CMS | Exploit | Refer to CVE-2015-1425 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Web |
CVE-2013-4454
CVSS 9.1 CVE-2013-4454 — WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security… 📄 التفاصيل ← |
NVD | WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2013-4454 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| DDoS |
CVE-2014-4651
CVSS 9.8 CVE-2014-4651 — It was found that the jclouds scriptbuilder Statements class wro… 📄 التفاصيل ← |
NVD | It was found that the jclouds scriptbuilder Statements class wrote a temporary file to a predictable… | No | 🔴 Critical | It was found | DDoS | Refer to CVE-2014-4651 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Vulnerability |
CVE-2015-6970
CVSS 9.8 CVE-2015-6970 — The web interface in Bosch Security Systems NBN-498 Dinion2X Day… 📄 التفاصيل ← |
NVD | The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmwar… | No | 🔴 Critical | The web interface | Exploit | Refer to CVE-2015-6970 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Vulnerability |
CVE-2014-4966
CVSS 9.8 CVE-2014-4966 — Ansible before 1.6.7 does not prevent inventory data with "… 📄 التفاصيل ← |
NVD | Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" subs… | No | 🔴 Critical | Ansible before | Exploit | Refer to CVE-2014-4966 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Vulnerability |
CVE-2014-4967
CVSS 9.8 CVE-2014-4967 — Multiple argument injection vulnerabilities in Ansible before 1.… 📄 التفاصيل ← |
NVD | Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execut… | No | 🔴 Critical | Multiple argument injection | Exploit | Refer to CVE-2014-4967 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Vulnerability |
CVE-2013-3323
CVSS 9.8 CVE-2013-3323 — A Privilege Escalation Vulnerability exists in IBM Maximo Asset … 📄 التفاصيل ← |
NVD | A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when W… | No | 🔴 Critical | A Privilege Escalation | Exploit | Refer to CVE-2013-3323 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Web |
CVE-2013-6295
CVSS 9.8 CVE-2013-6295 — PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesm… 📄 التفاصيل ← |
NVD | PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module | No | 🔴 Critical | PrestaShop | Exploit | Refer to CVE-2013-6295 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Vulnerability |
CVE-2014-3879
CVSS 9.8 CVE-2014-3879 — OpenPAM Nummularia 9.2 through 10.0 does not properly handle the… 📄 التفاصيل ← |
NVD | OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include dire… | No | 🔴 Critical | OpenPAM Nummularia | Exploit | Refer to CVE-2014-3879 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Web |
CVE-2015-7567
CVSS 9.8 CVE-2015-7567 — SQL injection vulnerability in Yeager CMS 1.2.1 allows remote at… 📄 التفاصيل ← |
NVD | SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL com… | No | 🔴 Critical | SQL injection vulnerability in Yeager CMS | Exploit | Refer to CVE-2015-7567 NVD advisory |
UTC: 2020-02-18
EDT: 2020-02-18
SA: 2020-02-18
|
| Vulnerability |
CVE-2013-3738
CVSS 9.8 CVE-2013-3738 — A File Inclusion vulnerability exists in Zabbix 2.0.6 due to ina… 📄 التفاصيل ← |
NVD | A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request stri… | No | 🔴 Critical | A File Inclusion | Exploit | Refer to CVE-2013-3738 NVD advisory |
UTC: 2020-02-17
EDT: 2020-02-17
SA: 2020-02-17
|
| Vulnerability |
CVE-2015-6922
CVSS 9.8 CVE-2015-6922 — Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8… 📄 التفاصيل ← |
NVD | Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0… | No | 🔴 Critical | Kaseya Virtual System | Exploit | Refer to CVE-2015-6922 NVD advisory |
UTC: 2020-02-17
EDT: 2020-02-17
SA: 2020-02-17
|
| Vulnerability |
CVE-2014-4981
CVSS 9.8 CVE-2014-4981 — LPAR2RRD in 3.5 and earlier allows remote attackers to execute a… 📄 التفاصيل ← |
NVD | LPAR2RRD in 3.5 and earlier allows remote attackers to execute arbitrary commands due to insufficien… | No | 🔴 Critical | LPAR2RRD in | Exploit | Refer to CVE-2014-4981 NVD advisory |
UTC: 2020-02-17
EDT: 2020-02-17
SA: 2020-02-17
|
| Vulnerability |
CVE-2014-7236
CVSS 9.1 CVE-2014-7236 — Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki be… 📄 التفاصيل ← |
NVD | Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers t… | No | 🔴 Critical | Eval injection vulnerability | Exploit | Refer to CVE-2014-7236 NVD advisory |
UTC: 2020-02-17
EDT: 2020-02-17
SA: 2020-02-17
|
| Web |
CVE-2014-8089
CVSS 9.8 CVE-2014-8089 — SQL injection vulnerability in Zend Framework before 1.12.9, 2.2… 📄 التفاصيل ← |
NVD | SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.… | No | 🔴 Critical | SQL injection vulnerability | Exploit | Refer to CVE-2014-8089 NVD advisory |
UTC: 2020-02-17
EDT: 2020-02-17
SA: 2020-02-17
|
| Intel |
CVE-2020-5531
CVSS 9.8 CVE-2020-5531 — Mitsubishi Electric MELSEC C Controller Module and MELIPC Series… 📄 التفاصيل ← |
NVD | Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller… | No | 🔴 Critical | Intel Processor | Malware | Refer to CVE-2020-5531 NVD advisory |
UTC: 2020-02-17
EDT: 2020-02-17
SA: 2020-02-17
|
| Web |
CVE-2013-4211
CVSS 9.8 CVE-2013-4211 — A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 … 📄 التفاصيل ← |
NVD | A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.… | No | 🔴 Critical | A Code Execution | Exploit | Refer to CVE-2013-4211 NVD advisory |
UTC: 2020-02-14
EDT: 2020-02-14
SA: 2020-02-14
|
| Vulnerability |
CVE-2014-3919
CVSS 9.3 CVE-2014-3919 — A vulnerability exists in Netgear CG3100 devices before 3.9.2421… 📄 التفاصيل ← |
NVD | A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp3 V0027 via an embed malicious… | No | 🔴 Critical | A vulnerability exists | Exploit | Refer to CVE-2014-3919 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Web |
CVE-2014-4170
CVSS 9.8 CVE-2014-4170 — A Privilege Escalation Vulnerability exists in Free Reprintables… 📄 التفاصيل ← |
NVD | A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insuffi… | No | 🔴 Critical | A Privilege Escalation | Exploit | Refer to CVE-2014-4170 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Vulnerability |
CVE-2014-4198
CVSS 9.1 CVE-2014-4198 — A Two-Factor Authentication Bypass Vulnerability exists in BS-Cl… 📄 التفاصيل ← |
NVD | A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via … | No | 🔴 Critical | A Two-Factor Authentication | Exploit | Refer to CVE-2014-4198 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Web |
CVE-2013-1400
CVSS 9.8 CVE-2013-1400 — Multiple SQL injection vulnerabilities in CWPPoll.js in WordPres… 📄 التفاصيل ← |
NVD | Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress all… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2013-1400 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Web |
CVE-2013-1401
CVSS 9.8 CVE-2013-1401 — Multiple security bypass vulnerabilities in the editAnswer, dele… 📄 التفاصيل ← |
NVD | Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll … | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2013-1401 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Vulnerability |
CVE-2013-6362
CVSS 9.8 CVE-2013-6362 — Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP… 📄 التفاصيل ← |
NVD | Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts. | No | 🔴 Critical | Xerox ColorCube and | Exploit | Refer to CVE-2013-6362 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Network |
CVE-2013-7098
CVSS 9.8 CVE-2013-7098 — OpenConnect VPN client with GnuTLS before 5.02 contains a heap o… 📄 التفاصيل ← |
NVD | OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on recon… | No | 🔴 Critical | OpenConnect VPN client with GnuTLS before | Exploit | Refer to CVE-2013-7098 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Network |
CVE-2013-7173
CVSS 9.8 CVE-2013-7173 — Belkin n750 routers have a buffer overflow. 📄 التفاصيل ← |
NVD | Belkin n750 routers have a buffer overflow. | No | 🔴 Critical | Belkin n750 routers | Exploit | Refer to CVE-2013-7173 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Vulnerability |
CVE-2013-7287
CVSS 9.8 CVE-2013-7287 — MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure en… 📄 التفاصيل ← |
NVD | MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme. | No | 🔴 Critical | MobileIron VSP < | Exploit | Refer to CVE-2013-7287 NVD advisory |
UTC: 2020-02-13
EDT: 2020-02-13
SA: 2020-02-13
|
| Red Hat |
CVE-2014-0234
CVSS 9.8 CVE-2014-0234 — The default configuration of broker.conf in Red Hat OpenShift En… 📄 التفاصيل ← |
NVD | The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a passwo… | No | 🔴 Critical | Red Hat Enterprise Linux | Exploit | Refer to CVE-2014-0234 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| NVIDIA |
CVE-2014-2595
CVSS 9.8 CVE-2014-2595 — Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote… 📄 التفاصيل ← |
NVD | Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication … | No | 🔴 Critical | Barracuda Web Application | Exploit | Refer to CVE-2014-2595 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| iOS |
CVE-2014-9390
CVSS 9.8 CVE-2014-9390 — Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.… 📄 التفاصيل ← |
NVD | Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2… | No | 🔴 Critical | Microsoft Windows | Exploit | Update to v0.21.2 |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Vulnerability |
CVE-2013-7378
CVSS 9.8 CVE-2013-7378 — scripts/email.coffee in the Hubot Scripts module before 2.4.4 fo… 📄 التفاصيل ← |
NVD | scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to… | No | 🔴 Critical | Node.js | Exploit | Refer to CVE-2013-7378 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Web |
CVE-2013-2010
CVSS 9.8 CVE-2013-2010 — WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Ex… 📄 التفاصيل ← |
NVD | WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2013-2010 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Vulnerability |
CVE-2013-7381
CVSS 9.8 CVE-2013-7381 — libnotify before 1.0.4 for Node.js allows remote attackers to ex… 📄 التفاصيل ← |
NVD | libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspeci… | No | 🔴 Critical | Node.js | Exploit | Refer to CVE-2013-7381 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Web |
CVE-2015-5617
CVSS 9.8 CVE-2015-5617 — SQL injection vulnerability in pub/m_pending_news/delete_pending… 📄 التفاصيل ← |
NVD | SQL injection vulnerability in pub/m_pending_news/delete_pending_news.jsp in Enorth Webpublisher CMS… | No | 🔴 Critical | SQL injection vulnerability | Exploit | Refer to CVE-2015-5617 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Vulnerability |
CVE-2013-6236
CVSS 9.8 CVE-2013-6236 — IZON IP 2.0.2: hard-coded password vulnerability 📄 التفاصيل ← |
NVD | IZON IP 2.0.2: hard-coded password vulnerability | No | 🔴 Critical | IZON IP | Exploit | Refer to CVE-2013-6236 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Office |
CVE-2013-3725
CVSS 9.8 CVE-2013-3725 — Invision Power Board (IPB) through 3.x allows admin account take… 📄 التفاصيل ← |
NVD | Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution. | No | 🔴 Critical | Invision Power Board | Exploit | Refer to CVE-2013-3725 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Web |
CVE-2011-4906
CVSS 9.8 CVE-2011-4906 — Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allo… 📄 التفاصيل ← |
NVD | Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP cod… | No | 🔴 Critical | Joomla | Exploit | Refer to CVE-2011-4906 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Web |
CVE-2011-4908
CVSS 9.8 CVE-2011-4908 — TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary fi… 📄 التفاصيل ← |
NVD | TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php. | No | 🔴 Critical | Joomla | Exploit | Refer to CVE-2011-4908 NVD advisory |
UTC: 2020-02-12
EDT: 2020-02-12
SA: 2020-02-12
|
| Office |
CVE-2013-4267
CVSS 9.8 CVE-2013-4267 — Ajaxeplorer before 5.0.1 allows remote attackers to execute arbi… 📄 التفاصيل ← |
NVD | Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharact… | No | 🔴 Critical | Ajaxeplorer before | Exploit | Refer to CVE-2013-4267 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Web |
CVE-2013-5945
CVSS 9.8 CVE-2013-5945 — Multiple SQL injection vulnerabilities in D-Link DSR-150 with fi… 📄 التفاصيل ← |
NVD | Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with… | No | 🔴 Critical | Multiple SQL injection | APT | Refer to CVE-2013-5945 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Network |
CVE-2013-1360
CVSS 9.8 CVE-2013-1360 — An Authentication Bypass vulnerability exists in DELL SonicWALL … 📄 التفاصيل ← |
NVD | An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, … | No | 🔴 Critical | An Authentication Bypass | Exploit | Refer to CVE-2013-1360 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| DDoS |
CVE-2014-2052
CVSS 9.8 CVE-2014-2052 — Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0… 📄 التفاصيل ← |
NVD | Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attac… | No | 🔴 Critical | Zend Framework, as | DDoS | Refer to CVE-2014-2052 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Web |
CVE-2013-0803
CVSS 9.8 CVE-2013-0803 — A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via … 📄 التفاصيل ← |
NVD | A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malici… | No | 🔴 Critical | A PHP File | Exploit | Refer to CVE-2013-0803 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Network |
CVE-2013-1359
CVSS 9.8 CVE-2013-1359 — An Authentication Bypass Vulnerability exists in DELL SonicWALL … 📄 التفاصيل ← |
NVD | An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management Syst… | No | 🔴 Critical | An Authentication Bypass | Exploit | Refer to CVE-2013-1359 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Vulnerability |
CVE-2013-1607
CVSS 9.8 CVE-2013-1607 — Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerabilit… 📄 التفاصيل ← |
NVD | Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability | No | 🔴 Critical | Ruby PDFKit gem prior to | Exploit | Refer to CVE-2013-1607 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Vulnerability |
CVE-2013-2057
CVSS 9.8 CVE-2013-2057 — YaBB through 2.5.2: 'guestlanguage' Cookie Parameter L… 📄 التفاصيل ← |
NVD | YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability | No | 🔴 Critical | YaBB | Exploit | Refer to CVE-2013-2057 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Web |
CVE-2013-3684
CVSS 9.8 CVE-2013-3684 — NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.p… 📄 التفاصيل ← |
NVD | NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2013-3684 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Web |
CVE-2014-9753
CVSS 9.8 CVE-2014-9753 — confirm.php in ATutor 2.2 and earlier allows remote attackers to… 📄 التفاصيل ← |
NVD | confirm.php in ATutor 2.2 and earlier allows remote attackers to bypass authentication and gain acce… | No | 🔴 Critical | confirm.php in ATutor | Exploit | Refer to CVE-2014-9753 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Web |
CVE-2012-1124
CVSS 9.8 CVE-2012-1124 — SQL injection vulnerability in search.php in phxEventManager 2.0… 📄 التفاصيل ← |
NVD | SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to e… | No | 🔴 Critical | SQL injection vulnerability | Exploit | Refer to CVE-2012-1124 NVD advisory |
UTC: 2020-02-11
EDT: 2020-02-11
SA: 2020-02-11
|
| Linux |
CVE-2012-6611
CVSS 9.8 CVE-2012-6611 — An issue was discovered in Polycom Web Management Interface G3/H… 📄 التفاصيل ← |
NVD | An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 s… | No | 🔴 Critical | An issue was | Exploit | Refer to CVE-2012-6611 NVD advisory |
UTC: 2020-02-10
EDT: 2020-02-10
SA: 2020-02-10
|
| Web |
CVE-2011-3642
CVSS 9.6 CVE-2011-3642 — Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2… 📄 التفاصيل ← |
NVD | Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the Ne… | No | 🔴 Critical | Cross-site scripting (XSS) | Exploit | Refer to CVE-2011-3642 NVD advisory |
UTC: 2020-02-08
EDT: 2020-02-08
SA: 2020-02-08
|
| Web |
CVE-2014-8739
CVSS 9.8 CVE-2014-8739 — Unrestricted file upload vulnerability in server/php/UploadHandl… 📄 التفاصيل ← |
NVD | Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plu… | Yes | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2014-8739 NVD advisory |
UTC: 2020-02-08
EDT: 2020-02-08
SA: 2020-02-08
|
| Vulnerability |
CVE-2015-5741
CVSS 9.8 CVE-2015-5741 — The net/http library in net/http/transfer.go in Go before 1.4.3 … 📄 التفاصيل ← |
NVD | The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers… | No | 🔴 Critical | The net/http library | Exploit | Refer to CVE-2015-5741 NVD advisory |
UTC: 2020-02-08
EDT: 2020-02-08
SA: 2020-02-08
|
| Vulnerability |
CVE-2013-4334
CVSS 9.8 CVE-2013-4334 — opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities 📄 التفاصيل ← |
NVD | opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities | No | 🔴 Critical | opWebAPIPlugin | Exploit | Refer to CVE-2013-4334 NVD advisory |
UTC: 2020-02-07
EDT: 2020-02-07
SA: 2020-02-07
|
| Vulnerability |
CVE-2013-4335
CVSS 9.8 CVE-2013-4335 — opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multipl… 📄 التفاصيل ← |
NVD | opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vuln… | No | 🔴 Critical | opOpenSocialPlugin | Exploit | Refer to CVE-2013-4335 NVD advisory |
UTC: 2020-02-07
EDT: 2020-02-07
SA: 2020-02-07
|
| Vulnerability |
CVE-2014-9530
CVSS 9.8 CVE-2014-9530 — A vulnerability exists in nw.js before 0.11.3 when calling nw me… 📄 التفاصيل ← |
NVD | A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has … | No | 🔴 Critical | A vulnerability exists in nw.js before | Exploit | Refer to CVE-2014-9530 NVD advisory |
UTC: 2020-02-07
EDT: 2020-02-07
SA: 2020-02-07
|
| Web |
CVE-2014-5087
CVSS 9.8 CVE-2014-5087 — A vulnerability exists in Sphider Search Engine prior to 1.3.6 d… 📄 التفاصيل ← |
NVD | A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfunc… | No | 🔴 Critical | A vulnerability exists | Exploit | Refer to CVE-2014-5087 NVD advisory |
UTC: 2020-02-07
EDT: 2020-02-07
SA: 2020-02-07
|
| Web |
CVE-2014-5091
CVSS 9.8 CVE-2014-5091 — A vulnerability exits in Status2K 2.5 Server Monitoring Software… 📄 التفاصيل ← |
NVD | A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includ… | No | 🔴 Critical | A vulnerability exits in Status2K | Exploit | Refer to CVE-2014-5091 NVD advisory |
UTC: 2020-02-07
EDT: 2020-02-07
SA: 2020-02-07
|
| Network |
CVE-2013-3091
CVSS 9.8 CVE-2013-3091 — An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1… 📄 التفاصيل ← |
NVD | An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to … | No | 🔴 Critical | An Authentication Bypass | Exploit | Refer to CVE-2013-3091 NVD advisory |
UTC: 2020-02-07
EDT: 2020-02-07
SA: 2020-02-07
|
| Vulnerability |
CVE-2015-2909
CVSS 9.8 CVE-2015-2909 — Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and D… 📄 التفاصيل ← |
NVD | Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to … | No | 🔴 Critical | Dedicated Micros DV-IP | Exploit | Refer to CVE-2015-2909 NVD advisory |
UTC: 2020-02-06
EDT: 2020-02-06
SA: 2020-02-06
|
| Vulnerability |
CVE-2013-4521
CVSS 9.8 CVE-2013-4521 — RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and… 📄 التفاصيل ← |
NVD | RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restric… | No | 🔴 Critical | RichFaces implementation in | Exploit | Refer to CVE-2013-4521 NVD advisory |
UTC: 2020-02-06
EDT: 2020-02-06
SA: 2020-02-06
|
| Vulnerability |
CVE-2012-6306
CVSS 9.8 CVE-2012-6306 — A vulnerability exists in HCView (aka Hardcoreview) 1.4 due to a… 📄 التفاصيل ← |
NVD | A vulnerability exists in HCView (aka Hardcoreview) 1.4 due to a write access violation with a GIF f… | No | 🔴 Critical | A vulnerability exists | Exploit | Refer to CVE-2012-6306 NVD advisory |
UTC: 2020-02-06
EDT: 2020-02-06
SA: 2020-02-06
|
| Vulnerability |
CVE-2010-4815
CVSS 9.8 CVE-2010-4815 — Coppermine gallery before 1.4.26 has an input validation vulnera… 📄 التفاصيل ← |
NVD | Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code executio… | No | 🔴 Critical | Coppermine gallery before | Exploit | Refer to CVE-2010-4815 NVD advisory |
UTC: 2020-02-05
EDT: 2020-02-05
SA: 2020-02-05
|
| DDoS |
CVE-2015-5626
CVSS 9.8 CVE-2015-5626 — Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 … 📄 التفاصيل ← |
NVD | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50… | No | 🔴 Critical | Stack-based buffer overflow | DDoS | Microsoft Patch Tuesday |
UTC: 2020-02-05
EDT: 2020-02-05
SA: 2020-02-05
|
| DDoS |
CVE-2015-5627
CVSS 9.8 CVE-2015-5627 — Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 … 📄 التفاصيل ← |
NVD | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50… | No | 🔴 Critical | Stack-based buffer overflow | DDoS | Microsoft Patch Tuesday |
UTC: 2020-02-05
EDT: 2020-02-05
SA: 2020-02-05
|
| Vulnerability |
CVE-2015-5628
CVSS 9.8 CVE-2015-5628 — Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 … 📄 التفاصيل ← |
NVD | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50… | No | 🔴 Critical | Stack-based buffer overflow | Exploit | Microsoft Patch Tuesday |
UTC: 2020-02-05
EDT: 2020-02-05
SA: 2020-02-05
|
| Cisco |
CVE-2013-2681
CVSS 9.8 CVE-2013-2681 — Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security By… 📄 التفاصيل ← |
NVD | Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow… | No | 🔴 Critical | Cisco | Exploit | Cisco Security Advisory |
UTC: 2020-02-05
EDT: 2020-02-05
SA: 2020-02-05
|
| Web |
CVE-2011-1151
CVSS 9.1 CVE-2011-1151 — Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_orde… 📄 التفاصيل ← |
NVD | Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters. | No | 🔴 Critical | Joomla | Exploit | Refer to CVE-2011-1151 NVD advisory |
UTC: 2020-02-05
EDT: 2020-02-05
SA: 2020-02-05
|
| DDoS |
CVE-2011-1517
CVSS 9.8 CVE-2011-1517 — SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Ser… 📄 التفاصيل ← |
NVD | SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagT… | No | 🔴 Critical | SAP | DDoS | Refer to CVE-2011-1517 NVD advisory |
UTC: 2020-02-05
EDT: 2020-02-05
SA: 2020-02-05
|
| Vulnerability |
CVE-2012-5618
CVSS 9.8 CVE-2012-5618 — Ushahidi before 2.6.1 has insufficient entropy for forgot-passwo… 📄 التفاصيل ← |
NVD | Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens. | No | 🔴 Critical | Ushahidi before | Exploit | Refer to CVE-2012-5618 NVD advisory |
UTC: 2020-02-04
EDT: 2020-02-04
SA: 2020-02-04
|
| Vulnerability |
CVE-2012-5686
CVSS 9.8 CVE-2012-5686 — ZPanel 10.0.1 has insufficient entropy for its password reset pr… 📄 التفاصيل ← |
NVD | ZPanel 10.0.1 has insufficient entropy for its password reset process. | No | 🔴 Critical | ZPanel | Exploit | Refer to CVE-2012-5686 NVD advisory |
UTC: 2020-02-04
EDT: 2020-02-04
SA: 2020-02-04
|
| Vulnerability |
CVE-2013-7052
CVSS 9.8 CVE-2013-7052 — D-Link DIR-100 4.03B07: security bypass via an error in the clig… 📄 التفاصيل ← |
NVD | D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script | No | 🔴 Critical | D-Link DIR-100 | Exploit | Refer to CVE-2013-7052 NVD advisory |
UTC: 2020-02-04
EDT: 2020-02-04
SA: 2020-02-04
|
| Vulnerability |
CVE-2013-7055
CVSS 9.8 CVE-2013-7055 — D-Link DIR-100 4.03B07 has PPTP and poe information disclosure 📄 التفاصيل ← |
NVD | D-Link DIR-100 4.03B07 has PPTP and poe information disclosure | No | 🔴 Critical | D-Link DIR-100 | Exploit | Refer to CVE-2013-7055 NVD advisory |
UTC: 2020-02-04
EDT: 2020-02-04
SA: 2020-02-04
|
| Vulnerability |
CVE-2015-3613
CVSS 9.8 CVE-2015-3613 — A vulnerability exists in in FortiManager 5.2.1 and earlier and … 📄 التفاصيل ← |
NVD | A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP … | No | 🔴 Critical | Fortinet FortiManager | Exploit | Refer to CVE-2015-3613 NVD advisory |
UTC: 2020-02-04
EDT: 2020-02-04
SA: 2020-02-04
|
| Web |
CVE-2014-5039
CVSS 9.6 CVE-2014-5039 — Cross-site scripting (XSS) vulnerability in Eucalyptus Managemen… 📄 التفاصيل ← |
NVD | Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 a… | No | 🔴 Critical | Cross-site scripting (XSS) | Exploit | Refer to CVE-2014-5039 NVD advisory |
UTC: 2020-01-31
EDT: 2020-01-31
SA: 2020-01-31
|
| Vulnerability |
CVE-2014-8322
CVSS 9.8 CVE-2014-8322 — Stack-based buffer overflow in the tcp_test function in aireplay… 📄 التفاصيل ← |
NVD | Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1… | No | 🔴 Critical | Stack-based buffer overflow | Exploit | Refer to CVE-2014-8322 NVD advisory |
UTC: 2020-01-31
EDT: 2020-01-31
SA: 2020-01-31
|
| Vulnerability |
CVE-2014-2025
CVSS 9.8 CVE-2014-2025 — Unrestricted file upload vulnerability in an unspecified third p… 📄 التفاصيل ← |
NVD | Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx P… | No | 🔴 Critical | Unrestricted file upload | Exploit | Refer to CVE-2014-2025 NVD advisory |
UTC: 2020-01-31
EDT: 2020-01-31
SA: 2020-01-31
|
| Vulnerability |
CVE-2013-1350
CVSS 9.1 CVE-2013-1350 — Verax NMS prior to 2.1.0 has multiple security bypass vulnerabil… 📄 التفاصيل ← |
NVD | Verax NMS prior to 2.1.0 has multiple security bypass vulnerabilities | No | 🔴 Critical | Verax NMS prior to | Exploit | Refer to CVE-2013-1350 NVD advisory |
UTC: 2020-01-30
EDT: 2020-01-30
SA: 2020-01-30
|
| Web |
CVE-2014-3719
CVSS 9.8 CVE-2014-3719 — Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi i… 📄 التفاصيل ← |
NVD | Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated li… | No | 🔴 Critical | Multiple SQL injection | Exploit | Refer to CVE-2014-3719 NVD advisory |
UTC: 2020-01-30
EDT: 2020-01-30
SA: 2020-01-30
|
| Web |
CVE-2013-2198
CVSS 9.8 CVE-2013-2198 — The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x bef… 📄 التفاصيل ← |
NVD | The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attack… | No | 🔴 Critical | Drupal | Exploit | Refer to CVE-2013-2198 NVD advisory |
UTC: 2020-01-30
EDT: 2020-01-30
SA: 2020-01-30
|
| Vulnerability |
CVE-2013-2568
CVSS 9.8 CVE-2013-2568 — A Command Injection vulnerability exists in Zavio IP Cameras thr… 📄 التفاصيل ← |
NVD | A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /… | No | 🔴 Critical | A Command Injection | Exploit | Refer to CVE-2013-2568 NVD advisory |
UTC: 2020-01-29
EDT: 2020-01-29
SA: 2020-01-29
|
| Vulnerability |
CVE-2013-2570
CVSS 9.8 CVE-2013-2570 — A Command Injection vulnerability exists in Zavio IP Cameras thr… 📄 التفاصيل ← |
NVD | A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.S… | No | 🔴 Critical | A Command Injection | Exploit | Refer to CVE-2013-2570 NVD advisory |
UTC: 2020-01-29
EDT: 2020-01-29
SA: 2020-01-29
|
| Vulnerability |
CVE-2013-3215
CVSS 9.8 CVE-2013-3215 — vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vu… 📄 التفاصيل ← |
NVD | vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authenti… | No | 🔴 Critical | vtiger CRM | Exploit | Refer to CVE-2013-3215 NVD advisory |
UTC: 2020-01-29
EDT: 2020-01-29
SA: 2020-01-29
|
| Vulnerability |
CVE-2013-2573
CVSS 9.8 CVE-2013-2573 — A Command Injection vulnerability exists in the ap parameter to … 📄 التفاصيل ← |
NVD | A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi fi… | No | 🔴 Critical | A Command Injection | Exploit | Refer to CVE-2013-2573 NVD advisory |
UTC: 2020-01-29
EDT: 2020-01-29
SA: 2020-01-29
|
| Vulnerability |
CVE-2013-3316
CVSS 9.8 CVE-2013-3316 — Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Auth… 📄 التفاصيل ← |
NVD | Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server … | No | 🔴 Critical | Netgear WNR1000v3 with firmware before | Exploit | Refer to CVE-2013-3316 NVD advisory |
UTC: 2020-01-29
EDT: 2020-01-29
SA: 2020-01-29
|
| Vulnerability |
CVE-2013-3317
CVSS 9.8 CVE-2013-3317 — Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Auth… 📄 التفاصيل ← |
NVD | Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak ke… | No | 🔴 Critical | Netgear WNR1000v3 with firmware before | Exploit | Refer to CVE-2013-3317 NVD advisory |
UTC: 2020-01-29
EDT: 2020-01-29
SA: 2020-01-29
|
| Vulnerability |
CVE-2013-1437
CVSS 9.8 CVE-2013-1437 — Eval injection vulnerability in the Module-Metadata module befor… 📄 التفاصيل ← |
NVD | Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote at… | No | 🔴 Critical | Eval injection vulnerability | Exploit | Refer to CVE-2013-1437 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Vulnerability |
CVE-2013-2571
CVSS 9.8 CVE-2013-2571 — Iris 3.8 before build 1548, as used in Xpient point of sale (POS… 📄 التفاصيل ← |
NVD | Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers t… | No | 🔴 Critical | Iris | Exploit | Refer to CVE-2013-2571 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Web |
CVE-2014-3445
CVSS 9.8 CVE-2014-3445 — backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not re… 📄 التفاصيل ← |
NVD | backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext pas… | No | 🔴 Critical | backup.php in HandsomeWeb | Exploit | Refer to CVE-2014-3445 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Red Hat |
CVE-2013-2060
CVSS 9.8 CVE-2013-2060 — The download_from_url function in OpenShift Origin allows remote… 📄 التفاصيل ← |
NVD | The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary comm… | No | 🔴 Critical | The download_from_url function | Exploit | Refer to CVE-2013-2060 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Vulnerability |
CVE-2014-2896
CVSS 9.8 CVE-2014-2896 — The DoAlert function in the (1) TLS and (2) DTLS implementations… 📄 التفاصيل ← |
NVD | The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allo… | No | 🔴 Critical | The DoAlert function | Exploit | Refer to CVE-2014-2896 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Vulnerability |
CVE-2014-2897
CVSS 9.8 CVE-2014-2897 — The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.… 📄 التفاصيل ← |
NVD | The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length … | No | 🔴 Critical | The SSL 3 | Exploit | Refer to CVE-2014-2897 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Vulnerability |
CVE-2014-2898
CVSS 9.8 CVE-2014-2898 — wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unsp… 📄 التفاصيل ← |
NVD | wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to… | No | 🔴 Critical | wolfSSL CyaSSL before | Exploit | Refer to CVE-2014-2898 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Vulnerability |
CVE-2014-2914
CVSS 9.8 CVE-2014-2914 — fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict acces… 📄 التفاصيل ← |
NVD | fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access to the configuration service (aka … | No | 🔴 Critical | fish (aka fish-shell) | Exploit | Refer to CVE-2014-2914 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Web |
CVE-2013-4864
CVSS 9.8 CVE-2013-4864 — MiCasaVerde VeraLite with firmware 1.5.408 allows remote attacke… 📄 التفاصيل ← |
NVD | MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet… | No | 🔴 Critical | MiCasaVerde VeraLite with firmware | Exploit | Refer to CVE-2013-4864 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| DDoS |
CVE-2015-8011
CVSS 9.8 CVE-2015-8011 — Buffer overflow in the lldp_decode function in daemon/protocols/… 📄 التفاصيل ← |
NVD | Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows … | No | 🔴 Critical | Buffer overflow in | DDoS | Refer to CVE-2015-8011 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Vulnerability |
CVE-2013-1599
CVSS 9.8 CVE-2013-1599 — A Command Injection vulnerability exists in the /var/www/cgi-bin… 📄 التفاصيل ← |
NVD | A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Camera… | No | 🔴 Critical | A Command Injection | Exploit | Refer to CVE-2013-1599 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Network |
CVE-2013-2748
CVSS 9.8 CVE-2013-2748 — Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remo… 📄 التفاصيل ← |
NVD | Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary fil… | No | 🔴 Critical | Belkin Wemo Switch | Exploit | Refer to CVE-2013-2748 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Vulnerability |
CVE-2013-3071
CVSS 9.8 CVE-2013-3071 — NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow au… 📄 التفاصيل ← |
NVD | NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. | No | 🔴 Critical | NETGEAR Centria WNDR4700 | Exploit | Refer to CVE-2013-3071 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Web |
CVE-2013-3214
CVSS 9.8 CVE-2013-3214 — vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulner… 📄 التفاصيل ← |
NVD | vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php… | No | 🔴 Critical | vtiger CRM | Exploit | Refer to CVE-2013-3214 NVD advisory |
UTC: 2020-01-28
EDT: 2020-01-28
SA: 2020-01-28
|
| Web |
CVE-2012-1495
CVSS 9.8 CVE-2012-1495 — install/index.php in WebCalendar before 1.2.5 allows remote atta… 📄 التفاصيل ← |
NVD | install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via … | No | 🔴 Critical | install/index.php in WebCalendar | Exploit | Refer to CVE-2012-1495 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Vulnerability |
CVE-2013-3486
CVSS 9.6 CVE-2013-3486 — IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulner… 📄 التفاصيل ← |
NVD | IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability | No | 🔴 Critical | IrfanView FlashPix Plugin | Exploit | Refer to CVE-2013-3486 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Vulnerability |
CVE-2013-3492
CVSS 9.8 CVE-2013-3492 — XnView 2.03 has a stack-based buffer overflow vulnerability 📄 التفاصيل ← |
NVD | XnView 2.03 has a stack-based buffer overflow vulnerability | No | 🔴 Critical | XnView | Exploit | Refer to CVE-2013-3492 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Vulnerability |
CVE-2013-3493
CVSS 9.8 CVE-2013-3493 — XnView 2.03 has an integer overflow vulnerability 📄 التفاصيل ← |
NVD | XnView 2.03 has an integer overflow vulnerability | No | 🔴 Critical | XnView | Exploit | Refer to CVE-2013-3493 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Web |
CVE-2013-4462
CVSS 9.1 CVE-2013-4462 — WordPress Portable phpMyAdmin Plugin has an authentication bypas… 📄 التفاصيل ← |
NVD | WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2013-4462 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Web |
CVE-2015-0244
CVSS 9.8 CVE-2015-0244 — PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.… 📄 التفاصيل ← |
NVD | PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x be… | No | 🔴 Critical | PostgreSQL | Exploit | Refer to CVE-2015-0244 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Vulnerability |
CVE-2013-4441
CVSS 9.8 CVE-2013-4441 — The Phonemes mode in Pwgen 2.06 generates predictable passwords,… 📄 التفاصيل ← |
NVD | The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-d… | No | 🔴 Critical | The Phonemes mode in Pwgen | Exploit | Refer to CVE-2013-4441 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Vulnerability |
CVE-2013-7390
CVSS 9.8 CVE-2013-7390 — Unrestricted file upload vulnerability in AgentLogUploadServlet … 📄 التفاصيل ← |
NVD | Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x a… | No | 🔴 Critical | Unrestricted file upload | Exploit | Refer to CVE-2013-7390 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Office |
CVE-2014-8741
CVSS 9.8 CVE-2014-8741 — Directory traversal vulnerability in the GfdFileUploadServerlet … 📄 التفاصيل ← |
NVD | Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterp… | No | 🔴 Critical | Directory traversal vulnerability | Exploit | Refer to CVE-2014-8741 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Vulnerability |
CVE-2014-8563
CVSS 9.8 CVE-2014-8563 — Synacor Zimbra Collaboration before 8.0.9 allows plaintext comma… 📄 التفاصيل ← |
NVD | Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS. | No | 🔴 Critical | Synacor Zimbra Collaboration before | Exploit | Refer to CVE-2014-8563 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Vulnerability |
CVE-2013-2612
CVSS 9.8 CVE-2013-2612 — Command-injection vulnerability in Huawei E587 3G Mobile Hotspot… 📄 التفاصيل ← |
NVD | Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers t… | No | 🔴 Critical | Command-injection vulnerability in | Exploit | Refer to CVE-2013-2612 NVD advisory |
UTC: 2020-01-27
EDT: 2020-01-27
SA: 2020-01-27
|
| Intel |
CVE-2020-7999
CVSS 9.8 CVE-2020-7999 — The Intellian Aptus application 1.0.2 for Android has hardcoded … 📄 التفاصيل ← |
NVD | The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE… | No | 🔴 Critical | Android | Intel Processor | APT | Refer to CVE-2020-7999 NVD advisory |
UTC: 2020-01-26
EDT: 2020-01-26
SA: 2020-01-26
|
| Intel |
CVE-2020-8000
CVSS 9.8 CVE-2020-8000 — Intellian Aptus Web 1.24 has a hardcoded password of 12345678 fo… 📄 التفاصيل ← |
NVD | Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account. | No | 🔴 Critical | Intel Processor | APT | Refer to CVE-2020-8000 NVD advisory |
UTC: 2020-01-26
EDT: 2020-01-26
SA: 2020-01-26
|
| Intel |
CVE-2020-8001
CVSS 9.8 CVE-2020-8001 — The Intellian Aptus application 1.0.2 for Android has a hardcode… 📄 التفاصيل ← |
NVD | The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the mast… | No | 🔴 Critical | Android | Intel Processor | APT | Refer to CVE-2020-8001 NVD advisory |
UTC: 2020-01-26
EDT: 2020-01-26
SA: 2020-01-26
|
| Vulnerability |
CVE-2013-1744
CVSS 9.8 CVE-2013-1744 — IRIS citations management tool through 1.3 allows remote attacke… 📄 التفاصيل ← |
NVD | IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands. | No | 🔴 Critical | IRIS citations management tool | Exploit | Refer to CVE-2013-1744 NVD advisory |
UTC: 2020-01-25
EDT: 2020-01-25
SA: 2020-01-25
|
| AMD |
CVE-2019-5183
CVSS 9 CVE-2019-5183 — An exploitable type confusion vulnerability exists in AMD ATIDXX… 📄 التفاصيل ← |
NVD | An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.… | No | 🔴 Critical | AMD Processor | Exploit | Update to v26.20.13031 |
UTC: 2020-01-25
EDT: 2020-01-25
SA: 2020-01-25
|
| Intel |
CVE-2020-7980
CVSS 9.8 CVE-2020-7980 — Intellian Aptus Web 1.24 allows remote attackers to execute arbi… 📄 التفاصيل ← |
NVD | Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field wi… | Yes | 🔴 Critical | Intel Processor | APT | Refer to CVE-2020-7980 NVD advisory |
UTC: 2020-01-25
EDT: 2020-01-25
SA: 2020-01-25
|
| Vulnerability |
CVE-2012-6451
CVSS 9.8 CVE-2012-6451 — Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication … 📄 التفاصيل ← |
NVD | Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability | No | 🔴 Critical | Lorex LNC116 and | Exploit | Refer to CVE-2012-6451 NVD advisory |
UTC: 2020-01-24
EDT: 2020-01-24
SA: 2020-01-24
|
| Vulnerability |
CVE-2013-3960
CVSS 9.9 CVE-2013-3960 — Easytime Studio Easy File Manager 1.1 has a HTTP request securit… 📄 التفاصيل ← |
NVD | Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass | No | 🔴 Critical | Easytime Studio Easy File Manager | Exploit | Refer to CVE-2013-3960 NVD advisory |
UTC: 2020-01-24
EDT: 2020-01-24
SA: 2020-01-24
|
| Vulnerability |
CVE-2013-4333
CVSS 9.1 CVE-2013-4333 — OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has… 📄 التفاصيل ← |
NVD | OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulner… | No | 🔴 Critical | OpenPNE 3 | Exploit | Update to v3.8.7 |
UTC: 2020-01-24
EDT: 2020-01-24
SA: 2020-01-24
|
| Web |
CVE-2014-1924
CVSS 9.8 CVE-2014-1924 — The MARC framework import/export function (admin/import_export_f… 📄 التفاصيل ← |
NVD | The MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, … | No | 🔴 Critical | The MARC framework | Exploit | Refer to CVE-2014-1924 NVD advisory |
UTC: 2020-01-24
EDT: 2020-01-24
SA: 2020-01-24
|
| Web |
CVE-2014-1925
CVSS 9.8 CVE-2014-1925 — SQL injection vulnerability in the MARC framework import/export … 📄 التفاصيل ← |
NVD | SQL injection vulnerability in the MARC framework import/export function (admin/import_export_framew… | No | 🔴 Critical | SQL injection vulnerability | Exploit | Refer to CVE-2014-1925 NVD advisory |
UTC: 2020-01-24
EDT: 2020-01-24
SA: 2020-01-24
|
| DDoS |
CVE-2015-4042
CVSS 9.8 CVE-2015-4042 — Integer overflow in the keycompare_mb function in sort.c in sort… 📄 التفاصيل ← |
NVD | Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might… | No | 🔴 Critical | Integer overflow in | DDoS | Refer to CVE-2015-4042 NVD advisory |
UTC: 2020-01-24
EDT: 2020-01-24
SA: 2020-01-24
|
| DDoS |
CVE-2013-1595
CVSS 9.8 CVE-2013-1595 — A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Came… 📄 التفاصيل ← |
NVD | A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially c… | No | 🔴 Critical | A Buffer Overflow | DDoS | Refer to CVE-2013-1595 NVD advisory |
UTC: 2020-01-24
EDT: 2020-01-24
SA: 2020-01-24
|
| Web |
CVE-2014-4172
CVSS 9.8 CVE-2014-4172 — A URL parameter injection vulnerability was found in the back-ch… 📄 التفاصيل ← |
NVD | A URL parameter injection vulnerability was found in the back-channel ticket validation step of the … | No | 🔴 Critical | A URL parameter | Exploit | Refer to CVE-2014-4172 NVD advisory |
UTC: 2020-01-24
EDT: 2020-01-24
SA: 2020-01-24
|
| Vulnerability |
CVE-2012-2087
CVSS 9.8 CVE-2012-2087 — ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod… 📄 التفاصيل ← |
NVD | ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client… | No | 🔴 Critical | ISPConfig | Exploit | Refer to CVE-2012-2087 NVD advisory |
UTC: 2020-01-23
EDT: 2020-01-23
SA: 2020-01-23
|
| Web |
CVE-2012-5699
CVSS 9.8 CVE-2012-5699 — BabyGekko before 1.2.4 allows PHP file inclusion. 📄 التفاصيل ← |
NVD | BabyGekko before 1.2.4 allows PHP file inclusion. | No | 🔴 Critical | BabyGekko before | Exploit | Refer to CVE-2012-5699 NVD advisory |
UTC: 2020-01-23
EDT: 2020-01-23
SA: 2020-01-23
|
| Vulnerability |
CVE-2012-5867
CVSS 9.8 CVE-2012-5867 — HT Editor 2.0.20 has a Remote Stack Buffer Overflow Vulnerabilit… 📄 التفاصيل ← |
NVD | HT Editor 2.0.20 has a Remote Stack Buffer Overflow Vulnerability | No | 🔴 Critical | HT Editor | Exploit | Refer to CVE-2012-5867 NVD advisory |
UTC: 2020-01-23
EDT: 2020-01-23
SA: 2020-01-23
|
| Android |
CVE-2013-6792
CVSS 9.8 CVE-2013-6792 — Google Android prior to 4.4 has an APK Signature Security Bypass… 📄 التفاصيل ← |
NVD | Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability | No | 🔴 Critical | Android 14/13 | Exploit | Refer to CVE-2013-6792 NVD advisory |
UTC: 2020-01-23
EDT: 2020-01-23
SA: 2020-01-23
|
| OT/ICS |
CVE-2013-1592
CVSS 9.8 CVE-2013-1592 — A Buffer Overflow vulnerability exists in the Message Server ser… 📄 التفاصيل ← |
NVD | A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() functio… | No | 🔴 Critical | SAP | ICS/OT | Refer to CVE-2013-1592 NVD advisory |
UTC: 2020-01-23
EDT: 2020-01-23
SA: 2020-01-23
|
| DDoS |
CVE-2015-5334
CVSS 9.8 CVE-2015-5334 — Off-by-one error in the OBJ_obj2txt function in LibreSSL before … 📄 التفاصيل ← |
NVD | Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cau… | No | 🔴 Critical | Off-by-one error in | DDoS | Refer to CVE-2015-5334 NVD advisory |
UTC: 2020-01-23
EDT: 2020-01-23
SA: 2020-01-23
|
| Web |
CVE-2012-6649
CVSS 9.8 CVE-2012-6649 — WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to e… 📄 التفاصيل ← |
NVD | WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improp… | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2012-6649 NVD advisory |
UTC: 2020-01-23
EDT: 2020-01-23
SA: 2020-01-23
|
| Fortinet |
CVE-2019-16153
CVSS 9.8 CVE-2019-16153 — A hard-coded password vulnerability in the Fortinet FortiSIEM d… 📄 التفاصيل ← |
NVD | A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and b… | No | 🔴 Critical | Fortinet | Exploit | Update to v5.2.5 | Fortinet PSIRT Advisory |
UTC: 2020-01-23
EDT: 2020-01-23
SA: 2020-01-23
|
| Vulnerability |
CVE-2011-4943
CVSS 9.8 CVE-2011-4943 — ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (… 📄 التفاصيل ← |
NVD | ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13) | No | 🔴 Critical | ImpressPages CMS | Exploit | Refer to CVE-2011-4943 NVD advisory |
UTC: 2020-01-22
EDT: 2020-01-22
SA: 2020-01-22
|
| Vulnerability |
CVE-2011-3614
CVSS 9.8 CVE-2011-3614 — An Access Control vulnerability exists in the Facebook, Twitter,… 📄 التفاصيل ← |
NVD | An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla For… | No | 🔴 Critical | An Access Control | Exploit | Refer to CVE-2011-3614 NVD advisory |
UTC: 2020-01-22
EDT: 2020-01-22
SA: 2020-01-22
|
| Vulnerability |
CVE-2011-3621
CVSS 9.8 CVE-2011-3621 — A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_B… 📄 التفاصيل ← |
NVD | A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled. | No | 🔴 Critical | A reverse proxy | Exploit | Refer to CVE-2011-3621 NVD advisory |
UTC: 2020-01-22
EDT: 2020-01-22
SA: 2020-01-22
|
| Web |
CVE-2012-4919
CVSS 9.8 CVE-2012-4919 — Gallery Plugin1.4 for WordPress has a Remote File Include Vulner… 📄 التفاصيل ← |
NVD | Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability | No | 🔴 Critical | WordPress 6.5.x | Exploit | Refer to CVE-2012-4919 NVD advisory |
UTC: 2020-01-22
EDT: 2020-01-22
SA: 2020-01-22
|
| Web |
CVE-2011-4094
CVSS 9.8 CVE-2011-4094 — Jara 1.6 has a SQL injection vulnerability. 📄 التفاصيل ← |
NVD | Jara 1.6 has a SQL injection vulnerability. | No | 🔴 Critical | Jara | Exploit | Refer to CVE-2011-4094 NVD advisory |
UTC: 2020-01-21
EDT: 2020-01-21
SA: 2020-01-21
|
| Vulnerability |
CVE-2012-5190
CVSS 9.8 CVE-2012-5190 — Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerabi… 📄 التفاصيل ← |
NVD | Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability | No | 🔴 Critical | Prizm Content Connect | Exploit | Refer to CVE-2012-5190 NVD advisory |
UTC: 2020-01-21
EDT: 2020-01-21
SA: 2020-01-21
|
| Vulnerability |
CVE-2015-2784
CVSS 9.8 CVE-2015-2784 — The papercrop gem before 0.3.0 for Ruby on Rails does not proper… 📄 التفاصيل ← |
NVD | The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input. | No | 🔴 Critical | The papercrop gem before | Exploit | Refer to CVE-2015-2784 NVD advisory |
UTC: 2020-01-21
EDT: 2020-01-21
SA: 2020-01-21
|
| Vulnerability |
CVE-2014-5007
CVSS 9.8 CVE-2014-5007 — Directory traversal vulnerability in the agentLogUploader servle… 📄 التفاصيل ← |
NVD | Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Centr… | No | 🔴 Critical | Directory traversal vulnerability | Exploit | Refer to CVE-2014-5007 NVD advisory |
UTC: 2020-01-17
EDT: 2020-01-17
SA: 2020-01-17
|
| Vulnerability |
CVE-2015-7874
CVSS 9.8 CVE-2015-7874 — Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p a… 📄 التفاصيل ← |
NVD | Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers t… | No | 🔴 Critical | Buffer overflow in | Exploit | Refer to CVE-2015-7874 NVD advisory |
UTC: 2020-01-15
EDT: 2020-01-15
SA: 2020-01-15
|
| Web |
CVE-2005-4891
CVSS 9.8 CVE-2005-4891 — Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQ… 📄 التفاصيل ← |
NVD | Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allow… | No | 🔴 Critical | Simple Machine Forum | Exploit | Update to v1.0.4 |
UTC: 2020-01-15
EDT: 2020-01-15
SA: 2020-01-15
|
| Vulnerability |
CVE-2007-4773
CVSS 9.8 CVE-2007-4773 — Systrace before 1.6.0 has insufficient escape policy enforcement… 📄 التفاصيل ← |
NVD | Systrace before 1.6.0 has insufficient escape policy enforcement. | No | 🔴 Critical | Systrace before | Exploit | Refer to CVE-2007-4773 NVD advisory |
UTC: 2020-01-15
EDT: 2020-01-15
SA: 2020-01-15
|
| Vulnerability |
CVE-2015-5952
CVSS 9.8 CVE-2015-5952 — Directory traversal vulnerability in Thomson Reuters for FATCA b… 📄 التفاصيل ← |
NVD | Directory traversal vulnerability in Thomson Reuters for FATCA before 5.2 allows remote attackers to… | No | 🔴 Critical | Directory traversal vulnerability | Exploit | Refer to CVE-2015-5952 NVD advisory |
UTC: 2020-01-15
EDT: 2020-01-15
SA: 2020-01-15
|
| Vulnerability |
CVE-2009-1120
CVSS 9.8 CVE-2009-1120 — EMC RepliStor Server Service before ESA-09-003 has a DoASOComman… 📄 التفاصيل ← |
NVD | EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerabilit… | No | 🔴 Critical | EMC RepliStor Server | Exploit | Refer to CVE-2009-1120 NVD advisory |
UTC: 2020-01-15
EDT: 2020-01-15
SA: 2020-01-15
|
| VMware |
CVE-2020-2546
CVSS 9.8 CVE-2020-2546 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Applicat… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-01-15
EDT: 2020-01-15
SA: 2020-01-15
|
| VMware |
CVE-2020-2551
CVSS 9.8 CVE-2020-2551 — Vulnerability in the Oracle WebLogic Server product of Oracle Fu… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2020-01-15
EDT: 2020-01-15
SA: 2020-01-15
|
| Vulnerability |
CVE-2015-8366
CVSS 9.8 CVE-2015-8366 — Array index error in smal_decode_segment function in LibRaw befo… 📄 التفاصيل ← |
NVD | Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent a… | No | 🔴 Critical | Array index error | Exploit | Refer to CVE-2015-8366 NVD advisory |
UTC: 2020-01-14
EDT: 2020-01-14
SA: 2020-01-14
|
| Vulnerability |
CVE-2015-8367
CVSS 9.8 CVE-2015-8367 — The phase_one_correct function in Libraw before 0.17.1 allows at… 📄 التفاصيل ← |
NVD | The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and p… | No | 🔴 Critical | The phase_one_correct function | Exploit | Refer to CVE-2015-8367 NVD advisory |
UTC: 2020-01-14
EDT: 2020-01-14
SA: 2020-01-14
|
| Web |
CVE-2011-3203
CVSS 9.8 CVE-2011-3203 — A Code Execution vulnerability exists the attachment parameter t… 📄 التفاصيل ← |
NVD | A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 a… | No | 🔴 Critical | A Code Execution | Exploit | Refer to CVE-2011-3203 NVD advisory |
UTC: 2020-01-14
EDT: 2020-01-14
SA: 2020-01-14
|
| Web |
CVE-2011-2715
CVSS 9.8 CVE-2011-2715 — An SQL Injection vulnerability exists in Drupal 6.20 with Data 6… 📄 التفاصيل ← |
NVD | An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient s… | No | 🔴 Critical | Drupal | Exploit | Refer to CVE-2011-2715 NVD advisory |
UTC: 2020-01-14
EDT: 2020-01-14
SA: 2020-01-14
|
| Vulnerability |
CVE-2014-5381
CVSS 9.8 CVE-2014-5381 — Grand MA 300 allows a brute-force attack on the PIN. 📄 التفاصيل ← |
NVD | Grand MA 300 allows a brute-force attack on the PIN. | No | 🔴 Critical | Grand MA 300 | Exploit | Refer to CVE-2014-5381 NVD advisory |
UTC: 2020-01-13
EDT: 2020-01-13
SA: 2020-01-13
|
| Vulnerability |
CVE-2013-6225
CVSS 9.8 CVE-2013-6225 — LiveZilla 5.0.1.4 has a Remote Code Execution vulnerability 📄 التفاصيل ← |
NVD | LiveZilla 5.0.1.4 has a Remote Code Execution vulnerability | No | 🔴 Critical | LiveZilla | Exploit | Refer to CVE-2013-6225 NVD advisory |
UTC: 2020-01-13
EDT: 2020-01-13
SA: 2020-01-13
|
| DDoS |
CVE-2012-4750
CVSS 9.8 CVE-2012-4750 — A Code Execution vulnerability exists in the memcpy function whe… 📄 التفاصيل ← |
NVD | A Code Execution vulnerability exists in the memcpy function when processing AMF requests in Ezhomet… | No | 🔴 Critical | A Code Execution | DDoS | Refer to CVE-2012-4750 NVD advisory |
UTC: 2020-01-13
EDT: 2020-01-13
SA: 2020-01-13
|
| Vulnerability |
CVE-2014-4982
CVSS 9.8 CVE-2014-4982 — LPAR2RRD ≤ 4.53 and ≤ 3.5 has arbitrary command injection on the… 📄 التفاصيل ← |
NVD | LPAR2RRD ≤ 4.53 and ≤ 3.5 has arbitrary command injection on the application server. | No | 🔴 Critical | LPAR2RRD ≤ 4.53 | Exploit | Refer to CVE-2014-4982 NVD advisory |
UTC: 2020-01-10
EDT: 2020-01-10
SA: 2020-01-10
|
| Web |
CVE-2014-4984
CVSS 9.8 CVE-2014-4984 — Déjà Vu Crescendo Sales CRM has remote SQL Injection 📄 التفاصيل ← |
NVD | Déjà Vu Crescendo Sales CRM has remote SQL Injection | No | 🔴 Critical | Déjà Vu Crescendo | Exploit | Refer to CVE-2014-4984 NVD advisory |
UTC: 2020-01-10
EDT: 2020-01-10
SA: 2020-01-10
|
| Vulnerability |
CVE-2014-5081
CVSS 9.8 CVE-2014-5081 — sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-pl… 📄 التفاصيل ← |
NVD | sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication… | No | 🔴 Critical | sphider prior to | Exploit | Refer to CVE-2014-5081 NVD advisory |
UTC: 2020-01-10
EDT: 2020-01-10
SA: 2020-01-10
|
| Vulnerability |
CVE-2013-7380
CVSS 9.8 CVE-2013-7380 — The Etherpad Lite ep_imageconvert Plugin has a Remote Command In… 📄 التفاصيل ← |
NVD | The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability | No | 🔴 Critical | The Etherpad Lite | Exploit | Refer to CVE-2013-7380 NVD advisory |
UTC: 2020-01-10
EDT: 2020-01-10
SA: 2020-01-10
|
| Vulnerability |
CVE-2014-5093
CVSS 9.8 CVE-2014-5093 — Status2k does not remove the install directory allowing credenti… 📄 التفاصيل ← |
NVD | Status2k does not remove the install directory allowing credential reset. | No | 🔴 Critical | Status2k does not | Exploit | Refer to CVE-2014-5093 NVD advisory |
UTC: 2020-01-10
EDT: 2020-01-10
SA: 2020-01-10
|
| Web |
CVE-2011-5020
CVSS 9.8 CVE-2011-5020 — An SQL Injection vulnerability exists in the ID parameter in Onl… 📄 التفاصيل ← |
NVD | An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011. | No | 🔴 Critical | An SQL Injection | Exploit | Refer to CVE-2011-5020 NVD advisory |
UTC: 2020-01-10
EDT: 2020-01-10
SA: 2020-01-10
|
| iOS |
CVE-2012-4284
CVSS 9.8 CVE-2012-4284 — A Privilege Escalation vulnerability exists in Viscosity 1.4.1 o… 📄 التفاصيل ← |
NVD | A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name valida… | No | 🔴 Critical | A Privilege Escalation | Exploit | Refer to CVE-2012-4284 NVD advisory |
UTC: 2020-01-10
EDT: 2020-01-10
SA: 2020-01-10
|
| Vulnerability |
CVE-2014-2650
CVSS 9.8 CVE-2014-2650 — Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP … 📄 التفاصيل ← |
NVD | Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerab… | No | 🔴 Critical | Unify OpenStage / | Exploit | Refer to CVE-2014-2650 NVD advisory |
UTC: 2020-01-09
EDT: 2020-01-09
SA: 2020-01-09
|
| Vulnerability |
CVE-2014-2651
CVSS 9.8 CVE-2014-2651 — Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 ha… 📄 التفاصيل ← |
NVD | Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the de… | No | 🔴 Critical | Unify OpenStage/OpenScape Desk | Exploit | Refer to CVE-2014-2651 NVD advisory |
UTC: 2020-01-09
EDT: 2020-01-09
SA: 2020-01-09
|
| Vulnerability |
CVE-2014-3448
CVSS 9.8 CVE-2014-3448 — BSS Continuity CMS 4.2.22640.0 has a Remote Code Execution vulne… 📄 التفاصيل ← |
NVD | BSS Continuity CMS 4.2.22640.0 has a Remote Code Execution vulnerability due to unauthenticated file… | No | 🔴 Critical | BSS Continuity CMS | Exploit | Refer to CVE-2014-3448 NVD advisory |
UTC: 2020-01-09
EDT: 2020-01-09
SA: 2020-01-09
|
| Vulnerability |
CVE-2014-3449
CVSS 9.8 CVE-2014-3449 — BSS Continuity CMS 4.2.22640.0 has an Authentication Bypass vuln… 📄 التفاصيل ← |
NVD | BSS Continuity CMS 4.2.22640.0 has an Authentication Bypass vulnerability | No | 🔴 Critical | BSS Continuity CMS | Exploit | Refer to CVE-2014-3449 NVD advisory |
UTC: 2020-01-09
EDT: 2020-01-09
SA: 2020-01-09
|
| Web |
CVE-2012-1259
CVSS 9.8 CVE-2012-1259 — Multiple SQL injection vulnerabilities in Plixer International S… 📄 التفاصيل ← |
NVD | Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analy… | No | 🔴 Critical | Multiple SQL injection | Exploit | Update to v9.0.1 |
UTC: 2020-01-09
EDT: 2020-01-09
SA: 2020-01-09
|
| Web |
CVE-2012-2714
CVSS 9.8 CVE-2012-2714 — The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 fo… 📄 التفاصيل ← |
NVD | The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to … | No | 🔴 Critical | Drupal | Exploit | Refer to CVE-2012-2714 NVD advisory |
UTC: 2020-01-09
EDT: 2020-01-09
SA: 2020-01-09
|
| Office |
CVE-2012-2226
CVSS 9.8 CVE-2012-2226 — Invision Power Board before 3.3.1 fails to sanitize user-supplie… 📄 التفاصيل ← |
NVD | Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote att… | No | 🔴 Critical | Invision Power Board before | Exploit | Refer to CVE-2012-2226 NVD advisory |
UTC: 2020-01-09
EDT: 2020-01-09
SA: 2020-01-09
|
| Vulnerability |
CVE-2012-3807
CVSS 9.8 CVE-2012-3807 — Samsung Kies before 2.5.0.12094_27_11 has arbitrary file executi… 📄 التفاصيل ← |
NVD | Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution. | No | 🔴 Critical | Samsung Kies before | Exploit | Refer to CVE-2012-3807 NVD advisory |
UTC: 2020-01-09
EDT: 2020-01-09
SA: 2020-01-09
|
| Vulnerability |
CVE-2014-1598
CVSS 9.8 CVE-2014-1598 — centurystar 7.12 ActiveX Control has a Stack Buffer Overflow 📄 التفاصيل ← |
NVD | centurystar 7.12 ActiveX Control has a Stack Buffer Overflow | No | 🔴 Critical | centurystar | Exploit | Refer to CVE-2014-1598 NVD advisory |
UTC: 2020-01-08
EDT: 2020-01-08
SA: 2020-01-08
|
| Vulnerability |
CVE-2014-1409
CVSS 9.1 CVE-2014-1409 — MobileIron VSP versions prior to 5.9.1 and Sentry versions prior… 📄 التفاصيل ← |
NVD | MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypas… | No | 🔴 Critical | MobileIron VSP | Exploit | Update to v5.9.1 |
UTC: 2020-01-08
EDT: 2020-01-08
SA: 2020-01-08
|
| Web |
CVE-2014-1860
CVSS 9.8 CVE-2014-1860 — Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilitie… 📄 التفاصيل ← |
NVD | Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities | No | 🔴 Critical | Contao CMS | Exploit | Refer to CVE-2014-1860 NVD advisory |
UTC: 2020-01-08
EDT: 2020-01-08
SA: 2020-01-08
|
| Vulnerability |
CVE-2014-2072
CVSS 9.8 CVE-2014-2072 — Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to … 📄 التفاصيل ← |
NVD | Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to inadequate boundary checks | No | 🔴 Critical | Dassault Systemes Catia | Exploit | Refer to CVE-2014-2072 NVD advisory |
UTC: 2020-01-08
EDT: 2020-01-08
SA: 2020-01-08
|
| Network |
CVE-2011-5266
CVSS 9.8 CVE-2011-5266 — Imperva SecureSphere Web Application Firewall (WAF) before 12-au… 📄 التفاصيل ← |
NVD | Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filte… | No | 🔴 Critical | Imperva SecureSphere Web | Exploit | Refer to CVE-2011-5266 NVD advisory |
UTC: 2020-01-08
EDT: 2020-01-08
SA: 2020-01-08
|
| Cisco |
CVE-2013-5122
CVSS 9.8 CVE-2013-5122 — Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can c… 📄 التفاصيل ← |
NVD | Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open whic… | No | 🔴 Critical | Cisco | Exploit | Cisco Security Advisory |
UTC: 2020-01-07
EDT: 2020-01-07
SA: 2020-01-07
|
| Web |
CVE-2014-8673
CVSS 9.8 CVE-2014-8673 — Multiple SQL vulnerabilities exist in planning.php, user_list.ph… 📄 التفاصيل ← |
NVD | Multiple SQL vulnerabilities exist in planning.php, user_list.php, projets.php, user_groupes.php, an… | No | 🔴 Critical | Multiple SQL vulnerabilities | Exploit | Refer to CVE-2014-8673 NVD advisory |
UTC: 2020-01-07
EDT: 2020-01-07
SA: 2020-01-07
|
| Web |
CVE-2015-5951
CVSS 9.9 CVE-2015-5951 — A file upload issue exists in the specid parameter in Thomson Re… 📄 التفاصيل ← |
NVD | A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows… | No | 🔴 Critical | A file upload | Exploit | Refer to CVE-2015-5951 NVD advisory |
UTC: 2020-01-06
EDT: 2020-01-06
SA: 2020-01-06
|
| Vulnerability |
CVE-2012-5878
CVSS 9.8 CVE-2012-5878 — Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0… 📄 التفاصيل ← |
NVD | Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to exec… | No | 🔴 Critical | Bulb Security Smartphone | Exploit | Refer to CVE-2012-5878 NVD advisory |
UTC: 2020-01-03
EDT: 2020-01-03
SA: 2020-01-03
|
| Web |
CVE-2014-8337
CVSS 9.8 CVE-2014-8337 — Unrestricted file upload vulnerability in includes/classes/uploa… 📄 التفاصيل ← |
NVD | Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZ… | No | 🔴 Critical | Unrestricted file upload | Exploit | Refer to CVE-2014-8337 NVD advisory |
UTC: 2020-01-03
EDT: 2020-01-03
SA: 2020-01-03
|
| Vulnerability |
CVE-2014-8516
CVSS 9.8 CVE-2014-8516 — Unrestricted file upload vulnerability in Visual Mining NetChart… 📄 التفاصيل ← |
NVD | Unrestricted file upload vulnerability in Visual Mining NetCharts Server allows remote attackers to … | No | 🔴 Critical | Unrestricted file upload | Exploit | Refer to CVE-2014-8516 NVD advisory |
UTC: 2020-01-03
EDT: 2020-01-03
SA: 2020-01-03
|
| Containers |
CVE-2014-0048
CVSS 9.8 CVE-2014-0048 — An issue was found in Docker before 1.6.0. Some programs and scr… 📄 التفاصيل ← |
NVD | An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HT… | No | 🔴 Critical | Docker | Exploit | Refer to CVE-2014-0048 NVD advisory |
UTC: 2020-01-02
EDT: 2020-01-02
SA: 2020-01-02
|
| Vulnerability |
CVE-2013-3941
CVSS 9.8 CVE-2013-3941 — Xjp2.dll in XnView before 2.13 allows remote attackers to execut… 📄 التفاصيل ← |
NVD | Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz pa… | No | 🔴 Critical | Xjp2.dll in XnView before | Exploit | Refer to CVE-2013-3941 NVD advisory |
UTC: 2020-01-02
EDT: 2020-01-02
SA: 2020-01-02
|
| DDoS |
CVE-2014-0011
CVSS 9.8 CVE-2014-0011 — Multiple heap-based buffer overflows in the ZRLE_DECODE function… 📄 التفاصيل ← |
NVD | Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h in Tiger… | No | 🔴 Critical | Multiple heap-based buffer | DDoS | Refer to CVE-2014-0011 NVD advisory |
UTC: 2020-01-02
EDT: 2020-01-02
SA: 2020-01-02
|
| Web |
CVE-2022-50993
CVSS 9.8 CVE-2022-50993 — Weaver (Fanwei) E-office versions prior to 10.0_20221201 contai… 📄 التفاصيل ← |
NVD | Weaver (Fanwei) E-office versions prior to 10.0_20221201 contain an unauthenticated arbitrary file u… | No | 🔴 Critical | PHP | Exploit | Update to v10.0 |
UTC: 2020-01-01
EDT: 2020-01-01
SA: 2020-01-01
|
| Intel |
CVE-2019-11107
CVSS 9.8 CVE-2019-11107 — Insufficient input validation in the subsystem for Intel(R) AMT… 📄 التفاصيل ← |
NVD | Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an … | No | 🔴 Critical | Intel Processor | Exploit | Update to v12.0.45 |
UTC: 2019-12-18
EDT: 2019-12-18
SA: 2019-12-18
|
| Intel |
CVE-2019-11131
CVSS 9.8 CVE-2019-11131 — Logic issue in subsystem in Intel(R) AMT before versions 11.8.7… 📄 التفاصيل ← |
NVD | Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may… | No | 🔴 Critical | Intel Processor | Exploit | Update to v11.8.70 |
UTC: 2019-12-18
EDT: 2019-12-18
SA: 2019-12-18
|
| VMware |
CVE-2019-5544
CVSS 9.8 CVE-2019-5544 — OpenSLP as used in ESXi and the Horizon DaaS appliances has a he… 📄 التفاصيل ← |
NVD | OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evalu… | Yes | 🔴 Critical | VMware ESXi | Exploit | Refer to CVE-2019-5544 NVD advisory |
UTC: 2019-12-06
EDT: 2019-12-06
SA: 2019-12-06
|
| VMware |
CVE-2019-5541
CVSS 9.1 CVE-2019-5541 — VMware Workstation (15.x before 15.5.1) and Fusion (11.x before … 📄 التفاصيل ← |
NVD | VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds wri… | No | 🔴 Critical | VMware | APT | Refer to CVE-2019-5541 NVD advisory |
UTC: 2019-11-20
EDT: 2019-11-20
SA: 2019-11-20
|
| Intel |
CVE-2019-11168
CVSS 9.1 CVE-2019-11168 — Insufficient session validation in Intel(R) Baseboard Managemen… 📄 التفاصيل ← |
NVD | Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an un… | No | 🔴 Critical | Intel Processor | DDoS | Refer to CVE-2019-11168 NVD advisory |
UTC: 2019-11-14
EDT: 2019-11-14
SA: 2019-11-14
|
| Intel |
CVE-2019-11171
CVSS 9.8 CVE-2019-11171 — Heap corruption in Intel(R) Baseboard Management Controller fir… 📄 التفاصيل ← |
NVD | Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated us… | No | 🔴 Critical | Intel Processor | DDoS | Refer to CVE-2019-11171 NVD advisory |
UTC: 2019-11-14
EDT: 2019-11-14
SA: 2019-11-14
|
| Windows |
CVE-2019-1373
CVSS 9.8 CVE-2019-1373 — A remote code execution vulnerability exists in Microsoft Exchan… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of me… | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2019-11-12
EDT: 2019-11-12
SA: 2019-11-12
|
| AMD |
CVE-2019-5049
CVSS 10 CVE-2019-5049 — An exploitable memory corruption vulnerability exists in AMD ATI… 📄 التفاصيل ← |
NVD | An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.150… | No | 🔴 Critical | AMD Processor | Exploit | Update to v25.20.15031 |
UTC: 2019-10-31
EDT: 2019-10-31
SA: 2019-10-31
|
| Intel |
CVE-2019-17600
CVSS 9.8 CVE-2019-17600 — Intelbras IWR 1000N 1.6.4 devices allow disclosure of the admin… 📄 التفاصيل ← |
NVD | Intelbras IWR 1000N 1.6.4 devices allow disclosure of the administrator login name and password beca… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2019-17600 NVD advisory |
UTC: 2019-10-15
EDT: 2019-10-15
SA: 2019-10-15
|
| Intel |
CVE-2019-17269
CVSS 9.8 CVE-2019-17269 — Intellian Remote Access 3.18 allows remote attackers to execute… 📄 التفاصيل ← |
NVD | Intellian Remote Access 3.18 allows remote attackers to execute arbitrary OS commands via shell meta… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2019-17269 NVD advisory |
UTC: 2019-10-06
EDT: 2019-10-06
SA: 2019-10-06
|
| VMware |
CVE-2019-5521
CVSS 9.6 CVE-2019-5521 — VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi… 📄 التفاصيل ← |
NVD | VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x be… | No | 🔴 Critical | VMware ESXi | ICS/OT | Refer to CVE-2019-5521 NVD advisory |
UTC: 2019-09-20
EDT: 2019-09-20
SA: 2019-09-20
|
| Cisco |
CVE-2019-12643
CVSS 10 CVE-2019-12643 — A vulnerability in the Cisco REST API virtual service container… 📄 التفاصيل ← |
NVD | A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allo… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2019-08-28
EDT: 2019-08-28
SA: 2019-08-28
|
| Fortinet |
CVE-2019-6695
CVSS 9.8 CVE-2019-6695 — Lack of root file system integrity checking in Fortinet FortiMan… 📄 التفاصيل ← |
NVD | Lack of root file system integrity checking in Fortinet FortiManager VM application images of 6.2.0,… | No | 🔴 Critical | Fortinet FortiManager | Exploit | Fortinet PSIRT Advisory |
UTC: 2019-08-23
EDT: 2019-08-23
SA: 2019-08-23
|
| Office |
CVE-2019-1205
CVSS 9.8 CVE-2019-1205 — A remote code execution vulnerability exists in Microsoft Word s… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly ha… | No | 🔴 Critical | A remote code | ICS/OT | Microsoft Patch Tuesday |
UTC: 2019-08-14
EDT: 2019-08-14
SA: 2019-08-14
|
| VMware |
CVE-2019-2856
CVSS 9.8 CVE-2019-2856 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: App… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2019-07-23
EDT: 2019-07-23
SA: 2019-07-23
|
| Office |
CVE-2019-1109
CVSS 9.1 CVE-2019-1109 — A spoofing vulnerability exists when Microsoft Office Javascript… 📄 التفاصيل ← |
NVD | A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the … | No | 🔴 Critical | A spoofing vulnerability | Exploit | Microsoft Patch Tuesday |
UTC: 2019-07-15
EDT: 2019-07-15
SA: 2019-07-15
|
| Intel |
CVE-2019-10104
CVSS 9.8 CVE-2019-10104 — In several JetBrains IntelliJ IDEA Ultimate versions, an Applic… 📄 التفاصيل ← |
NVD | In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for T… | No | 🔴 Critical | Intel Processor | Exploit | Update to v2018.3.4 |
UTC: 2019-07-03
EDT: 2019-07-03
SA: 2019-07-03
|
| Intel |
CVE-2019-9186
CVSS 9.8 CVE-2019-9186 — In several JetBrains IntelliJ IDEA versions, a Spring Boot run c… 📄 التفاصيل ← |
NVD | In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default settin… | No | 🔴 Critical | Spring Framework | Intel Processor | Exploit | Update to v2019.1 |
UTC: 2019-07-03
EDT: 2019-07-03
SA: 2019-07-03
|
| Intel |
CVE-2019-9823
CVSS 9.8 CVE-2019-9823 — In several JetBrains IntelliJ IDEA versions, creating remote run… 📄 التفاصيل ← |
NVD | In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE applicatio… | No | 🔴 Critical | Intel Processor | Exploit | Update to v2018.3.5 |
UTC: 2019-07-03
EDT: 2019-07-03
SA: 2019-07-03
|
| Intel |
CVE-2019-9873
CVSS 9.8 CVE-2019-9873 — In several versions of JetBrains IntelliJ IDEA Ultimate, creatin… 📄 التفاصيل ← |
NVD | In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads … | No | 🔴 Critical | Intel Processor | Exploit | Update to v2019.1 |
UTC: 2019-07-03
EDT: 2019-07-03
SA: 2019-07-03
|
| VMware |
CVE-2019-2729
CVSS 9.8 CVE-2019-2729 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2019-06-19
EDT: 2019-06-19
SA: 2019-06-19
|
| Intel |
CVE-2019-11119
CVSS 9.8 CVE-2019-11119 — Insufficient session validation in the service API for Intel(R)… 📄 التفاصيل ← |
NVD | Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may al… | No | 🔴 Critical | Intel Processor | Exploit | Update to v4.1 |
UTC: 2019-06-13
EDT: 2019-06-13
SA: 2019-06-13
|
| Intel |
CVE-2018-7121
CVSS 9.8 CVE-2018-7121 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2018-7124
CVSS 9.8 CVE-2018-7124 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-11944
CVSS 9.8 CVE-2019-11944 — A remote code execution vulnerability was identified in HPE Int… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-11945
CVSS 9.8 CVE-2019-11945 — A remote code execution vulnerability was identified in HPE Int… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-5347
CVSS 9.8 CVE-2019-5347 — A remote authentication bypass vulnerability was identified in H… 📄 التفاصيل ← |
NVD | A remote authentication bypass vulnerability was identified in HPE Intelligent Management Center (IM… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-5352
CVSS 9.8 CVE-2019-5352 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-5356
CVSS 9.8 CVE-2019-5356 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-5358
CVSS 9.8 CVE-2019-5358 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-5367
CVSS 9.8 CVE-2019-5367 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-5387
CVSS 9.8 CVE-2019-5387 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-5390
CVSS 9.8 CVE-2019-5390 — A remote command injection vulnerability was identified in HPE I… 📄 التفاصيل ← |
NVD | A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC) P… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-5391
CVSS 9.8 CVE-2019-5391 — A stack buffer overflow vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Intel |
CVE-2019-11949
CVSS 9.8 CVE-2019-11949 — A remote code execution vulnerability was identified in HPE Int… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2019-06-05
EDT: 2019-06-05
SA: 2019-06-05
|
| Fortinet |
CVE-2018-13379
CVSS 9.1 CVE-2018-13379 — An Improper Limitation of a Pathname to a Restricted Directory … 📄 التفاصيل ← |
NVD | An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Forti… | Yes | 🔴 Critical | Fortinet FortiOS 7.4.x | Exploit | Fortinet PSIRT Advisory |
UTC: 2019-06-04
EDT: 2019-06-04
SA: 2019-06-04
|
| Fortinet |
CVE-2018-13382
CVSS 9.1 CVE-2018-13382 — An Improper Authorization vulnerability in Fortinet FortiOS 6.0… 📄 التفاصيل ← |
NVD | An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1… | Yes | 🔴 Critical | Fortinet FortiOS | Fortinet | Apple iOS | Exploit | Fortinet PSIRT Advisory |
UTC: 2019-06-04
EDT: 2019-06-04
SA: 2019-06-04
|
| Intel |
CVE-2019-0153
CVSS 9.8 CVE-2019-0153 — Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.… 📄 التفاصيل ← |
NVD | Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated us… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2019-0153 NVD advisory |
UTC: 2019-05-17
EDT: 2019-05-17
SA: 2019-05-17
|
| Intel |
CVE-2019-0172
CVSS 9.8 CVE-2019-0172 — A logic issue in Intel Unite(R) Client for Android prior to vers… 📄 التفاصيل ← |
NVD | A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker … | No | 🔴 Critical | Android | Intel Processor | Exploit | Update to v4.0 |
UTC: 2019-05-17
EDT: 2019-05-17
SA: 2019-05-17
|
| Office |
CVE-2018-6885
CVSS 9.8 CVE-2018-6885 — An issue was discovered in MicroStrategy Web Services (the Micro… 📄 التفاصيل ← |
NVD | An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4 Hotf… | No | 🔴 Critical | An issue was | Exploit | Microsoft Patch Tuesday |
UTC: 2019-05-14
EDT: 2019-05-14
SA: 2019-05-14
|
| VMware |
CVE-2019-2725
CVSS 9.8 CVE-2019-2725 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2019-04-26
EDT: 2019-04-26
SA: 2019-04-26
|
| VMware |
CVE-2019-2645
CVSS 9.8 CVE-2019-2645 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2019-04-23
EDT: 2019-04-23
SA: 2019-04-23
|
| VMware |
CVE-2019-2646
CVSS 9.8 CVE-2019-2646 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: EJB… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2019-04-23
EDT: 2019-04-23
SA: 2019-04-23
|
| VMware |
CVE-2019-2658
CVSS 9.8 CVE-2019-2658 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2019-04-23
EDT: 2019-04-23
SA: 2019-04-23
|
| Oracle |
CVE-2019-2517
CVSS 9.1 CVE-2019-2517 — Vulnerability in the Core RDBMS component of Oracle Database Ser… 📄 التفاصيل ← |
NVD | Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are aff… | No | 🔴 Critical | Oracle Database | Exploit | Update to v12.2.0 |
UTC: 2019-04-23
EDT: 2019-04-23
SA: 2019-04-23
|
| Oracle |
CVE-2019-2699
CVSS 9 CVE-2019-2699 — Vulnerability in the Java SE component of Oracle Java SE (subcom… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). The supported … | No | 🔴 Critical | Microsoft Windows | Java | Exploit | Microsoft Patch Tuesday |
UTC: 2019-04-23
EDT: 2019-04-23
SA: 2019-04-23
|
| Cisco |
CVE-2019-1710
CVSS 9.8 CVE-2019-1710 — A vulnerability in the sysadmin virtual machine (VM) on Cisco AS… 📄 التفاصيل ← |
NVD | A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services R… | No | 🔴 Critical | Cisco IOS XE 17.x | DDoS | Cisco Security Advisory |
UTC: 2019-04-17
EDT: 2019-04-17
SA: 2019-04-17
|
| Juniper |
CVE-2019-0008
CVSS 9.8 CVE-2019-0008 — A certain sequence of valid BGP or IPv6 BFD packets may trigger … 📄 التفاصيل ← |
NVD | A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v15.1 |
UTC: 2019-04-10
EDT: 2019-04-10
SA: 2019-04-10
|
| Juniper |
CVE-2019-0036
CVSS 9.8 CVE-2019-0036 — When configuring a stateless firewall filter in Junos OS, terms … 📄 التفاصيل ← |
NVD | When configuring a stateless firewall filter in Junos OS, terms named using the format "interna… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v12.3 |
UTC: 2019-04-10
EDT: 2019-04-10
SA: 2019-04-10
|
| Juniper |
CVE-2019-0040
CVSS 9.1 CVE-2019-0040 — On Junos OS, rpcbind should only be listening to port 111 on the… 📄 التفاصيل ← |
NVD | On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). Ex… | No | 🔴 Critical | Juniper JunOS | DDoS | Update to v15.1 |
UTC: 2019-04-10
EDT: 2019-04-10
SA: 2019-04-10
|
| VMware |
CVE-2019-5523
CVSS 9.8 CVE-2019-5523 — VMware vCloud Director for Service Providers 9.5.x prior to 9.5.… 📄 التفاصيل ← |
NVD | VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session… | No | 🔴 Critical | VMware | Exploit | Update to v9.5. |
UTC: 2019-04-01
EDT: 2019-04-01
SA: 2019-04-01
|
| Fortinet |
CVE-2017-7342
CVSS 9.8 CVE-2017-7342 — A weak password recovery process vulnerability in Fortinet Forti… 📄 التفاصيل ← |
NVD | A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allo… | No | 🔴 Critical | Fortinet | Exploit | Update to v4.0.0 | Fortinet PSIRT Advisory |
UTC: 2019-03-25
EDT: 2019-03-25
SA: 2019-03-25
|
| Western Digital |
CVE-2018-19524
CVSS 9.8 CVE-2018-19524 — An issue was discovered on Shenzhen Skyworth DT741 Converged In… 📄 التفاصيل ← |
NVD | An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOT… | No | 🔴 Critical | Intel Processor | DDoS | Refer to CVE-2018-19524 NVD advisory |
UTC: 2019-03-21
EDT: 2019-03-21
SA: 2019-03-21
|
| OT/ICS | The Product Security Blog has moved! 📄 التفاصيل ← | Red Hat Security | Red Hat Product Security has joined forces with other security teams inside Red Hat to publish our c… | No | 🔴 Critical | Red Hat Enterprise Linux | ICS/OT | Apply vendor security patch |
UTC: 2019-03-19
EDT: 2019-03-19
SA: 2019-03-19
|
| Intel |
CVE-2019-0101
CVSS 9.8 CVE-2019-0101 — Authentication bypass in the Intel Unite(R) solution versions 3.… 📄 التفاصيل ← |
NVD | Authentication bypass in the Intel Unite(R) solution versions 3.2 through 3.3 may allow an unauthent… | No | 🔴 Critical | Intel Processor | Exploit | Update to v3.2 |
UTC: 2019-02-18
EDT: 2019-02-18
SA: 2019-02-18
|
| Fortinet |
CVE-2018-1352
CVSS 9.8 CVE-2018-1352 — A format string vulnerability in Fortinet FortiOS 5.6.0 allows a… 📄 التفاصيل ← |
NVD | A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code… | No | 🔴 Critical | Fortinet FortiOS 7.4.x | Exploit | Fortinet PSIRT Advisory |
UTC: 2019-02-08
EDT: 2019-02-08
SA: 2019-02-08
|
| Juniper |
CVE-2019-0006
CVSS 9.8 CVE-2019-0006 — A certain crafted HTTP packet can trigger an uninitialized funct… 📄 التفاصيل ← |
NVD | A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability … | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v14.1 |
UTC: 2019-01-15
EDT: 2019-01-15
SA: 2019-01-15
|
| Juniper |
CVE-2019-0007
CVSS 9.3 CVE-2019-0007 — The vMX Series software uses a predictable IP ID Sequence Number… 📄 التفاصيل ← |
NVD | The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as … | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v15.1 |
UTC: 2019-01-15
EDT: 2019-01-15
SA: 2019-01-15
|
| Juniper |
CVE-2019-0020
CVSS 10 CVE-2019-0020 — Juniper ATP ships with hard coded credentials in the Web Collect… 📄 التفاصيل ← |
NVD | Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker … | No | 🔴 Critical | Juniper ATP ships | Exploit | Update to v5.0.3 |
UTC: 2019-01-15
EDT: 2019-01-15
SA: 2019-01-15
|
| Juniper |
CVE-2019-0022
CVSS 10 CVE-2019-0022 — Juniper ATP ships with hard coded credentials in the Cyphort Cor… 📄 التفاصيل ← |
NVD | Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker t… | No | 🔴 Critical | Juniper ATP ships | Exploit | Update to v5.0.3 |
UTC: 2019-01-15
EDT: 2019-01-15
SA: 2019-01-15
|
| Microsoft |
CVE-2019-0586
CVSS 9.8 CVE-2019-0586 — A remote code execution vulnerability exists in Microsoft Exchan… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability exists in Microsoft Exchange software when the software fails … | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2019-01-08
EDT: 2019-01-08
SA: 2019-01-08
|
| Palo Alto |
CVE-2018-10143
CVSS 9.8 CVE-2018-10143 — The Palo Alto Networks Expedition Migration tool 1.0.107 and ea… 📄 التفاصيل ← |
NVD | The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated at… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Exploit | Refer to CVE-2018-10143 NVD advisory |
UTC: 2018-12-12
EDT: 2018-12-12
SA: 2018-12-12
|
| Intel |
CVE-2018-7114
CVSS 9.8 CVE-2018-7114 — HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E… 📄 التفاصيل ← |
NVD | HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buf… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2018-7114 NVD advisory |
UTC: 2018-12-03
EDT: 2018-12-03
SA: 2018-12-03
|
| Bitdefender |
CVE-2017-8931
CVSS 9.8 CVE-2017-8931 — Bitdefender GravityZone VMware appliance before 6.2.1-35 might a… 📄 التفاصيل ← |
NVD | Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with r… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2017-8931 NVD advisory |
UTC: 2018-10-30
EDT: 2018-10-30
SA: 2018-10-30
|
| Intel |
CVE-2018-7076
CVSS 9.8 CVE-2018-7076 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prio… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2018-7076 NVD advisory |
UTC: 2018-10-17
EDT: 2018-10-17
SA: 2018-10-17
|
| VMware |
CVE-2018-3191
CVSS 9.8 CVE-2018-3191 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2018-10-16
EDT: 2018-10-16
SA: 2018-10-16
|
| VMware |
CVE-2018-3197
CVSS 9.8 CVE-2018-3197 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.1.3 |
UTC: 2018-10-16
EDT: 2018-10-16
SA: 2018-10-16
|
| VMware |
CVE-2018-3201
CVSS 9.8 CVE-2018-3201 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.2.1 |
UTC: 2018-10-16
EDT: 2018-10-16
SA: 2018-10-16
|
| VMware |
CVE-2018-3245
CVSS 9.8 CVE-2018-3245 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2018-10-16
EDT: 2018-10-16
SA: 2018-10-16
|
| VMware |
CVE-2018-3252
CVSS 9.8 CVE-2018-3252 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2018-10-16
EDT: 2018-10-16
SA: 2018-10-16
|
| Oracle |
CVE-2018-3259
CVSS 9.8 CVE-2018-3259 — Vulnerability in the Java VM component of Oracle Database Server… 📄 التفاصيل ← |
NVD | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affect… | No | 🔴 Critical | Java | Oracle Database | Exploit | Update to v11.2.0 |
UTC: 2018-10-16
EDT: 2018-10-16
SA: 2018-10-16
|
| Oracle |
CVE-2018-3183
CVSS 9 CVE-2018-3183 — Vulnerability in the Java SE, Java SE Embedded, JRockit componen… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2018-3183 NVD advisory |
UTC: 2018-10-16
EDT: 2018-10-16
SA: 2018-10-16
|
| Juniper |
CVE-2018-0044
CVSS 9.8 CVE-2018-0044 — An insecure SSHD configuration in Juniper Device Manager (JDM) a… 📄 التفاصيل ← |
NVD | An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series dev… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v18.1 |
UTC: 2018-10-10
EDT: 2018-10-10
SA: 2018-10-10
|
| Intel |
CVE-2018-7103
CVSS 9.8 CVE-2018-7103 — A Remote Code Execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wire… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-09-27
EDT: 2018-09-27
SA: 2018-09-27
|
| Intel |
CVE-2018-7104
CVSS 9.8 CVE-2018-7104 — A Remote Code Execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wire… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-09-27
EDT: 2018-09-27
SA: 2018-09-27
|
| Intel |
CVE-2018-12171
CVSS 9.8 CVE-2018-12171 — Privilege escalation in Intel Baseboard Management Controller (… 📄 التفاصيل ← |
NVD | Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f… | No | 🔴 Critical | Intel Processor | DDoS | Update to v1.43.91 |
UTC: 2018-09-12
EDT: 2018-09-12
SA: 2018-09-12
|
| Intel |
CVE-2018-3679
CVSS 9.6 CVE-2018-3679 — Escalation of privilege in Reference UI in Intel Data Center Man… 📄 التفاصيل ← |
NVD | Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2018-3679 NVD advisory |
UTC: 2018-09-12
EDT: 2018-09-12
SA: 2018-09-12
|
| Microsoft |
CVE-2018-8302
CVSS 9.8 CVE-2018-8302 — A remote code execution vulnerability exists in Microsoft Exchan… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability exists in Microsoft Exchange software when the software fails … | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2018-08-15
EDT: 2018-08-15
SA: 2018-08-15
|
| Intel |
CVE-2018-10369
CVSS 9.8 CVE-2018-10369 — A Cross-site scripting (XSS) vulnerability was discovered on In… 📄 التفاصيل ← |
NVD | A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An at… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2018-10369 NVD advisory |
UTC: 2018-08-15
EDT: 2018-08-15
SA: 2018-08-15
|
| Intel |
CVE-2018-2445
CVSS 9.6 CVE-2018-2445 — AdminTools in SAP BusinessObjects Business Intelligence, version… 📄 التفاصيل ← |
NVD | AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to ma… | No | 🔴 Critical | Intel Processor | SAP | Exploit | Update to v4.1 |
UTC: 2018-08-14
EDT: 2018-08-14
SA: 2018-08-14
|
| Oracle |
CVE-2018-3110
CVSS 9.9 CVE-2018-3110 — A vulnerability was discovered in the Java VM component of Oracl… 📄 التفاصيل ← |
NVD | A vulnerability was discovered in the Java VM component of Oracle Database Server. Supported version… | No | 🔴 Critical | Java | Oracle Database | Exploit | Update to v11.2.0 |
UTC: 2018-08-10
EDT: 2018-08-10
SA: 2018-08-10
|
| Intel |
CVE-2017-8990
CVSS 9.8 CVE-2017-8990 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wire… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-08-06
EDT: 2018-08-06
SA: 2018-08-06
|
| Intel |
CVE-2018-7074
CVSS 9.8 CVE-2018-7074 — A remote code execution vulnerability was identified in HPE Inte… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2018-7074 NVD advisory |
UTC: 2018-08-06
EDT: 2018-08-06
SA: 2018-08-06
|
| VMware |
CVE-2018-2893
CVSS 9.8 CVE-2018-2893 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2018-07-18
EDT: 2018-07-18
SA: 2018-07-18
|
| VMware |
CVE-2018-2894
CVSS 9.8 CVE-2018-2894 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v12.1.3 |
UTC: 2018-07-18
EDT: 2018-07-18
SA: 2018-07-18
|
| Oracle |
CVE-2018-2938
CVSS 9 CVE-2018-2938 — Vulnerability in the Java SE component of Oracle Java SE (subcom… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2018-2938 NVD advisory |
UTC: 2018-07-18
EDT: 2018-07-18
SA: 2018-07-18
|
| Vulnerability |
CVE-2018-14324
CVSS 9.8 CVE-2018-14324 — The demo feature in Oracle GlassFish Open Source Edition 5.0 ha… 📄 التفاصيل ← |
NVD | The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with … | No | 🔴 Critical | Oracle | Exploit | Refer to CVE-2018-14324 NVD advisory |
UTC: 2018-07-16
EDT: 2018-07-16
SA: 2018-07-16
|
| Intel |
CVE-2016-6551
CVSS 9.8 CVE-2016-6551 — Intellian Satellite TV antennas t-Series and v-Series, firmware … 📄 التفاصيل ← |
NVD | Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random defaul… | No | 🔴 Critical | Intel Processor | Exploit | Update to v1.07 |
UTC: 2018-07-13
EDT: 2018-07-13
SA: 2018-07-13
|
| Juniper |
CVE-2018-0037
CVSS 9.8 CVE-2018-0037 — Junos OS routing protocol daemon (RPD) process may crash and res… 📄 التفاصيل ← |
NVD | Junos OS routing protocol daemon (RPD) process may crash and restart or may lead to remote code exec… | No | 🔴 Critical | Juniper JunOS | DDoS | Update to v15.1 |
UTC: 2018-07-11
EDT: 2018-07-11
SA: 2018-07-11
|
| Juniper |
CVE-2018-0038
CVSS 9.8 CVE-2018-0038 — Juniper Networks Contrail Service Orchestration releases prior t… 📄 التفاصيل ← |
NVD | Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabl… | No | 🔴 Critical | Juniper Networks Contrail | Exploit | Refer to CVE-2018-0038 NVD advisory |
UTC: 2018-07-11
EDT: 2018-07-11
SA: 2018-07-11
|
| Juniper |
CVE-2018-0040
CVSS 9.8 CVE-2018-0040 — Juniper Networks Contrail Service Orchestrator versions prior to… 📄 التفاصيل ← |
NVD | Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic c… | No | 🔴 Critical | Juniper Networks Contrail | Exploit | Update to v4.0.0 |
UTC: 2018-07-11
EDT: 2018-07-11
SA: 2018-07-11
|
| Juniper |
CVE-2018-0041
CVSS 9.8 CVE-2018-0041 — Juniper Networks Contrail Service Orchestration releases prior t… 📄 التفاصيل ← |
NVD | Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to… | No | 🔴 Critical | Juniper Networks Contrail | Exploit | Refer to CVE-2018-0041 NVD advisory |
UTC: 2018-07-11
EDT: 2018-07-11
SA: 2018-07-11
|
| Juniper |
CVE-2018-0042
CVSS 9.8 CVE-2018-0042 — Juniper Networks CSO versions prior to 4.0.0 may log passwords i… 📄 التفاصيل ← |
NVD | Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an informatio… | No | 🔴 Critical | Juniper Networks CSO | Exploit | Update to v4.0.0 |
UTC: 2018-07-11
EDT: 2018-07-11
SA: 2018-07-11
|
| Cisco |
CVE-2018-0310
CVSS 9.8 CVE-2018-0310 — A vulnerability in the Cisco Fabric Services component of Cisco … 📄 التفاصيل ← |
NVD | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa… | No | 🔴 Critical | Cisco NX-OS | Cisco | DDoS | Cisco Security Advisory |
UTC: 2018-06-21
EDT: 2018-06-21
SA: 2018-06-21
|
| Cisco |
CVE-2018-0301
CVSS 9.8 CVE-2018-0301 — A vulnerability in the NX-API feature of Cisco NX-OS Software co… 📄 التفاصيل ← |
NVD | A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote… | No | 🔴 Critical | Cisco NX-OS | Cisco | Exploit | Cisco Security Advisory |
UTC: 2018-06-20
EDT: 2018-06-20
SA: 2018-06-20
|
| Cisco |
CVE-2018-0304
CVSS 9.8 CVE-2018-0304 — A vulnerability in the Cisco Fabric Services component of Cisco … 📄 التفاصيل ← |
NVD | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa… | No | 🔴 Critical | Cisco NX-OS | Cisco | DDoS | Cisco Security Advisory |
UTC: 2018-06-20
EDT: 2018-06-20
SA: 2018-06-20
|
| Cisco |
CVE-2018-0308
CVSS 9.8 CVE-2018-0308 — A vulnerability in the Cisco Fabric Services component of Cisco … 📄 التفاصيل ← |
NVD | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa… | No | 🔴 Critical | Cisco NX-OS | Cisco | DDoS | Cisco Security Advisory |
UTC: 2018-06-20
EDT: 2018-06-20
SA: 2018-06-20
|
| Cisco |
CVE-2018-0312
CVSS 9.8 CVE-2018-0312 — A vulnerability in the Cisco Fabric Services component of Cisco … 📄 التفاصيل ← |
NVD | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa… | No | 🔴 Critical | Cisco NX-OS | Cisco | DDoS | Cisco Security Advisory |
UTC: 2018-06-20
EDT: 2018-06-20
SA: 2018-06-20
|
| Cisco |
CVE-2018-0314
CVSS 9.8 CVE-2018-0314 — A vulnerability in the Cisco Fabric Services (CFS) component of … 📄 التفاصيل ← |
NVD | A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS … | No | 🔴 Critical | Cisco NX-OS | Cisco | Exploit | Cisco Security Advisory |
UTC: 2018-06-20
EDT: 2018-06-20
SA: 2018-06-20
|
| VMware |
CVE-2018-6968
CVSS 10 CVE-2018-6968 — The VMware AirWatch Agent for Android prior to 8.2 and AirWatch … 📄 التفاصيل ← |
NVD | The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.… | No | 🔴 Critical | Microsoft Windows | Android | Exploit | Microsoft Patch Tuesday |
UTC: 2018-06-11
EDT: 2018-06-11
SA: 2018-06-11
|
| Cisco |
CVE-2018-0315
CVSS 9.8 CVE-2018-0315 — A vulnerability in the authentication, authorization, and accoun… 📄 التفاصيل ← |
NVD | A vulnerability in the authentication, authorization, and accounting (AAA) security services of Cisc… | No | 🔴 Critical | Cisco IOS XE 17.x | DDoS | Cisco Security Advisory |
UTC: 2018-06-07
EDT: 2018-06-07
SA: 2018-06-07
|
| Intel |
CVE-2018-12031
CVSS 9.8 CVE-2018-12031 — Local file inclusion in Eaton Intelligent Power Manager v1.6 al… 📄 التفاصيل ← |
NVD | Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file vi… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2018-12031 NVD advisory |
UTC: 2018-06-07
EDT: 2018-06-07
SA: 2018-06-07
|
| Intel |
CVE-2018-11094
CVSS 9.8 CVE-2018-11094 — An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /c… 📄 التفاصيل ← |
NVD | An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/upd… | No | 🔴 Critical | Intel Processor | ICS/OT | Refer to CVE-2018-11094 NVD advisory |
UTC: 2018-05-15
EDT: 2018-05-15
SA: 2018-05-15
|
| Microsoft |
CVE-2018-8154
CVSS 9.8 CVE-2018-8154 — A remote code execution vulnerability exists in Microsoft Exchan… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability exists in Microsoft Exchange software when the software fails … | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2018-05-09
EDT: 2018-05-09
SA: 2018-05-09
|
| Fortinet |
CVE-2017-17539
CVSS 9.8 CVE-2017-17539 — The presence of a hardcoded account in Fortinet FortiWLC 7.0.11… 📄 التفاصيل ← |
NVD | The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2018-05-08
EDT: 2018-05-08
SA: 2018-05-08
|
| Fortinet |
CVE-2017-17540
CVSS 9.8 CVE-2017-17540 — The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 … 📄 التفاصيل ← |
NVD | The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2018-05-08
EDT: 2018-05-08
SA: 2018-05-08
|
| VMware |
CVE-2018-2628
CVSS 9.8 CVE-2018-2628 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2018-04-18
EDT: 2018-04-18
SA: 2018-04-18
|
| VMware |
CVE-2018-6959
CVSS 9.8 CVE-2018-6959 — VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulne… 📄 التفاصيل ← |
NVD | VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of session … | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2018-6959 NVD advisory |
UTC: 2018-04-13
EDT: 2018-04-13
SA: 2018-04-13
|
| Juniper |
CVE-2018-0016
CVSS 9.8 CVE-2018-0016 — Receipt of a specially crafted Connectionless Network Protocol (… 📄 التفاصيل ← |
NVD | Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interf… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v15.1 |
UTC: 2018-04-11
EDT: 2018-04-11
SA: 2018-04-11
|
| Juniper |
CVE-2014-3413
CVSS 9.8 CVE-2014-3413 — The MySQL server in Juniper Networks Junos Space before 13.3R1.8… 📄 التفاصيل ← |
NVD | The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a h… | No | 🔴 Critical | Juniper JunOS | MySQL | Exploit | Refer to CVE-2014-3413 NVD advisory |
UTC: 2018-04-05
EDT: 2018-04-05
SA: 2018-04-05
|
| Intel |
CVE-2018-3641
CVSS 9.8 CVE-2018-3641 — Escalation of privilege in all versions of the Intel Remote Keyb… 📄 التفاصيل ← |
NVD | Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to in… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2018-3641 NVD advisory |
UTC: 2018-04-03
EDT: 2018-04-03
SA: 2018-04-03
|
| Cisco |
CVE-2018-0151
CVSS 9.8 CVE-2018-0151 — A vulnerability in the quality of service (QoS) subsystem of Cis… 📄 التفاصيل ← |
NVD | A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Sof… | No | 🔴 Critical | Cisco IOS XE 17.x | DDoS | Cisco Security Advisory |
UTC: 2018-03-28
EDT: 2018-03-28
SA: 2018-03-28
|
| Cisco |
CVE-2018-0171
CVSS 9.8 CVE-2018-0171 — A vulnerability in the Smart Install feature of Cisco IOS Softwa… 📄 التفاصيل ← |
NVD | A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could a… | Yes | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2018-03-28
EDT: 2018-03-28
SA: 2018-03-28
|
| Cisco |
CVE-2018-0150
CVSS 9.8 CVE-2018-0150 — A vulnerability in Cisco IOS XE Software could allow an unauthen… 📄 التفاصيل ← |
NVD | A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in t… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2018-03-28
EDT: 2018-03-28
SA: 2018-03-28
|
| Intel |
CVE-2018-5468
CVSS 9.8 CVE-2018-5468 — Philips Intellispace Portal all versions 7.0.x and 8.0.x have a … 📄 التفاصيل ← |
NVD | Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote desktop access vulnerability … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.0. |
UTC: 2018-03-26
EDT: 2018-03-26
SA: 2018-03-26
|
| Intel |
CVE-2018-5472
CVSS 9.8 CVE-2018-5472 — Philips Intellispace Portal all versions 7.0.x and 8.0.x have an… 📄 التفاصيل ← |
NVD | Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulner… | No | 🔴 Critical | Microsoft Windows | Intel Processor | Exploit | Update to v7.0. |
UTC: 2018-03-26
EDT: 2018-03-26
SA: 2018-03-26
|
| Intel |
CVE-2018-5474
CVSS 9.8 CVE-2018-5474 — Philips Intellispace Portal all versions 7.0.x and 8.0.x have an… 📄 التفاصيل ← |
NVD | Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.0. |
UTC: 2018-03-26
EDT: 2018-03-26
SA: 2018-03-26
|
| Linux |
CVE-2017-2628
CVSS 9.8 CVE-2017-2628 — curl, as shipped in Red Hat Enterprise Linux 6 before version 7.… 📄 التفاصيل ← |
NVD | curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport … | No | 🔴 Critical | Red Hat Enterprise Linux | Red Hat Enterprise Linux | SAP | Exploit | Update to v7.19.7 |
UTC: 2018-03-12
EDT: 2018-03-12
SA: 2018-03-12
|
| IBM |
CVE-2018-1372
CVSS 9.8 CVE-2018-1372 — IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does no… 📄 التفاصيل ← |
NVD | IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have str… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2018-1372 NVD advisory |
UTC: 2018-02-27
EDT: 2018-02-27
SA: 2018-02-27
|
| Juniper |
CVE-2018-0015
CVSS 9.8 CVE-2018-0015 — A malicious user with unrestricted access to the AppFormix appli… 📄 التفاصيل ← |
NVD | A malicious user with unrestricted access to the AppFormix application management platform may be ab… | No | 🔴 Critical | Python | Exploit | Update to v2.7.3 |
UTC: 2018-02-22
EDT: 2018-02-22
SA: 2018-02-22
|
| Intel |
CVE-2017-12556
CVSS 9.8 CVE-2017-12556 — A Remote Code Execution vulnerability in HPE intelligent Manage… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Pl… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-12557
CVSS 9.8 CVE-2017-12557 — A Remote Code Execution vulnerability in HPE intelligent Manage… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Pl… | Yes | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-12558
CVSS 9.8 CVE-2017-12558 — A Remote Code Execution vulnerability in HPE intelligent Manage… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Pl… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-12561
CVSS 9.8 CVE-2017-12561 — A remote code execution vulnerability in HPE intelligent Manage… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5790
CVSS 9.8 CVE-2017-5790 — A remote deserialization of untrusted data vulnerability in HPE … 📄 التفاصيل ← |
NVD | A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) … | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.2 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5792
CVSS 9.8 CVE-2017-5792 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | Yes | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5804
CVSS 9.8 CVE-2017-5804 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 wa… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.2 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5805
CVSS 9.8 CVE-2017-5805 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 wa… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.2 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5806
CVSS 9.8 CVE-2017-5806 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 wa… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.2 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5815
CVSS 9.8 CVE-2017-5815 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5816
CVSS 9.8 CVE-2017-5816 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | Yes | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5817
CVSS 9.8 CVE-2017-5817 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | Yes | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5819
CVSS 9.8 CVE-2017-5819 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5820
CVSS 9.8 CVE-2017-5820 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5821
CVSS 9.8 CVE-2017-5821 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-5823
CVSS 9.8 CVE-2017-5823 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-8954
CVSS 9.8 CVE-2017-8954 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 wa… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.2 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-8956
CVSS 9.8 CVE-2017-8956 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-8957
CVSS 9.8 CVE-2017-8957 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 wa… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.2 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Intel |
CVE-2017-8981
CVSS 9.8 CVE-2017-8981 — A Remote Code Execution vulnerability in HPE Intelligent Managem… 📄 التفاصيل ← |
NVD | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0… | No | 🔴 Critical | Intel Processor | Exploit | Update to v7.3 |
UTC: 2018-02-15
EDT: 2018-02-15
SA: 2018-02-15
|
| Vulnerability |
CVE-2018-6289
CVSS 9.8 CVE-2018-6289 — Configuration file injection leading to Code Execution as Root i… 📄 التفاصيل ← |
NVD | Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway vers… | No | 🔴 Critical | Configuration file injection | Exploit | Update to v1.1. |
UTC: 2018-02-06
EDT: 2018-02-06
SA: 2018-02-06
|
| Cisco |
CVE-2018-0101
CVSS 10 CVE-2018-0101 — A vulnerability in the Secure Sockets Layer (SSL) VPN functional… 📄 التفاصيل ← |
NVD | A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security A… | Yes | 🔴 Critical | Cisco ASA | Cisco | APT | Cisco Security Advisory |
UTC: 2018-01-29
EDT: 2018-01-29
SA: 2018-01-29
|
| VMware |
CVE-2017-4947
CVSS 9.8 CVE-2017-4947 — VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated … 📄 التفاصيل ← |
NVD | VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain … | No | 🔴 Critical | VMware vSphere | Exploit | Refer to CVE-2017-4947 NVD advisory |
UTC: 2018-01-29
EDT: 2018-01-29
SA: 2018-01-29
|
| Oracle |
CVE-2017-10282
CVSS 9.1 CVE-2017-10282 — Vulnerability in the Core RDBMS component of Oracle Database Se… 📄 التفاصيل ← |
NVD | Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are aff… | No | 🔴 Critical | Oracle Database | Exploit | Update to v12.1.0 |
UTC: 2018-01-17
EDT: 2018-01-17
SA: 2018-01-17
|
| Juniper |
CVE-2018-0001
CVSS 9.8 CVE-2018-0001 — A remote, unauthenticated attacker may be able to execute code b… 📄 التفاصيل ← |
NVD | A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect… | No | 🔴 Critical | Juniper JunOS | PHP | Exploit | Update to v12.1 |
UTC: 2018-01-10
EDT: 2018-01-10
SA: 2018-01-10
|
| Juniper |
CVE-2018-0007
CVSS 9.8 CVE-2018-0007 — An unauthenticated network-based attacker able to send a malicio… 📄 التفاصيل ← |
NVD | An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the loca… | No | 🔴 Critical | Juniper JunOS | DDoS | Update to v12.1 |
UTC: 2018-01-10
EDT: 2018-01-10
SA: 2018-01-10
|
| Intel |
CVE-2017-16684
CVSS 9.8 CVE-2017-16684 — SAP Business Intelligence Promotion Management Application, Ent… 📄 التفاصيل ← |
NVD | SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does no… | No | 🔴 Critical | Intel Processor | SAP | Exploit | Refer to CVE-2017-16684 NVD advisory |
UTC: 2017-12-12
EDT: 2017-12-12
SA: 2017-12-12
|
| Palo Alto |
CVE-2017-15940
CVSS 9.8 CVE-2017-15940 — The web interface packet capture management component in Palo A… 📄 التفاصيل ← |
NVD | The web interface packet capture management component in Palo Alto Networks PAN-OS before 6.1.19, 7.… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | APT | Refer to CVE-2017-15940 NVD advisory |
UTC: 2017-12-11
EDT: 2017-12-11
SA: 2017-12-11
|
| Palo Alto |
CVE-2017-15944
CVSS 9.8 CVE-2017-15944 — Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7… 📄 التفاصيل ← |
NVD | Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before … | Yes | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Exploit | Refer to CVE-2017-15944 NVD advisory |
UTC: 2017-12-11
EDT: 2017-12-11
SA: 2017-12-11
|
| Fortinet |
CVE-2017-14189
CVSS 9.8 CVE-2017-14189 — An improper access control vulnerability in Fortinet FortiWebMa… 📄 التفاصيل ← |
NVD | An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can ac… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2017-11-29
EDT: 2017-11-29
SA: 2017-11-29
|
| Intel |
CVE-2017-5719
CVSS 9.8 CVE-2017-5719 — A vulnerability in the Intel Deep Learning Training Tool Beta 1 … 📄 التفاصيل ← |
NVD | A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotel… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2017-5719 NVD advisory |
UTC: 2017-11-21
EDT: 2017-11-21
SA: 2017-11-21
|
| General | Security is from Mars, Developers are from Venus…...or ARE they? 📄 التفاصيل ← | Red Hat Security | It is a tale as old as time. Developers and security personnel view each other with suspicion. Th… | No | 🔴 Critical | Security is from | Exploit | Apply vendor security patch |
UTC: 2017-11-16
EDT: 2017-11-16
SA: 2017-11-16
|
| Intel |
CVE-2017-5738
CVSS 9.1 CVE-2017-5738 — Escalation of privilege vulnerability in admin portal for Intel … 📄 التفاصيل ← |
NVD | Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41… | No | 🔴 Critical | Intel Processor | DDoS | Update to v3.1.32 |
UTC: 2017-11-16
EDT: 2017-11-16
SA: 2017-11-16
|
| VMware |
CVE-2017-10352
CVSS 9.9 CVE-2017-10352 — Vulnerability in the Oracle WebLogic Server component of Oracle… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2017-10-19
EDT: 2017-10-19
SA: 2017-10-19
|
| Oracle |
CVE-2017-10285
CVSS 9.6 CVE-2017-10285 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10285 NVD advisory |
UTC: 2017-10-19
EDT: 2017-10-19
SA: 2017-10-19
|
| Oracle |
CVE-2017-10346
CVSS 9.6 CVE-2017-10346 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). … | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10346 NVD advisory |
UTC: 2017-10-19
EDT: 2017-10-19
SA: 2017-10-19
|
| Windows |
CVE-2017-11771
CVSS 9.8 CVE-2017-11771 — The Microsoft Windows Search component on Microsoft Windows Ser… 📄 التفاصيل ← |
NVD | The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2017-10-13
EDT: 2017-10-13
SA: 2017-10-13
|
| Juniper |
CVE-2016-1265
CVSS 9.8 CVE-2016-1265 — A remote unauthenticated network based attacker with access to J… 📄 التفاصيل ← |
NVD | A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary cod… | No | 🔴 Critical | Juniper JunOS | Exploit | Update to v15.1 |
UTC: 2017-10-13
EDT: 2017-10-13
SA: 2017-10-13
|
| Juniper |
CVE-2017-10615
CVSS 9.8 CVE-2017-10615 — A vulnerability in the pluggable authentication module (PAM) of… 📄 التفاصيل ← |
NVD | A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow … | No | 🔴 Critical | Juniper JunOS | Exploit | Refer to CVE-2017-10615 NVD advisory |
UTC: 2017-10-13
EDT: 2017-10-13
SA: 2017-10-13
|
| Juniper |
CVE-2017-10622
CVSS 9.8 CVE-2017-10622 — An authentication bypass vulnerability in Juniper Networks Juno… 📄 التفاصيل ← |
NVD | An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform m… | No | 🔴 Critical | Juniper JunOS | Exploit | Refer to CVE-2017-10622 NVD advisory |
UTC: 2017-10-13
EDT: 2017-10-13
SA: 2017-10-13
|
| Intel |
CVE-2017-5791
CVSS 9.8 CVE-2017-5791 — The doFilter method in UrlAccessController in HPE Intelligent Ma… 📄 التفاصيل ← |
NVD | The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2017-5791 NVD advisory |
UTC: 2017-10-11
EDT: 2017-10-11
SA: 2017-10-11
|
| Cisco |
CVE-2017-12240
CVSS 9.8 CVE-2017-12240 — The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cis… 📄 التفاصيل ← |
NVD | The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnera… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2017-09-29
EDT: 2017-09-29
SA: 2017-09-29
|
| Cisco |
CVE-2017-12229
CVSS 9.8 CVE-2017-12229 — A vulnerability in the REST API of the web-based user interface… 📄 التفاصيل ← |
NVD | A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2017-09-29
EDT: 2017-09-29
SA: 2017-09-29
|
| Cisco |
CVE-2017-12236
CVSS 9.8 CVE-2017-12236 — A vulnerability in the implementation of the Locator/ID Separat… 📄 التفاصيل ← |
NVD | A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2017-09-29
EDT: 2017-09-29
SA: 2017-09-29
|
| Intel |
CVE-2017-14942
CVSS 9.8 CVE-2017-14942 — Intelbras WRN 150 devices allow remote attackers to read the co… 📄 التفاصيل ← |
NVD | Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently by… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2017-14942 NVD advisory |
UTC: 2017-09-29
EDT: 2017-09-29
SA: 2017-09-29
|
| Juniper |
CVE-2017-12993
CVSS 9.8 CVE-2017-12993 — The Juniper protocols parser in tcpdump before 4.9.2 has a buff… 📄 التفاصيل ← |
NVD | The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, seve… | No | 🔴 Critical | The Juniper protocols | Exploit | Refer to CVE-2017-12993 NVD advisory |
UTC: 2017-09-14
EDT: 2017-09-14
SA: 2017-09-14
|
| Juniper |
CVE-2017-13004
CVSS 9.8 CVE-2017-13004 — The Juniper protocols parser in tcpdump before 4.9.2 has a buff… 📄 التفاصيل ← |
NVD | The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:junip… | No | 🔴 Critical | The Juniper protocols | Exploit | Refer to CVE-2017-13004 NVD advisory |
UTC: 2017-09-14
EDT: 2017-09-14
SA: 2017-09-14
|
| Palo Alto |
CVE-2017-9458
CVSS 9.8 CVE-2017-9458 — XML external entity (XXE) vulnerability in the GlobalProtect int… 📄 التفاصيل ← |
NVD | XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Palo Alto GlobalProtect VP | DDoS | Refer to CVE-2017-9458 NVD advisory |
UTC: 2017-09-07
EDT: 2017-09-07
SA: 2017-09-07
|
| Linux |
CVE-2017-13715
CVSS 9.8 CVE-2017-13715 — The __skb_flow_dissect function in net/core/flow_dissector.c in… 📄 التفاصيل ← |
NVD | The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2017-13715 NVD advisory |
UTC: 2017-08-29
EDT: 2017-08-29
SA: 2017-08-29
|
| Android |
CVE-2017-12816
CVSS 9.8 CVE-2017-12816 — In Kaspersky Internet Security for Android 11.12.4.1622, some o… 📄 التفاصيل ← |
NVD | In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have… | No | 🔴 Critical | Android 14/13 | Malware | Refer to CVE-2017-12816 NVD advisory |
UTC: 2017-08-25
EDT: 2017-08-25
SA: 2017-08-25
|
| Qualcomm |
CVE-2014-9411
CVSS 9.8 CVE-2014-9411 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9411 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9968
CVSS 9.8 CVE-2014-9968 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9968 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9969
CVSS 9.8 CVE-2014-9969 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may u… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9969 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9971
CVSS 9.8 CVE-2014-9971 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts ca… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9971 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9972
CVSS 9.8 CVE-2014-9972 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts ca… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9972 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9973
CVSS 9.8 CVE-2014-9973 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buff… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9973 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9974
CVSS 9.8 CVE-2014-9974 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9974 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9975
CVSS 9.8 CVE-2014-9975 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerabi… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9975 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9976
CVSS 9.8 CVE-2014-9976 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9976 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9977
CVSS 9.8 CVE-2014-9977 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9977 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9978
CVSS 9.8 CVE-2014-9978 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9978 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9979
CVSS 9.8 CVE-2014-9979 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninit… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9979 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9980
CVSS 9.8 CVE-2014-9980 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9980 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2014-9981
CVSS 9.8 CVE-2014-9981 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2014-9981 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-0574
CVSS 9.8 CVE-2015-0574 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of fi… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-0574 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-0575
CVSS 9.8 CVE-2015-0575 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuite… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-0575 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-8592
CVSS 9.8 CVE-2015-8592 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not val… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-8592 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-8593
CVSS 9.8 CVE-2015-8593 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-8593 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-8594
CVSS 9.8 CVE-2015-8594 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read v… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-8594 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-8595
CVSS 9.8 CVE-2015-8595 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read v… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-8595 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-8596
CVSS 9.8 CVE-2015-8596 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Malware | Refer to CVE-2015-8596 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9034
CVSS 9.8 CVE-2015-9034 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9034 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9035
CVSS 9.8 CVE-2015-9035 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fail… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9035 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9036
CVSS 9.8 CVE-2015-9036 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9036 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9037
CVSS 9.8 CVE-2015-9037 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read m… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9037 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9038
CVSS 9.8 CVE-2015-9038 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may b… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9038 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9039
CVSS 9.8 CVE-2015-9039 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9039 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9040
CVSS 9.8 CVE-2015-9040 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9040 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9041
CVSS 9.8 CVE-2015-9041 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9041 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9042
CVSS 9.8 CVE-2015-9042 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9042 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9043
CVSS 9.8 CVE-2015-9043 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can b… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9043 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9044
CVSS 9.8 CVE-2015-9044 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9044 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9045
CVSS 9.8 CVE-2015-9045 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9045 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9046
CVSS 9.8 CVE-2015-9046 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9046 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9047
CVSS 9.8 CVE-2015-9047 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9047 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9048
CVSS 9.8 CVE-2015-9048 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9048 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9049
CVSS 9.8 CVE-2015-9049 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9049 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9050
CVSS 9.8 CVE-2015-9050 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9050 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9051
CVSS 9.8 CVE-2015-9051 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9051 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9052
CVSS 9.8 CVE-2015-9052 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9052 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9053
CVSS 9.8 CVE-2015-9053 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9053 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9054
CVSS 9.8 CVE-2015-9054 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can b… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9054 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9055
CVSS 9.8 CVE-2015-9055 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was pot… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9055 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9060
CVSS 9.8 CVE-2015-9060 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not pro… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9060 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9061
CVSS 9.8 CVE-2015-9061 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9061 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9062
CVSS 9.8 CVE-2015-9062 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9062 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9063
CVSS 9.8 CVE-2015-9063 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9063 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9064
CVSS 9.8 CVE-2015-9064 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9064 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9065
CVSS 9.8 CVE-2015-9065 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9065 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9066
CVSS 9.8 CVE-2015-9066 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9066 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9067
CVSS 9.8 CVE-2015-9067 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9067 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9068
CVSS 9.8 CVE-2015-9068 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a min… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9068 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9069
CVSS 9.8 CVE-2015-9069 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File Syst… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9069 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9070
CVSS 9.8 CVE-2015-9070 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read v… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9070 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9071
CVSS 9.8 CVE-2015-9071 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read v… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9071 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9072
CVSS 9.8 CVE-2015-9072 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9072 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2015-9073
CVSS 9.8 CVE-2015-9073 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2015-9073 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10343
CVSS 9.8 CVE-2016-10343 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failur… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10343 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10344
CVSS 9.8 CVE-2016-10344 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10344 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10346
CVSS 9.8 CVE-2016-10346 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10346 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10347
CVSS 9.8 CVE-2016-10347 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hyp… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10347 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10380
CVSS 9.8 CVE-2016-10380 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unpr… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10380 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10381
CVSS 9.8 CVE-2016-10381 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unpr… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10381 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10382
CVSS 9.8 CVE-2016-10382 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to th… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10382 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10384
CVSS 9.8 CVE-2016-10384 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was pot… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | IOC | Refer to CVE-2016-10384 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10385
CVSS 9.8 CVE-2016-10385 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vul… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10385 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10386
CVSS 9.8 CVE-2016-10386 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out o… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10386 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10387
CVSS 9.8 CVE-2016-10387 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was pot… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10387 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10388
CVSS 9.8 CVE-2016-10388 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vuln… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10388 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10390
CVSS 9.8 CVE-2016-10390 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a f… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10390 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10391
CVSS 9.8 CVE-2016-10391 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10391 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-10392
CVSS 9.8 CVE-2016-10392 — In all Qualcomm products with Android releases from CAF using t… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potenti… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-10392 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-5871
CVSS 9.8 CVE-2016-5871 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-5871 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2016-5872
CVSS 9.8 CVE-2016-5872 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2016-5872 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Qualcomm |
CVE-2017-7364
CVSS 9.8 CVE-2017-7364 — In all Qualcomm products with Android releases from CAF using th… 📄 التفاصيل ← |
NVD | In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_f… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Android 14/13 | Exploit | Refer to CVE-2017-7364 NVD advisory |
UTC: 2017-08-18
EDT: 2017-08-18
SA: 2017-08-18
|
| Fortinet |
CVE-2015-3616
CVSS 9.8 CVE-2015-3616 — SQL injection vulnerability in Fortinet FortiManager 5.0.x befor… 📄 التفاصيل ← |
NVD | SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows … | No | 🔴 Critical | Fortinet FortiManager | Exploit | Fortinet PSIRT Advisory |
UTC: 2017-08-11
EDT: 2017-08-11
SA: 2017-08-11
|
| Linux |
CVE-2017-12762
CVSS 9.8 CVE-2017-12762 — In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is co… 📄 التفاصيل ← |
NVD | In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2017-12762 NVD advisory |
UTC: 2017-08-09
EDT: 2017-08-09
SA: 2017-08-09
|
| VMware |
CVE-2017-10137
CVSS 10 CVE-2017-10137 — Vulnerability in the Oracle WebLogic Server component of Oracle… 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JND… | No | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Intel |
CVE-2017-10202
CVSS 9.9 CVE-2017-10202 — Vulnerability in the OJVM component of Oracle Database Server. … 📄 التفاصيل ← |
NVD | Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected … | No | 🔴 Critical | Microsoft Windows | Oracle Database | Exploit | Update to v11.2.0 |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10086
CVSS 9.6 CVE-2017-10086 — Vulnerability in the Java SE component of Oracle Java SE (subco… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions … | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10086 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10087
CVSS 9.6 CVE-2017-10087 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10087 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10089
CVSS 9.6 CVE-2017-10089 — Vulnerability in the Java SE component of Oracle Java SE (subco… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10089 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10090
CVSS 9.6 CVE-2017-10090 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10090 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10096
CVSS 9.6 CVE-2017-10096 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10096 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10101
CVSS 9.6 CVE-2017-10101 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10101 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10102
CVSS 9 CVE-2017-10102 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10102 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10107
CVSS 9.6 CVE-2017-10107 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10107 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10110
CVSS 9.6 CVE-2017-10110 — Vulnerability in the Java SE component of Oracle Java SE (subco… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions tha… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10110 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Oracle |
CVE-2017-10111
CVSS 9.6 CVE-2017-10111 — Vulnerability in the Java SE, Java SE Embedded component of Ora… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-10111 NVD advisory |
UTC: 2017-08-08
EDT: 2017-08-08
SA: 2017-08-08
|
| Palo Alto |
CVE-2017-8390
CVSS 9.8 CVE-2017-8390 — The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x be… 📄 التفاصيل ← |
NVD | The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, an… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Exploit | Refer to CVE-2017-8390 NVD advisory |
UTC: 2017-08-02
EDT: 2017-08-02
SA: 2017-08-02
|
| VMware |
CVE-2017-4923
CVSS 9.8 CVE-2017-4923 — VMware vCenter Server (6.5 prior to 6.5 U1) contains an informat… 📄 التفاصيل ← |
NVD | VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability. This i… | No | 🔴 Critical | VMware vCenter | Exploit | Refer to CVE-2017-4923 NVD advisory |
UTC: 2017-08-01
EDT: 2017-08-01
SA: 2017-08-01
|
| VMware |
CVE-2017-4919
CVSS 9 CVE-2017-4919 — VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with ce… 📄 التفاصيل ← |
NVD | VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to… | No | 🔴 Critical | VMware vSphere | VMware vCenter | Exploit | Refer to CVE-2017-4919 NVD advisory |
UTC: 2017-07-28
EDT: 2017-07-28
SA: 2017-07-28
|
| Intel |
CVE-2017-5691
CVSS 9 CVE-2017-5691 — Incorrect check in Intel processors from 6th and 7th Generation … 📄 التفاصيل ← |
NVD | Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2017-5691 NVD advisory |
UTC: 2017-07-26
EDT: 2017-07-26
SA: 2017-07-26
|
| Microsoft |
CVE-2017-3222
CVSS 9.8 CVE-2017-3222 — Hard-coded credentials in AmosConnect 8 allow remote attackers t… 📄 التفاصيل ← |
NVD | Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privilege… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2017-07-22
EDT: 2017-07-22
SA: 2017-07-22
|
| Fortinet |
CVE-2017-7336
CVSS 9.8 CVE-2017-7336 — A hard-coded account named 'upgrade' in Fortinet Forti… 📄 التفاصيل ← |
NVD | A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows … | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2017-07-22
EDT: 2017-07-22
SA: 2017-07-22
|
| Linux |
CVE-2017-9811
CVSS 9.8 CVE-2017-9811 — The kluser is able to interact with the kav4fs-control binary in… 📄 التفاصيل ← |
NVD | The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File… | No | 🔴 Critical | The kluser is | Exploit | Update to v8.0.4 |
UTC: 2017-07-17
EDT: 2017-07-17
SA: 2017-07-17
|
| Kaspersky |
CVE-2017-1000030
CVSS 9.8 CVE-2017-1000030 — Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22)… 📄 التفاصيل ← |
NVD | Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Passwo… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-1000030 NVD advisory |
UTC: 2017-07-17
EDT: 2017-07-17
SA: 2017-07-17
|
| Juniper |
CVE-2017-10601
CVSS 9.8 CVE-2017-10601 — A specific device configuration can result in a commit failure … 📄 التفاصيل ← |
NVD | A specific device configuration can result in a commit failure condition. When this occurs, a user i… | No | 🔴 Critical | Juniper JunOS | Exploit | Refer to CVE-2017-10601 NVD advisory |
UTC: 2017-07-17
EDT: 2017-07-17
SA: 2017-07-17
|
| Juniper |
CVE-2017-2336
CVSS 9.6 CVE-2017-2336 — A reflected cross site scripting vulnerability in NetScreen WebU… 📄 التفاصيل ← |
NVD | A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScr… | No | 🔴 Critical | A reflected cross | Exploit | Refer to CVE-2017-2336 NVD advisory |
UTC: 2017-07-17
EDT: 2017-07-17
SA: 2017-07-17
|
| Juniper |
CVE-2017-2343
CVSS 10 CVE-2017-2343 — The Integrated User Firewall (UserFW) feature was introduced in … 📄 التفاصيل ← |
NVD | The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the … | No | 🔴 Critical | Microsoft Active Directory | Juniper JunOS | Exploit | Update to v12.1 |
UTC: 2017-07-17
EDT: 2017-07-17
SA: 2017-07-17
|
| Cisco |
CVE-2017-2345
CVSS 9.8 CVE-2017-2345 — On Junos OS devices with SNMP enabled, a network based attacker … 📄 التفاصيل ← |
NVD | On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can… | No | 🔴 Critical | Juniper JunOS | DDoS | Cisco Security Advisory |
UTC: 2017-07-17
EDT: 2017-07-17
SA: 2017-07-17
|
| Juniper |
CVE-2017-2349
CVSS 9.9 CVE-2017-2349 — A command injection vulnerability in the IDP feature of Juniper … 📄 التفاصيل ← |
NVD | A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devi… | No | 🔴 Critical | Juniper JunOS | Exploit | Refer to CVE-2017-2349 NVD advisory |
UTC: 2017-07-17
EDT: 2017-07-17
SA: 2017-07-17
|
| Windows |
CVE-2017-8589
CVSS 9.8 CVE-2017-8589 — Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Win… 📄 التفاصيل ← |
NVD | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2017-07-11
EDT: 2017-07-11
SA: 2017-07-11
|
| Vulnerability |
CVE-2017-10912
CVSS 10 CVE-2017-10912 — Xen through 4.8.x mishandles page transfer, which allows guest … 📄 التفاصيل ← |
NVD | Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS… | No | 🔴 Critical | Xen | Exploit | Refer to CVE-2017-10912 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| Vulnerability |
CVE-2017-10913
CVSS 9.8 CVE-2017-10913 — The grant-table feature in Xen through 4.8.x provides false map… 📄 التفاصيل ← |
NVD | The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of … | No | 🔴 Critical | The grant-table feature in Xen | Exploit | Refer to CVE-2017-10913 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| Vulnerability |
CVE-2017-10915
CVSS 9 CVE-2017-10915 — The shadow-paging feature in Xen through 4.8.x mismanages page … 📄 التفاصيل ← |
NVD | The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduce… | No | 🔴 Critical | The shadow-paging feature in Xen | Exploit | Refer to CVE-2017-10915 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| DDoS |
CVE-2017-10917
CVSS 9.1 CVE-2017-10917 — Xen through 4.8.x does not validate the port numbers of polled … 📄 التفاصيل ← |
NVD | Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows gue… | No | 🔴 Critical | Xen | DDoS | Refer to CVE-2017-10917 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| Malware |
CVE-2017-10918
CVSS 10 CVE-2017-10918 — Xen through 4.8.x does not validate memory allocations during c… 📄 التفاصيل ← |
NVD | Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows g… | No | 🔴 Critical | Xen | Exploit | Refer to CVE-2017-10918 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| DDoS |
CVE-2017-10920
CVSS 10 CVE-2017-10920 — The grant-table feature in Xen through 4.8.x mishandles a GNTMA… 📄 التفاصيل ← |
NVD | The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapp… | No | 🔴 Critical | The grant-table feature in Xen | DDoS | Refer to CVE-2017-10920 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| DDoS |
CVE-2017-10921
CVSS 10 CVE-2017-10921 — The grant-table feature in Xen through 4.8.x does not ensure su… 📄 التفاصيل ← |
NVD | The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_dev… | No | 🔴 Critical | The grant-table feature in Xen | DDoS | Refer to CVE-2017-10921 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| IBM |
CVE-2017-1269
CVSS 9.8 CVE-2017-1269 — IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injecti… 📄 التفاصيل ← |
NVD | IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send spe… | No | 🔴 Critical | IBM Security Guardium | Exploit | Refer to CVE-2017-1269 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| IBM |
CVE-2017-1175
CVSS 9.8 CVE-2017-1175 — IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to S… 📄 التفاصيل ← |
NVD | IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to SQL injection. A remote attacker coul… | No | 🔴 Critical | IBM Maximo Asset Management | Exploit | Refer to CVE-2017-1175 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| IBM |
CVE-2017-1253
CVSS 9.9 CVE-2017-1253 — IBM Security Guardium 10.0 could allow a remote authenticated at… 📄 التفاصيل ← |
NVD | IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands… | No | 🔴 Critical | IBM Security Guardium | Exploit | Refer to CVE-2017-1253 NVD advisory |
UTC: 2017-07-05
EDT: 2017-07-05
SA: 2017-07-05
|
| Microsoft |
CVE-2017-8543
CVSS 9.8 CVE-2017-8543 — Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 200… 📄 التفاصيل ← |
NVD | Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1,… | Yes | 🔴 Critical | Windows 10 | Windows Server | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2017-06-15
EDT: 2017-06-15
SA: 2017-06-15
|
| VMware |
CVE-2016-5405
CVSS 9.8 CVE-2016-5405 — 389 Directory Server in Red Hat Enterprise Linux Desktop 6 throu… 📄 التفاصيل ← |
NVD | 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC N… | No | 🔴 Critical | Red Hat Enterprise Linux | Exploit | Refer to CVE-2016-5405 NVD advisory |
UTC: 2017-06-08
EDT: 2017-06-08
SA: 2017-06-08
|
| VMware |
CVE-2016-7050
CVSS 9.8 CVE-2016-7050 — SerializableProvider in RESTEasy in Red Hat Enterprise Linux Des… 📄 التفاصيل ← |
NVD | SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC… | No | 🔴 Critical | Red Hat Enterprise Linux | Exploit | Refer to CVE-2016-7050 NVD advisory |
UTC: 2017-06-08
EDT: 2017-06-08
SA: 2017-06-08
|
| Cisco |
CVE-2017-6639
CVSS 9.8 CVE-2017-6639 — A vulnerability in the role-based access control (RBAC) function… 📄 التفاصيل ← |
NVD | A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Net… | No | 🔴 Critical | Cisco | Exploit | Cisco Security Advisory |
UTC: 2017-06-08
EDT: 2017-06-08
SA: 2017-06-08
|
| Cisco |
CVE-2017-6640
CVSS 9.8 CVE-2017-6640 — A vulnerability in Cisco Prime Data Center Network Manager (DCNM… 📄 التفاصيل ← |
NVD | A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenti… | No | 🔴 Critical | Cisco | Exploit | Cisco Security Advisory |
UTC: 2017-06-08
EDT: 2017-06-08
SA: 2017-06-08
|
| VMware |
CVE-2017-4901
CVSS 9.9 CVE-2017-4901 — The drag-and-drop (DnD) function in VMware Workstation 12.x befo… 📄 التفاصيل ← |
NVD | The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x bef… | No | 🔴 Critical | VMware | Exploit | Update to v12.5. |
UTC: 2017-06-08
EDT: 2017-06-08
SA: 2017-06-08
|
| Ubiquiti |
CVE-2017-4907
CVSS 9.8 CVE-2017-4907 — VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.… 📄 التفاصيل ← |
NVD | VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2017-4907 NVD advisory |
UTC: 2017-06-08
EDT: 2017-06-08
SA: 2017-06-08
|
| VMware |
CVE-2017-4918
CVSS 9.8 CVE-2017-4918 — VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) con… 📄 التفاصيل ← |
NVD | VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerabil… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2017-4918 NVD advisory |
UTC: 2017-06-08
EDT: 2017-06-08
SA: 2017-06-08
|
| VMware |
CVE-2017-4914
CVSS 9.8 CVE-2017-4914 — VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.… 📄 التفاصيل ← |
NVD | VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue… | No | 🔴 Critical | VMware vSphere | Exploit | Refer to CVE-2017-4914 NVD advisory |
UTC: 2017-06-07
EDT: 2017-06-07
SA: 2017-06-07
|
| VMware |
CVE-2017-4917
CVSS 9.8 CVE-2017-4917 — VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.… 📄 التفاصيل ← |
NVD | VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server cr… | No | 🔴 Critical | VMware vSphere | VMware vCenter | Exploit | Refer to CVE-2017-4917 NVD advisory |
UTC: 2017-06-07
EDT: 2017-06-07
SA: 2017-06-07
|
| Vulnerability |
CVE-2017-9417
CVSS 9.8 CVE-2017-9417 — Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute a… 📄 التفاصيل ← |
NVD | Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vector… | No | 🔴 Critical | Broadcom BCM43xx Wi-Fi | Exploit | Refer to CVE-2017-9417 NVD advisory |
UTC: 2017-06-04
EDT: 2017-06-04
SA: 2017-06-04
|
| Fortinet |
CVE-2017-7337
CVSS 9.1 CVE-2017-7337 — An improper Access Control vulnerability in Fortinet FortiPortal… 📄 التفاصيل ← |
NVD | An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an … | No | 🔴 Critical | Fortinet | Exploit | Update to v4.0.0 | Fortinet PSIRT Advisory |
UTC: 2017-05-26
EDT: 2017-05-26
SA: 2017-05-26
|
| Intel |
CVE-2017-5689
CVSS 9.8 CVE-2017-5689 — An unprivileged network attacker could gain system privileges to… 📄 التفاصيل ← |
NVD | An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKU… | Yes | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2017-5689 NVD advisory |
UTC: 2017-05-02
EDT: 2017-05-02
SA: 2017-05-02
|
| Palo Alto |
CVE-2017-7945
CVSS 9.8 CVE-2017-7945 — The GlobalProtect external interface in Palo Alto Networks PAN-O… 📄 التفاصيل ← |
NVD | The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, … | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Palo Alto GlobalProtect VP | Exploit | Refer to CVE-2017-7945 NVD advisory |
UTC: 2017-04-29
EDT: 2017-04-29
SA: 2017-04-29
|
| Linux |
CVE-2017-7895
CVSS 9.8 CVE-2017-7895 — The NFSv2 and NFSv3 server implementations in the Linux kernel t… 📄 التفاصيل ← |
NVD | The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks f… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2017-7895 NVD advisory |
UTC: 2017-04-28
EDT: 2017-04-28
SA: 2017-04-28
|
| Juniper |
CVE-2017-2320
CVSS 10 CVE-2017-2320 — A vulnerability in Juniper Networks NorthStar Controller Applica… 📄 التفاصيل ← |
NVD | A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service … | No | 🔴 Critical | A vulnerability in | DDoS | Update to v2.1.0 |
UTC: 2017-04-24
EDT: 2017-04-24
SA: 2017-04-24
|
| Intel |
CVE-2016-6818
CVSS 9.8 CVE-2016-6818 — SQL injection vulnerability in SAP Business Intelligence platfor… 📄 التفاصيل ← |
NVD | SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote … | No | 🔴 Critical | Intel Processor | SAP | DDoS | Refer to CVE-2016-6818 NVD advisory |
UTC: 2017-04-13
EDT: 2017-04-13
SA: 2017-04-13
|
| Intel |
CVE-2017-7462
CVSS 9.8 CVE-2017-7462 — Intellinet NFC-30ir IP Camera has a vendor backdoor that can all… 📄 التفاصيل ← |
NVD | Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a ven… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2017-7462 NVD advisory |
UTC: 2017-04-11
EDT: 2017-04-11
SA: 2017-04-11
|
| Android |
CVE-2017-0561
CVSS 9.8 CVE-2017-0561 — A remote code execution vulnerability in the Broadcom Wi-Fi firm… 📄 التفاصيل ← |
NVD | A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker … | No | 🔴 Critical | Android | Exploit | Update to v3.10 |
UTC: 2017-04-07
EDT: 2017-04-07
SA: 2017-04-07
|
| Linux |
CVE-2016-10229
CVSS 9.8 CVE-2016-10229 — udp.c in the Linux kernel before 4.5 allows remote attackers to… 📄 التفاصيل ← |
NVD | udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traff… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2016-10229 NVD advisory |
UTC: 2017-04-04
EDT: 2017-04-04
SA: 2017-04-04
|
| Windows |
CVE-2017-7269
CVSS 9.8 CVE-2017-7269 — Buffer overflow in the ScStoragePathFromUrl function in the WebD… 📄 التفاصيل ← |
NVD | Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information S… | Yes | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2017-03-27
EDT: 2017-03-27
SA: 2017-03-27
|
| Linux |
CVE-2017-5206
CVSS 9 CVE-2017-5206 — Firejail before 0.9.44.4, when running on a Linux kernel before … 📄 التفاصيل ← |
NVD | Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attack… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2017-5206 NVD advisory |
UTC: 2017-03-23
EDT: 2017-03-23
SA: 2017-03-23
|
| Linux |
CVE-2017-5897
CVSS 9.8 CVE-2017-5897 — The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kerne… 📄 التفاصيل ← |
NVD | The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have un… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2017-5897 NVD advisory |
UTC: 2017-03-23
EDT: 2017-03-23
SA: 2017-03-23
|
| Intel |
CVE-2014-9939
CVSS 9.8 CVE-2014-9939 — ihex.c in GNU Binutils before 2.26 contains a stack buffer overf… 📄 التفاصيل ← |
NVD | ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2014-9939 NVD advisory |
UTC: 2017-03-21
EDT: 2017-03-21
SA: 2017-03-21
|
| Cisco |
CVE-2017-3881
CVSS 9.8 CVE-2017-3881 — A vulnerability in the Cisco Cluster Management Protocol (CMP) p… 📄 التفاصيل ← |
NVD | A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisc… | Yes | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2017-03-17
EDT: 2017-03-17
SA: 2017-03-17
|
| Windows |
CVE-2017-0021
CVSS 9 CVE-2017-0021 — Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 doe… 📄 التفاصيل ← |
NVD | Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet … | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2017-03-17
EDT: 2017-03-17
SA: 2017-03-17
|
| Intel |
CVE-2014-9921
CVSS 9.8 CVE-2014-9921 — Information disclosure vulnerability in McAfee (now Intel Securi… 📄 التفاصيل ← |
NVD | Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructiv… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2014-9921 NVD advisory |
UTC: 2017-03-14
EDT: 2017-03-14
SA: 2017-03-14
|
| Intel |
CVE-2016-8027
CVSS 10 CVE-2016-8027 — SQL injection vulnerability in core services in Intel Security M… 📄 التفاصيل ← |
NVD | SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3… | No | 🔴 Critical | Intel Processor | Exploit | Refer to CVE-2016-8027 NVD advisory |
UTC: 2017-03-14
EDT: 2017-03-14
SA: 2017-03-14
|
| Network |
CVE-2013-4659
CVSS 9.8 CVE-2013-4659 — Buffer overflow in Broadcom ACSD allows remote attackers to exec… 📄 التفاصيل ← |
NVD | Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string… | No | 🔴 Critical | Buffer overflow in | Exploit | Refer to CVE-2013-4659 NVD advisory |
UTC: 2017-03-14
EDT: 2017-03-14
SA: 2017-03-14
|
| Intel |
CVE-2017-5178
CVSS 9.8 CVE-2017-5178 — An issue was discovered in Schneider Electric Tableau Server/Des… 📄 التفاصيل ← |
NVD | An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonde… | No | 🔴 Critical | Microsoft Windows | Microsoft Active Directory | Intel Processor | Exploit | Update to v7.0 |
UTC: 2017-03-08
EDT: 2017-03-08
SA: 2017-03-08
|
| Lenovo |
CVE-2016-8233
CVSS 9.8 CVE-2016-8233 — Log files generated by Lenovo XClarity Administrator (LXCA) vers… 📄 التفاصيل ← |
NVD | Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain … | No | 🔴 Critical | Log files generated | Exploit | Update to v1.2.2 |
UTC: 2017-03-01
EDT: 2017-03-01
SA: 2017-03-01
|
| NetApp |
CVE-2016-5711
CVSS 9.8 CVE-2016-5711 — NetApp Virtual Storage Console for VMware vSphere before 6.2.1 u… 📄 التفاصيل ← |
NVD | NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a non-unique certificate, which … | No | 🔴 Critical | VMware vSphere | NetApp ONTAP | Exploit | Refer to CVE-2016-5711 NVD advisory |
UTC: 2017-02-07
EDT: 2017-02-07
SA: 2017-02-07
|
| Linux |
CVE-2016-10150
CVSS 9.8 CVE-2016-10150 — Use-after-free vulnerability in the kvm_ioctl_create_device fun… 📄 التفاصيل ← |
NVD | Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the L… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | IOC | Refer to CVE-2016-10150 NVD advisory |
UTC: 2017-02-06
EDT: 2017-02-06
SA: 2017-02-06
|
| Fortinet |
CVE-2016-8491
CVSS 9.1 CVE-2016-8491 — The presence of a hardcoded account named 'core' in Fo… 📄 التفاصيل ← |
NVD | The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to … | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2017-02-01
EDT: 2017-02-01
SA: 2017-02-01
|
| VMware |
CVE-2017-3248
CVSS 9.8 CVE-2017-3248 — Vulnerability in the Oracle WebLogic Server component of Oracle … 📄 التفاصيل ← |
NVD | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Cor… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Update to v10.3.6 |
UTC: 2017-01-27
EDT: 2017-01-27
SA: 2017-01-27
|
| Oracle |
CVE-2017-3310
CVSS 9 CVE-2017-3310 — Vulnerability in the OJVM component of Oracle Database Server. S… 📄 التفاصيل ← |
NVD | Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected … | No | 🔴 Critical | Oracle Database | Exploit | Update to v11.2.0 |
UTC: 2017-01-27
EDT: 2017-01-27
SA: 2017-01-27
|
| Oracle |
CVE-2017-3241
CVSS 9 CVE-2017-3241 — Vulnerability in the Java SE, Java SE Embedded, JRockit componen… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: R… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-3241 NVD advisory |
UTC: 2017-01-27
EDT: 2017-01-27
SA: 2017-01-27
|
| Oracle |
CVE-2017-3272
CVSS 9.6 CVE-2017-3272 — Vulnerability in the Java SE, Java SE Embedded component of Orac… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-3272 NVD advisory |
UTC: 2017-01-27
EDT: 2017-01-27
SA: 2017-01-27
|
| Oracle |
CVE-2017-3289
CVSS 9.6 CVE-2017-3289 — Vulnerability in the Java SE, Java SE Embedded component of Orac… 📄 التفاصيل ← |
NVD | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). … | No | 🔴 Critical | Java | Exploit | Refer to CVE-2017-3289 NVD advisory |
UTC: 2017-01-27
EDT: 2017-01-27
SA: 2017-01-27
|
| Juniper |
CVE-2016-7929
CVSS 9.8 CVE-2016-7929 — The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffe… 📄 التفاصيل ← |
NVD | The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:junipe… | No | 🔴 Critical | The Juniper PPPoE | Exploit | Refer to CVE-2016-7929 NVD advisory |
UTC: 2017-01-27
EDT: 2017-01-27
SA: 2017-01-27
|
| Kaspersky |
CVE-2016-7456
CVSS 9.8 CVE-2016-7456 — VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an S… 📄 التفاصيل ← |
NVD | VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known… | Yes | 🔴 Critical | VMware vSphere | Exploit | Refer to CVE-2016-7456 NVD advisory |
UTC: 2016-12-29
EDT: 2016-12-29
SA: 2016-12-29
|
| VMware |
CVE-2016-7457
CVSS 10 CVE-2016-7457 — VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows r… 📄 التفاصيل ← |
NVD | VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain pr… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2016-7457 NVD advisory |
UTC: 2016-12-29
EDT: 2016-12-29
SA: 2016-12-29
|
| VMware |
CVE-2016-7460
CVSS 9.1 CVE-2016-7460 — The Single Sign-On feature in VMware vCenter Server 5.5 before U… 📄 التفاصيل ← |
NVD | The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and 6.0 before U2a and vRealize A… | No | 🔴 Critical | VMware vCenter | DDoS | Refer to CVE-2016-7460 NVD advisory |
UTC: 2016-12-29
EDT: 2016-12-29
SA: 2016-12-29
|
| Office |
CVE-2016-7277
CVSS 9.6 CVE-2016-7277 — Microsoft Office 2016 allows remote attackers to execute arbitra… 📄 التفاصيل ← |
NVD | Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service… | No | 🔴 Critical | Microsoft Office 2016 | DDoS | Microsoft Patch Tuesday |
UTC: 2016-12-20
EDT: 2016-12-20
SA: 2016-12-20
|
| Kaspersky |
CVE-2016-9013
CVSS 9.8 CVE-2016-9013 — Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x befo… 📄 التفاصيل ← |
NVD | Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password f… | No | 🔴 Critical | Oracle Database | Exploit | Refer to CVE-2016-9013 NVD advisory |
UTC: 2016-12-09
EDT: 2016-12-09
SA: 2016-12-09
|
| Linux |
CVE-2016-9555
CVSS 9.8 CVE-2016-9555 — The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linu… 📄 التفاصيل ← |
NVD | The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-le… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2016-9555 NVD advisory |
UTC: 2016-11-28
EDT: 2016-11-28
SA: 2016-11-28
|
| Palo Alto |
CVE-2016-9150
CVSS 9.8 CVE-2016-9150 — Buffer overflow in the management web interface in Palo Alto Net… 📄 التفاصيل ← |
NVD | Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x be… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Exploit | Refer to CVE-2016-9150 NVD advisory |
UTC: 2016-11-19
EDT: 2016-11-19
SA: 2016-11-19
|
| Cisco |
CVE-2016-6441
CVSS 9.8 CVE-2016-6441 — A vulnerability in the Transaction Language 1 (TL1) code of Cisc… 📄 التفاصيل ← |
NVD | A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow… | No | 🔴 Critical | Cisco IOS XE 17.x | Exploit | Cisco Security Advisory |
UTC: 2016-11-03
EDT: 2016-11-03
SA: 2016-11-03
|
| VMware |
CVE-2016-5531
CVSS 9.8 CVE-2016-5531 — Unspecified vulnerability in the Oracle WebLogic Server componen… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6… | No | 🔴 Critical | Oracle WebLogic | Exploit | Refer to CVE-2016-5531 NVD advisory |
UTC: 2016-10-25
EDT: 2016-10-25
SA: 2016-10-25
|
| VMware |
CVE-2016-5535
CVSS 9.8 CVE-2016-5535 — Unspecified vulnerability in the Oracle WebLogic Server componen… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6… | No | 🔴 Critical | Oracle WebLogic | Exploit | Refer to CVE-2016-5535 NVD advisory |
UTC: 2016-10-25
EDT: 2016-10-25
SA: 2016-10-25
|
| Oracle |
CVE-2016-5555
CVSS 9.1 CVE-2016-5555 — Unspecified vulnerability in the OJVM component in Oracle Databa… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allo… | No | 🔴 Critical | Oracle Database | Exploit | Refer to CVE-2016-5555 NVD advisory |
UTC: 2016-10-25
EDT: 2016-10-25
SA: 2016-10-25
|
| Oracle |
CVE-2016-5556
CVSS 9.6 CVE-2016-5556 — Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affec… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-5556 NVD advisory |
UTC: 2016-10-25
EDT: 2016-10-25
SA: 2016-10-25
|
| Oracle |
CVE-2016-5568
CVSS 9.6 CVE-2016-5568 — Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affec… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-5568 NVD advisory |
UTC: 2016-10-25
EDT: 2016-10-25
SA: 2016-10-25
|
| Oracle |
CVE-2016-5582
CVSS 9.6 CVE-2016-5582 — Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102;… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows r… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-5582 NVD advisory |
UTC: 2016-10-25
EDT: 2016-10-25
SA: 2016-10-25
|
| Windows |
CVE-2016-7182
CVSS 9.8 CVE-2016-7182 — The Graphics component in Microsoft Windows Vista SP2; Windows S… 📄 التفاصيل ← |
NVD | The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | ICS/OT | Microsoft Patch Tuesday |
UTC: 2016-10-14
EDT: 2016-10-14
SA: 2016-10-14
|
| Qualcomm |
CVE-2016-5343
CVSS 9.8 CVE-2016-5343 — drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Servic… 📄 التفاصيل ← |
NVD | drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, a… | No | 🔴 Critical | Linux Kernel | Android | DDoS | Refer to CVE-2016-5343 NVD advisory |
UTC: 2016-10-10
EDT: 2016-10-10
SA: 2016-10-10
|
| Linux |
CVE-2016-7117
CVSS 9.8 CVE-2016-7117 — Use-after-free vulnerability in the __sys_recvmmsg function in n… 📄 التفاصيل ← |
NVD | Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel befo… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2016-7117 NVD advisory |
UTC: 2016-10-10
EDT: 2016-10-10
SA: 2016-10-10
|
| Cisco |
CVE-2016-1453
CVSS 9.8 CVE-2016-1453 — Buffer overflow in the Overlay Transport Virtualization (OTV) GR… 📄 التفاصيل ← |
NVD | Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through… | No | 🔴 Critical | Cisco NX-OS | Cisco | Exploit | Cisco Security Advisory |
UTC: 2016-10-06
EDT: 2016-10-06
SA: 2016-10-06
|
| Fortinet |
CVE-2016-7560
CVSS 9.8 CVE-2016-7560 — The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0… 📄 التفاصيل ← |
NVD | The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, an… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2016-10-05
EDT: 2016-10-05
SA: 2016-10-05
|
| Fortinet |
CVE-2016-4573
CVSS 9.8 CVE-2016-4573 — Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-2… 📄 التفاصيل ← |
NVD | Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE… | No | 🔴 Critical | Fortinet | Exploit | Fortinet PSIRT Advisory |
UTC: 2016-09-09
EDT: 2016-09-09
SA: 2016-09-09
|
| Juniper |
CVE-2016-1279
CVSS 9.8 CVE-2016-1279 — J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X… 📄 التفاصيل ← |
NVD | J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 1… | No | 🔴 Critical | Juniper JunOS | Exploit | Refer to CVE-2016-1279 NVD advisory |
UTC: 2016-09-09
EDT: 2016-09-09
SA: 2016-09-09
|
| Qualcomm |
CVE-2016-5344
CVSS 9.8 CVE-2016-5344 — Multiple integer overflows in the MDSS driver for the Linux kern… 📄 التفاصيل ← |
NVD | Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovati… | No | 🔴 Critical | Linux Kernel | Android | DDoS | Refer to CVE-2016-5344 NVD advisory |
UTC: 2016-08-30
EDT: 2016-08-30
SA: 2016-08-30
|
| VMware |
CVE-2016-5333
CVSS 9.8 CVE-2016-5333 — VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH pub… 📄 التفاصيل ← |
NVD | VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, … | No | 🔴 Critical | Microsoft Edge | Exploit | Refer to CVE-2016-5333 NVD advisory |
UTC: 2016-08-30
EDT: 2016-08-30
SA: 2016-08-30
|
| VMware |
CVE-2016-5336
CVSS 9.8 CVE-2016-5336 — VMware vRealize Automation 7.0.x before 7.1 allows remote attack… 📄 التفاصيل ← |
NVD | VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via un… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2016-5336 NVD advisory |
UTC: 2016-08-30
EDT: 2016-08-30
SA: 2016-08-30
|
| Fortinet |
CVE-2016-6909
CVSS 9.8 CVE-2016-6909 — Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x bef… 📄 التفاصيل ← |
NVD | Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and… | No | 🔴 Critical | Fortinet FortiOS 7.4.x | Exploit | Fortinet PSIRT Advisory |
UTC: 2016-08-24
EDT: 2016-08-24
SA: 2016-08-24
|
| Linux |
CVE-2016-5408
CVSS 9.8 CVE-2016-5408 — Stack-based buffer overflow in the munge_other_line function in … 📄 التفاصيل ← |
NVD | Stack-based buffer overflow in the munge_other_line function in cachemgr.cgi in the squid package be… | No | 🔴 Critical | Red Hat Enterprise Linux | Exploit | Refer to CVE-2016-5408 NVD advisory |
UTC: 2016-08-10
EDT: 2016-08-10
SA: 2016-08-10
|
| Windows |
CVE-2016-3312
CVSS 9.1 CVE-2016-3312 — ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows … 📄 التفاصيل ← |
NVD | ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attackers to discover credentials by… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Exploit | Microsoft Patch Tuesday |
UTC: 2016-08-09
EDT: 2016-08-09
SA: 2016-08-09
|
| Qualcomm |
CVE-2014-9410
CVSS 9.8 CVE-2014-9410 — The vfe31_proc_general function in drivers/media/video/msm/vfe/m… 📄 التفاصيل ← |
NVD | The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver f… | No | 🔴 Critical | Linux Kernel | Android | IOC | Refer to CVE-2014-9410 NVD advisory |
UTC: 2016-08-07
EDT: 2016-08-07
SA: 2016-08-07
|
| Qualcomm |
CVE-2015-0573
CVSS 9.8 CVE-2015-0573 — drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for… 📄 التفاصيل ← |
NVD | drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qu… | No | 🔴 Critical | Linux Kernel | Android | IOC | Refer to CVE-2015-0573 NVD advisory |
UTC: 2016-08-07
EDT: 2016-08-07
SA: 2016-08-07
|
| VMware |
CVE-2016-3499
CVSS 9.8 CVE-2016-3499 — Unspecified vulnerability in the Oracle WebLogic Server componen… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3… | No | 🔴 Critical | Oracle WebLogic | Exploit | Refer to CVE-2016-3499 NVD advisory |
UTC: 2016-07-21
EDT: 2016-07-21
SA: 2016-07-21
|
| VMware |
CVE-2016-3510
CVSS 9.8 CVE-2016-3510 — Unspecified vulnerability in the Oracle WebLogic Server componen… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6… | Yes | 🔴 Critical | Oracle WebLogic | Exploit | Refer to CVE-2016-3510 NVD advisory |
UTC: 2016-07-21
EDT: 2016-07-21
SA: 2016-07-21
|
| VMware |
CVE-2016-3586
CVSS 9.8 CVE-2016-3586 — Unspecified vulnerability in the Oracle WebLogic Server componen… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6… | No | 🔴 Critical | Oracle WebLogic | Exploit | Refer to CVE-2016-3586 NVD advisory |
UTC: 2016-07-21
EDT: 2016-07-21
SA: 2016-07-21
|
| Oracle |
CVE-2016-3609
CVSS 9 CVE-2016-3609 — Unspecified vulnerability in the OJVM component in Oracle Databa… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12… | No | 🔴 Critical | Oracle Database | Exploit | Refer to CVE-2016-3609 NVD advisory |
UTC: 2016-07-21
EDT: 2016-07-21
SA: 2016-07-21
|
| Oracle |
CVE-2016-3587
CVSS 9.6 CVE-2016-3587 — Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Emb… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers t… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-3587 NVD advisory |
UTC: 2016-07-21
EDT: 2016-07-21
SA: 2016-07-21
|
| Oracle |
CVE-2016-3598
CVSS 9.6 CVE-2016-3598 — Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Emb… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers t… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-3598 NVD advisory |
UTC: 2016-07-21
EDT: 2016-07-21
SA: 2016-07-21
|
| Oracle |
CVE-2016-3606
CVSS 9.6 CVE-2016-3606 — Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and J… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote a… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-3606 NVD advisory |
UTC: 2016-07-21
EDT: 2016-07-21
SA: 2016-07-21
|
| Oracle |
CVE-2016-3610
CVSS 9.6 CVE-2016-3610 — Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Emb… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers t… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-3610 NVD advisory |
UTC: 2016-07-21
EDT: 2016-07-21
SA: 2016-07-21
|
| Linux |
CVE-2016-3955
CVSS 9.8 CVE-2016-3955 — The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.… 📄 التفاصيل ← |
NVD | The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 a… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2016-3955 NVD advisory |
UTC: 2016-07-03
EDT: 2016-07-03
SA: 2016-07-03
|
| Broadcom |
CVE-2016-3645
CVSS 9.8 CVE-2016-3645 — Integer overflow in the TNEF unpacker in the AntiVirus Decompose… 📄 التفاصيل ← |
NVD | Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat… | No | 🔴 Critical | Microsoft Exchange (2016 CU23/2019 CU14) | Exploit | Microsoft Patch Tuesday |
UTC: 2016-06-30
EDT: 2016-06-30
SA: 2016-06-30
|
| Windows |
CVE-2016-3227
CVSS 9.8 CVE-2016-3227 — Use-after-free vulnerability in the DNS Server component in Micr… 📄 التفاصيل ← |
NVD | Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2016-06-16
EDT: 2016-06-16
SA: 2016-06-16
|
| Windows |
CVE-2016-3236
CVSS 9.8 CVE-2016-3236 — The Web Proxy Auto Discovery (WPAD) protocol implementation in M… 📄 التفاصيل ← |
NVD | The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows … | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2016-06-16
EDT: 2016-06-16
SA: 2016-06-16
|
| VMware |
CVE-2016-2077
CVSS 9.8 CVE-2016-2077 — VMware Workstation 11.x before 11.1.3 and VMware Player 7.x befo… 📄 التفاصيل ← |
NVD | VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly acce… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2016-05-18
EDT: 2016-05-18
SA: 2016-05-18
|
| Linux |
CVE-2015-8812
CVSS 9.8 CVE-2015-8812 — drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before… 📄 التفاصيل ← |
NVD | drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify erro… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2015-8812 NVD advisory |
UTC: 2016-04-27
EDT: 2016-04-27
SA: 2016-04-27
|
| VMware |
CVE-2016-0638
CVSS 9.8 CVE-2016-0638 — Unspecified vulnerability in the Oracle WebLogic Server componen… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6… | No | 🔴 Critical | Java | Oracle WebLogic | Exploit | Refer to CVE-2016-0638 NVD advisory |
UTC: 2016-04-21
EDT: 2016-04-21
SA: 2016-04-21
|
| Oracle |
CVE-2016-3454
CVSS 9 CVE-2016-3454 — Unspecified vulnerability in the Java VM component in Oracle Dat… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and… | No | 🔴 Critical | Java | Oracle Database | Exploit | Refer to CVE-2016-3454 NVD advisory |
UTC: 2016-04-21
EDT: 2016-04-21
SA: 2016-04-21
|
| Oracle |
CVE-2016-0686
CVSS 9.6 CVE-2016-0686 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u7… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows r… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-0686 NVD advisory |
UTC: 2016-04-21
EDT: 2016-04-21
SA: 2016-04-21
|
| Oracle |
CVE-2016-0687
CVSS 9.6 CVE-2016-0687 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u7… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows r… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-0687 NVD advisory |
UTC: 2016-04-21
EDT: 2016-04-21
SA: 2016-04-21
|
| Oracle |
CVE-2016-3427
CVSS 9.8 CVE-2016-3427 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u7… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRocki… | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2016-3427 NVD advisory |
UTC: 2016-04-21
EDT: 2016-04-21
SA: 2016-04-21
|
| Oracle |
CVE-2016-3443
CVSS 9.6 CVE-2016-3443 — Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u7… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect … | No | 🔴 Critical | Java | Exploit | Refer to CVE-2016-3443 NVD advisory |
UTC: 2016-04-21
EDT: 2016-04-21
SA: 2016-04-21
|
| Palo Alto |
CVE-2016-3655
CVSS 9.8 CVE-2016-3655 — The management web interface in Palo Alto Networks PAN-OS before… 📄 التفاصيل ← |
NVD | The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x … | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Exploit | Refer to CVE-2016-3655 NVD advisory |
UTC: 2016-04-12
EDT: 2016-04-12
SA: 2016-04-12
|
| Palo Alto |
CVE-2016-3657
CVSS 9.8 CVE-2016-3657 — Buffer overflow in the GlobalProtect Portal in Palo Alto Network… 📄 التفاصيل ← |
NVD | Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before… | No | 🔴 Critical | Palo Alto PAN-OS 11.x | Palo Alto PAN-OS (PA-Series/VM-Series/Panorama) | Palo Alto GlobalProtect VP | DDoS | Refer to CVE-2016-3657 NVD advisory |
UTC: 2016-04-12
EDT: 2016-04-12
SA: 2016-04-12
|
| Windows |
CVE-2016-0088
CVSS 9.3 CVE-2016-0088 — Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R… 📄 التفاصيل ← |
NVD | Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS us… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2016-04-12
EDT: 2016-04-12
SA: 2016-04-12
|
| NVIDIA |
CVE-2016-1741
CVSS 9.8 CVE-2016-1741 — The NVIDIA driver in the Graphics Drivers subsystem in Apple OS … 📄 التفاصيل ← |
NVD | The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to… | No | 🔴 Critical | NVIDIA GPU Display Driver Windows/Linux | ICS/OT | Refer to CVE-2016-1741 NVD advisory |
UTC: 2016-03-24
EDT: 2016-03-24
SA: 2016-03-24
|
| Cisco |
CVE-2016-1329
CVSS 9.8 CVE-2016-1329 — Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 device… 📄 التفاصيل ← |
NVD | Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5… | No | 🔴 Critical | Cisco NX-OS | Cisco | Exploit | Cisco Security Advisory |
UTC: 2016-03-03
EDT: 2016-03-03
SA: 2016-03-03
|
| Cisco |
CVE-2016-1341
CVSS 9.8 CVE-2016-1341 — Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2… 📄 التفاصيل ← |
NVD | Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a bl… | No | 🔴 Critical | Cisco NX-OS | Cisco | Exploit | Cisco Security Advisory |
UTC: 2016-02-24
EDT: 2016-02-24
SA: 2016-02-24
|
| IBM |
CVE-2015-7425
CVSS 10 CVE-2015-7425 — The Data Protection component in the VMware vSphere GUI in IBM T… 📄 التفاصيل ← |
NVD | The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual En… | No | 🔴 Critical | VMware vSphere | Exploit | Refer to CVE-2015-7425 NVD advisory |
UTC: 2016-02-21
EDT: 2016-02-21
SA: 2016-02-21
|
| Cisco |
CVE-2016-1287
CVSS 9.8 CVE-2016-1287 — Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco … 📄 التفاصيل ← |
NVD | Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 b… | Yes | 🔴 Critical | Cisco ASA | Cisco | APT | Cisco Security Advisory |
UTC: 2016-02-11
EDT: 2016-02-11
SA: 2016-02-11
|
| Linux |
CVE-2015-8787
CVSS 9.8 CVE-2015-8787 — The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redire… 📄 التفاصيل ← |
NVD | The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2015-8787 NVD advisory |
UTC: 2016-02-08
EDT: 2016-02-08
SA: 2016-02-08
|
| Android |
CVE-2016-0801
CVSS 9.8 CVE-2016-0801 — The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.… 📄 التفاصيل ← |
NVD | The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.… | No | 🔴 Critical | Android | DDoS | Refer to CVE-2016-0801 NVD advisory |
UTC: 2016-02-07
EDT: 2016-02-07
SA: 2016-02-07
|
| Fortinet |
CVE-2016-1909
CVSS 9.8 CVE-2016-1909 — Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; For… 📄 التفاصيل ← |
NVD | Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCa… | No | 🔴 Critical | Fortinet FortiOS 7.4.x | Exploit | Fortinet PSIRT Advisory |
UTC: 2016-01-15
EDT: 2016-01-15
SA: 2016-01-15
|
| IBM |
CVE-2015-7426
CVSS 10 CVE-2015-7426 — The Data Protection extension in the VMware GUI in IBM Tivoli St… 📄 التفاصيل ← |
NVD | The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual Environmen… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2015-7426 NVD advisory |
UTC: 2016-01-02
EDT: 2016-01-02
SA: 2016-01-02
|
| Network |
CVE-2015-7755
CVSS 9.8 CVE-2015-7755 — Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.… 📄 التفاصيل ← |
NVD | Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.… | Yes | 🔴 Critical | Juniper ScreenOS | Exploit | Refer to CVE-2015-7755 NVD advisory |
UTC: 2015-12-19
EDT: 2015-12-19
SA: 2015-12-19
|
| Web |
CVE-2015-4852
CVSS 9.8 CVE-2015-4852 — The WLS Security component in Oracle WebLogic Server 10.3.6.0, 1… 📄 التفاصيل ← |
NVD | The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allo… | Yes | 🔴 Critical | Apache HTTP Server | Oracle WebLogic | Oracle | Exploit | Refer to CVE-2015-4852 NVD advisory |
UTC: 2015-11-18
EDT: 2015-11-18
SA: 2015-11-18
|
| Linux |
CVE-2015-8104
CVSS 10 CVE-2015-8104 — The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3… 📄 التفاصيل ← |
NVD | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS us… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2015-8104 NVD advisory |
UTC: 2015-11-16
EDT: 2015-11-16
SA: 2015-11-16
|
| Windows |
CVE-2015-6103
CVE-2015-6103 — The Adobe Type Manager Library in Microsoft Windows Vista SP2, W… 📄 التفاصيل ← |
NVD | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, W… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | ICS/OT | Microsoft Patch Tuesday |
UTC: 2015-11-11
EDT: 2015-11-11
SA: 2015-11-11
|
| Windows |
CVE-2015-6104
CVE-2015-6104 — The Adobe Type Manager Library in Microsoft Windows Vista SP2, W… 📄 التفاصيل ← |
NVD | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, W… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | ICS/OT | Microsoft Patch Tuesday |
UTC: 2015-11-11
EDT: 2015-11-11
SA: 2015-11-11
|
| Windows |
CVE-2015-2513
CVE-2015-2513 — Windows Journal in Microsoft Windows Vista SP2, Windows Server 2… 📄 التفاصيل ← |
NVD | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-09-09
EDT: 2015-09-09
SA: 2015-09-09
|
| Windows |
CVE-2015-2514
CVE-2015-2514 — Windows Journal in Microsoft Windows Vista SP2, Windows Server 2… 📄 التفاصيل ← |
NVD | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-09-09
EDT: 2015-09-09
SA: 2015-09-09
|
| Windows |
CVE-2015-2530
CVE-2015-2530 — Windows Journal in Microsoft Windows Vista SP2, Windows Server 2… 📄 التفاصيل ← |
NVD | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W… | No | 🔴 Critical | Microsoft Windows 10 (22H2) | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-09-09
EDT: 2015-09-09
SA: 2015-09-09
|
| General |
CVE-2015-2590
CVSS 9.8 CVE-2015-2590 — Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33… | No | 🔴 Critical | Java | Exploit | Refer to CVE-2015-2590 NVD advisory |
UTC: 2015-07-16
EDT: 2015-07-16
SA: 2015-07-16
|
| Windows |
CVE-2015-1675
CVE-2015-1675 — Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,… 📄 التفاصيل ← |
NVD | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-05-13
EDT: 2015-05-13
SA: 2015-05-13
|
| Windows |
CVE-2015-1695
CVE-2015-1695 — Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,… 📄 التفاصيل ← |
NVD | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-05-13
EDT: 2015-05-13
SA: 2015-05-13
|
| Windows |
CVE-2015-1696
CVE-2015-1696 — Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,… 📄 التفاصيل ← |
NVD | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-05-13
EDT: 2015-05-13
SA: 2015-05-13
|
| Windows |
CVE-2015-1697
CVE-2015-1697 — Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,… 📄 التفاصيل ← |
NVD | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-05-13
EDT: 2015-05-13
SA: 2015-05-13
|
| Windows |
CVE-2015-1698
CVE-2015-1698 — Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,… 📄 التفاصيل ← |
NVD | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-05-13
EDT: 2015-05-13
SA: 2015-05-13
|
| Windows |
CVE-2015-1699
CVE-2015-1699 — Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,… 📄 التفاصيل ← |
NVD | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-05-13
EDT: 2015-05-13
SA: 2015-05-13
|
| Microsoft |
CVE-2015-1635
CVSS 9.8 CVE-2015-1635 — HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1,… 📄 التفاصيل ← |
NVD | HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows… | Yes | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-04-14
EDT: 2015-04-14
SA: 2015-04-14
|
| Windows |
CVE-2015-0088
CVE-2015-0088 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows … 📄 التفاصيل ← |
NVD | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-03-11
EDT: 2015-03-11
SA: 2015-03-11
|
| Windows |
CVE-2015-0090
CVE-2015-0090 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows … 📄 التفاصيل ← |
NVD | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-03-11
EDT: 2015-03-11
SA: 2015-03-11
|
| Windows |
CVE-2015-0091
CVE-2015-0091 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows … 📄 التفاصيل ← |
NVD | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-03-11
EDT: 2015-03-11
SA: 2015-03-11
|
| Windows |
CVE-2015-0092
CVE-2015-0092 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows … 📄 التفاصيل ← |
NVD | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-03-11
EDT: 2015-03-11
SA: 2015-03-11
|
| Windows |
CVE-2015-0093
CVE-2015-0093 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows … 📄 التفاصيل ← |
NVD | Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2015-03-11
EDT: 2015-03-11
SA: 2015-03-11
|
| VMware |
CVE-2014-3608
CVE-2014-3608 — The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 al… 📄 التفاصيل ← |
NVD | The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to b… | No | 🔴 Critical | VMware | DDoS | Refer to CVE-2014-3608 NVD advisory |
UTC: 2014-10-06
EDT: 2014-10-06
SA: 2014-10-06
|
| Linux |
CVE-2012-6638
CVE-2012-6638 — The tcp_rcv_state_process function in net/ipv4/tcp_input.c in th… 📄 التفاصيل ← |
NVD | The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2012-6638 NVD advisory |
UTC: 2014-02-15
EDT: 2014-02-15
SA: 2014-02-15
|
| Juniper |
CVE-2013-6014
CVSS 9.3 CVE-2013-6014 — Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 b… 📄 التفاصيل ← |
NVD | Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7… | No | 🔴 Critical | Juniper JunOS | Exploit | Refer to CVE-2013-6014 NVD advisory |
UTC: 2013-10-28
EDT: 2013-10-28
SA: 2013-10-28
|
| General |
CVE-2013-2465
CVSS 9.8 CVE-2013-2465 — Unspecified vulnerability in the Java Runtime Environment (JRE) … 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update… | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2013-2465 NVD advisory |
UTC: 2013-06-18
EDT: 2013-06-18
SA: 2013-06-18
|
| Linux |
CVE-2011-1180
CVSS 9.8 CVE-2011-1180 — Multiple stack-based buffer overflows in the iriap_getvaluebycla… 📄 التفاصيل ← |
NVD | Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/i… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2011-1180 NVD advisory |
UTC: 2013-06-08
EDT: 2013-06-08
SA: 2013-06-08
|
| iOS |
CVE-2013-0422
CVSS 9.8 CVE-2013-0422 — Multiple vulnerabilities in Oracle Java 7 before Update 11 allow… 📄 التفاصيل ← |
NVD | Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitra… | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2013-0422 NVD advisory |
UTC: 2013-01-10
EDT: 2013-01-10
SA: 2013-01-10
|
| iOS |
CVE-2012-5076
CVSS 9.8 CVE-2012-5076 — Unspecified vulnerability in the Java Runtime Environment (JRE) … 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update… | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2012-5076 NVD advisory |
UTC: 2012-10-16
EDT: 2012-10-16
SA: 2012-10-16
|
| General |
CVE-2012-4681
CVSS 9.8 CVE-2012-4681 — Multiple vulnerabilities in the Java Runtime Environment (JRE) c… 📄 التفاصيل ← |
NVD | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update … | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2012-4681 NVD advisory |
UTC: 2012-08-27
EDT: 2012-08-27
SA: 2012-08-27
|
| Microsoft |
CVE-2012-1891
CVSS 9.8 CVE-2012-1891 — Heap-based buffer overflow in Microsoft Data Access Components (… 📄 التفاصيل ← |
NVD | Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Da… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2012-07-10
EDT: 2012-07-10
SA: 2012-07-10
|
| General |
CVE-2012-1723
CVSS 9.8 CVE-2012-1723 — Unspecified vulnerability in the Java Runtime Environment (JRE) … 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update… | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2012-1723 NVD advisory |
UTC: 2012-06-16
EDT: 2012-06-16
SA: 2012-06-16
|
| General |
CVE-2012-0507
CVSS 9.8 CVE-2012-0507 — Unspecified vulnerability in the Java Runtime Environment (JRE) … 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update… | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2012-0507 NVD advisory |
UTC: 2012-06-07
EDT: 2012-06-07
SA: 2012-06-07
|
| Linux |
CVE-2011-3188
CVSS 9.1 CVE-2011-3188 — The (1) IPv4 and (2) IPv6 implementations in the Linux kernel be… 📄 التفاصيل ← |
NVD | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorith… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2011-3188 NVD advisory |
UTC: 2012-05-24
EDT: 2012-05-24
SA: 2012-05-24
|
| VMware |
CVE-2012-1516
CVSS 9.9 CVE-2012-1516 — The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 throu… 📄 التفاصيل ← |
NVD | The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC … | No | 🔴 Critical | VMware ESXi | DDoS | Refer to CVE-2012-1516 NVD advisory |
UTC: 2012-05-04
EDT: 2012-05-04
SA: 2012-05-04
|
| Microsoft |
CVE-2010-4562
CVE-2010-4562 — Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using… 📄 التفاصيل ← |
NVD | Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to de… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2012-02-02
EDT: 2012-02-02
SA: 2012-02-02
|
| Windows |
CVE-2011-2013
CVSS 9.8 CVE-2011-2013 — Integer overflow in the TCP/IP implementation in Microsoft Windo… 📄 التفاصيل ← |
NVD | Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP… | No | 🔴 Critical | Windows Server (2019/2022) | Exploit | Microsoft Patch Tuesday |
UTC: 2011-11-08
EDT: 2011-11-08
SA: 2011-11-08
|
| iOS |
CVE-2011-3544
CVSS 9.8 CVE-2011-3544 — Unspecified vulnerability in the Java Runtime Environment compon… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 … | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2011-3544 NVD advisory |
UTC: 2011-10-19
EDT: 2011-10-19
SA: 2011-10-19
|
| Windows |
CVE-2011-0657
CVSS 9.8 CVE-2011-0657 — DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3… 📄 التفاصيل ← |
NVD | DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows V… | No | 🔴 Critical | Windows Server (2019/2022) | AI Attack | Microsoft Patch Tuesday |
UTC: 2011-04-13
EDT: 2011-04-13
SA: 2011-04-13
|
| VMware |
CVE-2011-1681
CVE-2011-1681 — vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka ope… 📄 التفاصيل ← |
NVD | vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier… | No | 🔴 Critical | VMware | Exploit | Refer to CVE-2011-1681 NVD advisory |
UTC: 2011-04-09
EDT: 2011-04-09
SA: 2011-04-09
|
| General |
CVE-2010-0840
CVSS 9.8 CVE-2010-0840 — Unspecified vulnerability in the Java Runtime Environment compon… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B… | Yes | 🔴 Critical | Java | Exploit | Refer to CVE-2010-0840 NVD advisory |
UTC: 2010-04-01
EDT: 2010-04-01
SA: 2010-04-01
|
| Cisco |
CVE-2009-3555
CVSS 9.8 CVE-2009-3555 — The TLS protocol, and the SSL protocol 3.0 and possibly earlier,… 📄 التفاصيل ← |
NVD | The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Infor… | No | 🔴 Critical | Apache HTTP Server 2.4.x | OpenSSL 3.x/1.1.1 | Exploit | Cisco Security Advisory |
UTC: 2009-11-09
EDT: 2009-11-09
SA: 2009-11-09
|
| Microsoft |
CVE-2009-2494
CVSS 9.8 CVE-2009-2494 — The Active Template Library (ATL) in Microsoft Windows 2000 SP4,… 📄 التفاصيل ← |
NVD | The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vi… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2009-08-12
EDT: 2009-08-12
SA: 2009-08-12
|
| Microsoft |
CVE-2009-1535
CVE-2009-1535 — The WebDAV extension in Microsoft Internet Information Services … 📄 التفاصيل ← |
NVD | The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote atta… | Yes | 🔴 Critical | The WebDAV extension | Exploit | Microsoft Patch Tuesday |
UTC: 2009-06-10
EDT: 2009-06-10
SA: 2009-06-10
|
| Microsoft |
CVE-2009-1122
CVE-2009-1122 — The WebDAV extension in Microsoft Internet Information Services … 📄 التفاصيل ← |
NVD | The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does n… | Yes | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2009-06-10
EDT: 2009-06-10
SA: 2009-06-10
|
| Microsoft |
CVE-2009-0243
CVE-2009-0243 — Microsoft Windows does not properly enforce the Autorun and NoDr… 📄 التفاصيل ← |
NVD | Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, whic… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2009-01-21
EDT: 2009-01-21
SA: 2009-01-21
|
| Windows |
CVE-2008-4835
CVSS 9.8 CVE-2008-4835 — SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 … 📄 التفاصيل ← |
NVD | SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vi… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2009-01-14
EDT: 2009-01-14
SA: 2009-01-14
|
| DDoS |
CVE-2008-5426
CVE-2008-5426 — Kaspersky Internet Security Suite 2009 does not properly handle … 📄 التفاصيل ← |
NVD | Kaspersky Internet Security Suite 2009 does not properly handle (1) multipart/mixed e-mail messages … | No | 🔴 Critical | Kaspersky Internet Security | DDoS | Refer to CVE-2008-5426 NVD advisory |
UTC: 2008-12-11
EDT: 2008-12-11
SA: 2008-12-11
|
| Microsoft |
CVE-2008-3465
CVSS 9.8 CVE-2008-3465 — Heap-based buffer overflow in an API in GDI in Microsoft Windows… 📄 التفاصيل ← |
NVD | Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 20… | No | 🔴 Critical | Microsoft Windows | DDoS | Microsoft Patch Tuesday |
UTC: 2008-12-10
EDT: 2008-12-10
SA: 2008-12-10
|
| Windows |
CVE-2008-4037
CVE-2008-4037 — Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Se… 📄 التفاصيل ← |
NVD | Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold an… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2008-11-12
EDT: 2008-11-12
SA: 2008-11-12
|
| Microsoft |
CVE-2008-4250
CVSS 9.8 CVE-2008-4250 — The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3… 📄 التفاصيل ← |
NVD | The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gol… | Yes | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2008-10-23
EDT: 2008-10-23
SA: 2008-10-23
|
| Microsoft |
CVE-2008-1368
CVE-2008-1368 — CRLF injection vulnerability in Microsoft Internet Explorer 5 an… 📄 التفاصيل ← |
NVD | CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execu… | No | 🔴 Critical | CRLF injection vulnerability | Exploit | Microsoft Patch Tuesday |
UTC: 2008-03-18
EDT: 2008-03-18
SA: 2008-03-18
|
| Office |
CVE-2008-0081
CVSS 9.8 CVE-2008-0081 — Unspecified vulnerability in Microsoft Excel 2000 SP3 through 20… 📄 التفاصيل ← |
NVD | Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004… | Yes | 🔴 Critical | Unspecified vulnerability in | Exploit | Microsoft Patch Tuesday |
UTC: 2008-01-16
EDT: 2008-01-16
SA: 2008-01-16
|
| Linux |
CVE-2006-2071
CVE-2006-2071 — Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to … 📄 التفاصيل ← |
NVD | Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2006-2071 NVD advisory |
UTC: 2006-04-27
EDT: 2006-04-27
SA: 2006-04-27
|
| AMD |
CVE-2005-2872
CVE-2005-2872 — The ipt_recent kernel module (ipt_recent.c) in Linux kernel befo… 📄 التفاصيل ← |
NVD | The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit pr… | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | DDoS | Refer to CVE-2005-2872 NVD advisory |
UTC: 2005-09-09
EDT: 2005-09-09
SA: 2005-09-09
|
| Linux |
CVE-2004-0496
CVE-2004-0496 — Multiple unknown vulnerabilities in Linux kernel 2.6 allow local… 📄 التفاصيل ← |
NVD | Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access … | No | 🔴 Critical | Linux Kernel 6.x/5.15 LTS | Exploit | Refer to CVE-2004-0496 NVD advisory |
UTC: 2004-12-06
EDT: 2004-12-06
SA: 2004-12-06
|
| Microsoft |
CVE-2004-0847
CVSS 9.8 CVE-2004-0847 — The Microsoft .NET forms authentication capability for ASP.NET a… 📄 التفاصيل ← |
NVD | The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass aut… | No | 🔴 Critical | The Microsoft .NET | Exploit | Microsoft Patch Tuesday |
UTC: 2004-11-03
EDT: 2004-11-03
SA: 2004-11-03
|
| Cisco |
CVE-2002-0870
CVE-2002-0870 — The original patch for the Cisco Content Service Switch 11000 Se… 📄 التفاصيل ← |
NVD | The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerabi… | No | 🔴 Critical | Cisco | Exploit | Cisco Security Advisory |
UTC: 2002-09-05
EDT: 2002-09-05
SA: 2002-09-05
|
| General |
CVE-2001-0609
CVSS 9.8 CVE-2001-0609 — Format string vulnerability in Infodrom cfingerd 1.4.3 and earli… 📄 التفاصيل ← |
NVD | Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain … | No | 🔴 Critical | Format string vulnerability | Exploit | Refer to CVE-2001-0609 NVD advisory |
UTC: 2001-08-02
EDT: 2001-08-02
SA: 2001-08-02
|
| OT/ICS |
CVE-2001-1291
CVSS 9.8 CVE-2001-1291 — The telnet server for 3Com hardware such as PS40 SuperStack II d… 📄 التفاصيل ← |
NVD | The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote a… | No | 🔴 Critical | The telnet server | Exploit | Refer to CVE-2001-1291 NVD advisory |
UTC: 2001-07-12
EDT: 2001-07-12
SA: 2001-07-12
|
| OT/ICS |
CVE-2001-0395
CVSS 9.8 CVE-2001-0395 — Lightwave ConsoleServer 3200 does not disconnect users after uns… 📄 التفاصيل ← |
NVD | Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which coul… | No | 🔴 Critical | Lightwave ConsoleServer 3200 | Exploit | Refer to CVE-2001-0395 NVD advisory |
UTC: 2001-07-02
EDT: 2001-07-02
SA: 2001-07-02
|
| General |
CVE-2001-0248
CVSS 9.8 CVE-2001-0248 — Buffer overflow in FTP server in HPUX 11 allows remote attackers… 📄 التفاصيل ← |
NVD | Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by cr… | No | 🔴 Critical | Buffer overflow in | Exploit | Refer to CVE-2001-0248 NVD advisory |
UTC: 2001-06-18
EDT: 2001-06-18
SA: 2001-06-18
|
| General |
CVE-2001-0249
CVSS 9.8 CVE-2001-0249 — Heap overflow in FTP daemon in Solaris 8 allows remote attackers… 📄 التفاصيل ← |
NVD | Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by cr… | No | 🔴 Critical | Heap overflow in | Exploit | Refer to CVE-2001-0249 NVD advisory |
UTC: 2001-06-18
EDT: 2001-06-18
SA: 2001-06-18
|
| OT/ICS |
CVE-2001-1339
CVSS 9.8 CVE-2001-1339 — Beck IPC GmbH IPC@CHIP telnet service does not delay or disconne… 📄 التفاصيل ← |
NVD | Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad p… | No | 🔴 Critical | Beck IPC GmbH | Exploit | Refer to CVE-2001-1339 NVD advisory |
UTC: 2001-05-24
EDT: 2001-05-24
SA: 2001-05-24
|
| OT/ICS |
CVE-2000-0944
CVSS 9.8 CVE-2000-0944 — CGI Script Center News Update 1.1 does not properly validate the… 📄 التفاصيل ← |
NVD | CGI Script Center News Update 1.1 does not properly validate the original news administration passwo… | No | 🔴 Critical | CGI Script Center News Update | Exploit | Update to v1.1 |
UTC: 2000-12-19
EDT: 2000-12-19
SA: 2000-12-19
|
| Microsoft |
CVE-2000-1218
CVSS 9.8 CVE-2000-1218 — The default configuration for the domain name resolver for Micro… 📄 التفاصيل ← |
NVD | The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and X… | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2000-04-14
EDT: 2000-04-14
SA: 2000-04-14
|
| Microsoft |
CVE-1999-1324
CVSS 9.8 CVE-1999-1324 — VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindo… 📄 التفاصيل ← |
NVD | VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable … | No | 🔴 Critical | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 1999-12-31
EDT: 1999-12-31
SA: 1999-12-31
|
| Linux |
CVE-1999-0426
CVSS 9.8 CVE-1999-0426 — The default permissions of /dev/kmem in Linux versions before 2.… 📄 التفاصيل ← |
NVD | The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. | No | 🔴 Critical | The default permissions | Exploit | Update to v2.0.36 |
UTC: 1999-03-01
EDT: 1999-03-01
SA: 1999-03-01
|
| Browser |
CVE-2026-8555
Long Term Support Channel Update for ChromeOS 📄 التفاصيل ← |
Chrome Releases | A new LTS-144&nbsp; version 144.0.7559.255(Platform Version: 16503.87.0), is being rolled out fo… | No | 🟠 High | Exploit | Update to v144.0.7559 |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Vulnerability |
CVE-2026-53823
CVE-2026-53823 - OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-53823 Published : June 12, 2026, 10:16 p.m. | 5 hours, 5 minutes ago Desc… | No | 🟠 High | Exploit | Refer to CVE-2026-53823 NVD advisory |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Vulnerability |
CVE-2026-53822
CVE-2026-53822 - OpenClaw < 2026.5.18 - Command Argument Modification via She… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-53822 Published : June 12, 2026, 10:16 p.m. | 5 hours, 5 minutes ago Desc… | No | 🟠 High | Exploit | Refer to CVE-2026-53822 NVD advisory |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| VMware |
CVE-2026-53519
CVE-2026-53519 - Nezha Monitoring: Pre-auth path traversal via /dashboard.. pref… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-53519 Published : June 12, 2026, 10:16 p.m. | 5 hours, 5 minutes ago Desc… | No | 🟠 High | Exploit | Update to v2.0.13 |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Microsoft | GreatXML zero-day BitLocker bypass doesn’t seem to work, yet 📄 التفاصيل ← | CSO Online | A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the … | Yes | 🟠 High | Microsoft Windows | Zero-Day | Microsoft Patch Tuesday |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
| Vulnerability |
CVE-2026-54228
CVSS 7.8 CVE-2026-54228 — A time-of-check time-of-use (TOCTOU) race condition was found i… 📄 التفاصيل ← |
NVD | A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's … | No | 🟠 High | Exploit | Refer to CVE-2026-54228 NVD advisory |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Vulnerability |
CVE-2026-54229
CVSS 7 CVE-2026-54229 — A race condition was found in the abrt-dbus D-Bus service'… 📄 التفاصيل ← |
NVD | A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProble… | No | 🟠 High | Exploit | Refer to CVE-2026-54229 NVD advisory |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Vulnerability |
CVE-2026-54230
CVSS 7 CVE-2026-54230 — A symlink following vulnerability was found in the ABRT post-cr… 📄 التفاصيل ← |
NVD | A symlink following vulnerability was found in the ABRT post-create event handler scripts in librepo… | No | 🟠 High | Exploit | Refer to CVE-2026-54230 NVD advisory |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
|
| Web |
CVE-2026-9848
CVSS 7.5 CVE-2026-9848 — The WP Ticket plugin for WordPress is vulnerable to SQL Injectio… 📄 التفاصيل ← |
NVD | The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query par… | No | 🟠 High | WordPress | Exploit | Update to v6.0.4 |
UTC: 2026-06-13
EDT: 2026-06-13
SA: 2026-06-13
|
| Web |
CVE-2026-42647
CVE-2026-42647 - WordPress JoomSport plugin 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-42647 Published : 11 juin 2026 22:16 | 7 heures, 2 minutes ago Descriptio… | No | 🟠 High | WordPress | Exploit | Refer to CVE-2026-42647 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Web |
CVE-2026-39494
CVE-2026-39494 - WordPress Product Filter by WBW plugin 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-39494 Published : 11 juin 2026 22:16 | 7 heures, 2 minutes ago Descriptio… | No | 🟠 High | WordPress | Exploit | Refer to CVE-2026-39494 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| DDoS |
CVE-2026-11933
CVSS 8.8 CVE-2026-11933 — A use-after-free vulnerability exists in MongoDB Server's … 📄 التفاصيل ← |
NVD | A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when co… | No | 🟠 High | MongoDB | DDoS | Refer to CVE-2026-11933 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| iOS |
CVE-2026-45170
CVE-2026-45170 — Idira Privilege Cloud Connector versions prior 1.1.100504 under… 📄 التفاصيل ← |
NVD | Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuratio… | No | 🟠 High | Exploit | Update to v1.1.100504 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-47366
CVSS 7.2 CVE-2026-47366 — Improper verification of access permissions when modifying perm… 📄 التفاصيل ← |
NVD | Improper verification of access permissions when modifying permissions through the Administration Co… | No | 🟠 High | Exploit | Refer to CVE-2026-47366 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Exploit |
CVE-2026-47368
CVSS 8.6 CVE-2026-47368 — A malicious actor with access to the network could exploit a Pa… 📄 التفاصيل ← |
NVD | A malicious actor with access to the network could exploit a Path Traversal vulnerability found in c… | No | 🟠 High | Exploit | Refer to CVE-2026-47368 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Exploit |
CVE-2026-48610
CVSS 8.1 CVE-2026-48610 — Under certain network configurations, a malicious actor with ac… 📄 التفاصيل ← |
NVD | Under certain network configurations, a malicious actor with access to network could exploit an Impr… | No | 🟠 High | Exploit | Refer to CVE-2026-48610 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-48612
CVSS 8 CVE-2026-48612 — Improper state verification in the OAuth implementation could a… 📄 التفاصيل ← |
NVD | Improper state verification in the OAuth implementation could allow an attacker to manipulate the au… | No | 🟠 High | Exploit | Refer to CVE-2026-48612 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| DDoS |
CVE-2026-44892
CVSS 7.5 CVE-2026-44892 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. Prior to v… | No | 🟠 High | DDoS | Update to v4.2.15 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-12059
CVSS 8.8 CVE-2026-12059 — The SSH service of CelloOS developed by Cellopoint has an Impro… 📄 التفاصيل ← |
NVD | The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, all… | No | 🟠 High | Exploit | Refer to CVE-2026-12059 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-11845
CVSS 7.2 CVE-2026-11845 — The iVEC-IEI Virtualization Edge Computer developed by IEI Inte… 📄 التفاصيل ← |
NVD | The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injecti… | No | 🟠 High | Exploit | Refer to CVE-2026-11845 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Exploit |
CVE-2026-11846
CVSS 8.1 CVE-2026-11846 — The iVEC-IEI Virtualization Edge Computer developed by IEI Int… 📄 التفاصيل ← |
NVD | The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File D… | No | 🟠 High | Exploit | Refer to CVE-2026-11846 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| VMware |
CVE-2026-50627
CVE-2026-50627 — The JwtAccessTokenValidator class in Apache CXF fails to valida… 📄 التفاصيل ← |
NVD | The JwtAccessTokenValidator class in Apache CXF fails to validate the 'aud' (Audience) cla… | No | 🟠 High | Apache HTTP Server | Exploit | Update to v4.2.2 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| OT/ICS |
CVE-2026-50631
CVSS 7.4 CVE-2026-50631 — A race condition in AbstractOAuthDataProvider allows concurrent… 📄 التفاصيل ← |
NVD | A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh Toke… | No | 🟠 High | Data Breach | Update to v4.2.2 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Web |
CVE-2026-50632
CVSS 8.1 CVE-2026-50632 — A further incomplete fix for a previous advisory CVE-2026-44417… 📄 التفاصيل ← |
NVD | A further incomplete fix for a previous advisory CVE-2026-44417 (Untrusted JMS configuration can lea… | No | 🟠 High | Apache HTTP Server | Exploit | Update to v4.2.2 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Web |
CVE-2026-50633
CVSS 8.1 CVE-2026-50633 — A JNDI Injection vulnerability has been discovered in Apache CX… 📄 التفاصيل ← |
NVD | A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, whic… | No | 🟠 High | Apache HTTP Server | Exploit | Update to v4.2.2 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Web |
CVE-2026-50645
CVSS 7.5 CVE-2026-50645 — There is no restriction on the amount of attachment headers tha… 📄 التفاصيل ← |
NVD | There is no restriction on the amount of attachment headers that a message can contain when being de… | No | 🟠 High | Apache HTTP Server | DDoS | Update to v4.2.2 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-47195
CVE-2026-47195 — Quest Bot is an opensource Discord Bot. Prior to version 1.1.6,… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the purge and slowmode commands chec… | No | 🟠 High | Exploit | Update to v1.1.6 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-47196
CVE-2026-47196 — Quest Bot is an opensource Discord Bot. Prior to version 1.1.6,… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the automod add command trims user i… | No | 🟠 High | Exploit | Update to v1.1.6 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-47197
CVE-2026-47197 — Quest Bot is an opensource Discord Bot. Prior to version 1.1.6,… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, a moderator with the relevant Discor… | No | 🟠 High | Exploit | Update to v1.1.6 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-48485
CVE-2026-48485 — Quest Bot is an opensource Discord Bot. Prior to version 1.1.6,… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource Discord Bot. Prior to version 1.1.6, the latest release suppresses mentio… | No | 🟠 High | Exploit | Update to v1.1.6 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-49347
CVE-2026-49347 — Quest Bot is an opensource Discord Bot. Prior to version 1.1.8,… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource Discord Bot. Prior to version 1.1.8, any user who can access the ticket p… | No | 🟠 High | Exploit | Update to v1.1.8 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-11879
CVE-2026-11879 — MobaXterm Personal Edition (Portable), in its 26.3 version (Bui… 📄 التفاصيل ← |
NVD | MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execu… | No | 🟠 High | Exploit | Refer to CVE-2026-11879 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-11967
CVE-2026-11967 — MobaXterm Personal Edition (Portable), in its 26.3 version (Bui… 📄 التفاصيل ← |
NVD | MobaXterm Personal Edition (Portable), in its 26.3 version (Build 5154), allows arbitrary code execu… | No | 🟠 High | Exploit | Refer to CVE-2026-11967 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Web |
CVE-2026-12066
CVSS 7.3 CVE-2026-12066 — A security flaw has been discovered in PbootCMS up to 3.2.12. T… 📄 التفاصيل ← |
NVD | A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the functio… | No | 🟠 High | PHP | Exploit | Refer to CVE-2026-12066 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-45669
CVE-2026-45669 — Nuxt is an open-source web development framework for Vue.js. Fr… 📄 التفاصيل ← |
NVD | Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21.6 an… | No | 🟠 High | Exploit | Update to v3.4.3 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-45670
CVE-2026-45670 — Nuxt is an open-source web development framework for Vue.js. In… 📄 التفاصيل ← |
NVD | Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpa… | No | 🟠 High | Exploit | Update to v3.15.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-46342
CVE-2026-46342 — Nuxt is an open-source web development framework for Vue.js. In… 📄 التفاصيل ← |
NVD | Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.1.0 to before 3.21.6… | No | 🟠 High | Exploit | Update to v3.1.0 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Network |
CVE-2026-47200
CVE-2026-47200 — Nuxt is an open-source web development framework for Vue.js. In… 📄 التفاصيل ← |
NVD | Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.11.0 to before 3.21.… | No | 🟠 High | Exploit | Update to v3.11.0 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-49993
CVE-2026-49993 — Nuxt is an open-source web development framework for Vue.js. In… 📄 التفاصيل ← |
NVD | Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpa… | No | 🟠 High | Exploit | Update to v3.15.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Web |
CVE-2026-41581
CVE-2026-41581 — Frappe is a full-stack web application framework. Prior to vers… 📄 التفاصيل ← |
NVD | Frappe is a full-stack web application framework. Prior to versions 15.106.0 and 16.16.0, there is a… | No | 🟠 High | Exploit | Update to v15.106.0 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-44893
CVSS 7.5 CVE-2026-44893 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. In netty-c… | No | 🟠 High | Exploit | Update to v4.1.135 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| OT/ICS |
CVE-2026-44894
CVSS 7.5 CVE-2026-44894 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. NoQuicToke… | No | 🟠 High | ICS/OT | Update to v4.2.15 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-45416
CVSS 7.5 CVE-2026-45416 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. Prior to v… | No | 🟠 High | Exploit | Update to v4.1.135 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-45674
CVSS 8.7 CVE-2026-45674 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. Prior to v… | No | 🟠 High | Exploit | Update to v4.1.135 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-46340
CVSS 7.5 CVE-2026-46340 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. In version… | No | 🟠 High | Exploit | Update to v4.1.135 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-47135
CVSS 8.7 CVE-2026-47135 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, Symbol.for override in setup-… | No | 🟠 High | Node.js | Exploit | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-47139
CVSS 8.6 CVE-2026-47139 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding pub… | No | 🟠 High | Node.js | Exploit | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| OT/ICS |
CVE-2026-47141
CVE-2026-47141 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM exposes some process-w… | No | 🟠 High | Node.js | ICS/OT | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-47209
CVSS 8.6 CVE-2026-47209 — vm2 is an open source vm/sandbox for Node.js. Prior to version … 📄 التفاصيل ← |
NVD | vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the BaseHandler.set trap in b… | No | 🟠 High | Node.js | Exploit | Update to v3.11.4 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Network |
CVE-2026-53721
CVE-2026-53721 — Nuxt is an open-source web development framework for Vue.js. Fr… 📄 التفاصيل ← |
NVD | Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 a… | No | 🟠 High | Exploit | Update to v3.11. |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Web |
CVE-2026-53722
CVE-2026-53722 — Nuxt is an open-source web development framework for Vue.js. Pr… 📄 التفاصيل ← |
NVD | Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, di… | No | 🟠 High | Phishing | Update to v3.21.7 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| OT/ICS |
CVE-2026-6211
CVSS 8.7 CVE-2026-6211 — Unrestricted upload of file with dangerous type vulnerability in… 📄 التفاصيل ← |
NVD | Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc.… | No | 🟠 High | ICS/OT | Refer to CVE-2026-6211 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| OT/ICS |
CVE-2026-7368
CVSS 8.1 CVE-2026-7368 — The Yarbo cloud does not enforce per-device or per-user authoriz… 📄 التفاصيل ← |
NVD | The Yarbo cloud does not enforce per-device or per-user authorization. Any client possessing valid c… | No | 🟠 High | ICS/OT | Refer to CVE-2026-7368 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-40677
CVE-2026-40677 — The use of insecure HTTP transport within AMD optional tools co… 📄 التفاصيل ← |
NVD | The use of insecure HTTP transport within AMD optional tools could allow an attacker to conduct a ma… | No | 🟠 High | AMD | Exploit | Refer to CVE-2026-40677 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Web |
CVE-2026-44208
CVE-2026-44208 — Frappe is a full-stack web application framework. Prior to vers… 📄 التفاصيل ← |
NVD | Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, lack of va… | No | 🟠 High | Exploit | Update to v15.107.0 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-47691
CVSS 8.7 CVE-2026-47691 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. Prior to v… | No | 🟠 High | Exploit | Update to v4.1.135 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-48748
CVSS 7.5 CVE-2026-48748 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. Prior to v… | No | 🟠 High | Exploit | Update to v4.2.15 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-50010
CVSS 7.5 CVE-2026-50010 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. Prior to v… | No | 🟠 High | OpenSSL | Exploit | Update to v4.1.135 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
| Vulnerability |
CVE-2026-50011
CVSS 7.5 CVE-2026-50011 — Netty is a network application framework for development of pro… 📄 التفاصيل ← |
NVD | Netty is a network application framework for development of protocol servers and clients. Prior to v… | No | 🟠 High | Exploit | Update to v4.1.135 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Web |
CVE-2026-50026
CVE-2026-50026 — Frappe is a full-stack web application framework. Prior to vers… 📄 التفاصيل ← |
NVD | Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, a lack of … | No | 🟠 High | Exploit | Update to v15.107.0 |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-50085
CVSS 8.6 CVE-2026-50085 — The Aqara Board service (op-test.aqara.com) accepts arbitrary M… 📄 التفاصيل ← |
NVD | The Aqara Board service (op-test.aqara.com) accepts arbitrary MQTT command payloads, and forwards th… | No | 🟠 High | Exploit | Refer to CVE-2026-50085 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-50087
CVSS 8.2 CVE-2026-50087 — The Aqara IAM/SSO gateway (gw-builder.aqara.com) exhibits a cro… 📄 التفاصيل ← |
NVD | The Aqara IAM/SSO gateway (gw-builder.aqara.com) exhibits a cross-origin request sharing vulnerabili… | No | 🟠 High | Exploit | Refer to CVE-2026-50087 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Vulnerability |
CVE-2026-50088
CVSS 8.2 CVE-2026-50088 — The Aqara Developer Portal (developer.aqara.com) and shared tes… 📄 التفاصيل ← |
NVD | The Aqara Developer Portal (developer.aqara.com) and shared test environments (developer-test.aqara.… | No | 🟠 High | Exploit | Refer to CVE-2026-50088 NVD advisory |
UTC: 2026-06-12
EDT: 2026-06-12
SA: 2026-06-12
|
|
| Palo Alto |
CVE-2026-0273
CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CL… 📄 التفاصيل ← |
Palo Alto PSIRT | No | 🟠 High | Palo Alto PAN-OS | Exploit | Refer to CVE-2026-0273 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Containers |
CVE-2026-46703
CVE-2026-46703 - BoxLite: Path Traversal Vulnerability in boxlite Leads to Arbit… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-46703 Published : 10 juin 2026 23:16 | 4 heures, 1 minute ago Description… | No | 🟠 High | Exploit | Update to v0.9.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53738
CVE-2026-53738 - Copy & Delete Posts through 1.5.4 Privilege Escalation via … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-53738 Published : 10 juin 2026 22:17 | 5 heures ago Description :Copy &am… | No | 🟠 High | Exploit | Refer to CVE-2026-53738 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Web |
CVE-2026-50223
CVE-2026-50223 — GHSA: Improper Control of Generation of Code ('Code Inject… 📄 التفاصيل ← |
GHSA | Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz al… | No | 🟠 High | Exploit |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
||
| Web |
CVE-2026-47342
CVE-2026-47342 — GHSA: A privilege escalation vulnerability in Apache OFBiz allo… 📄 التفاصيل ← |
GHSA | A privilege escalation vulnerability in Apache OFBiz allows a low-privileged authenticated user to o… | No | 🟠 High | Exploit |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
||
| Vulnerability |
CVE-2026-53738
CVSS 8.1 CVE-2026-53738 — GHSA: Copy & Delete Posts through 1.5.4 lets any plugin-ena… 📄 التفاصيل ← |
GHSA | Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation … | No | 🟠 High | Exploit |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
||
| Vulnerability |
CVE-2026-10142
CVSS 7.5 CVE-2026-10142 — GHSA: kafka-python prior to 2.3.2 contains a denial-of-service … 📄 التفاصيل ← |
GHSA | kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that a… | No | 🟠 High | Exploit |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
||
| Exploit |
CVE-2026-2049
CVSS 7.8 CVE-2026-2049 — GHSA: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Co… 📄 التفاصيل ← |
GHSA | GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerabi… | No | 🟠 High | Exploit |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
||
| Web |
CVE-2026-10795
CVSS 8.1 CVE-2026-10795 — The UpdraftPlus: WP Backup & Migration Plugin plugin for Wo… 📄 التفاصيل ← |
NVD | The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authenticati… | No | 🟠 High | WordPress | Exploit | Update to v1.26.4 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Windows |
CVE-2026-40987
CVSS 7.1 CVE-2026-40987 — A malicious or compromised FTP/SFTP/SMB server can write arbitr… 📄 التفاصيل ← |
NVD | A malicious or compromised FTP/SFTP/SMB server can write arbitrary files anywhere on the client file… | No | 🟠 High | Spring Framework | Exploit | Update to v7.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-40994
CVSS 8.2 CVE-2026-40994 — Wss4jSecurityInterceptor initialized its BSP (WS-I Basic Securi… 📄 التفاصيل ← |
NVD | Wss4jSecurityInterceptor initialized its BSP (WS-I Basic Security Profile) compliance flag so that i… | No | 🟠 High | Spring Framework | Exploit | Update to v5.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-40998
CVSS 8.2 CVE-2026-40998 — Jaxp13XPathTemplate evaluated XPath expressions for StreamSourc… 📄 التفاصيل ← |
NVD | Jaxp13XPathTemplate evaluated XPath expressions for StreamSource and SAXSource inputs using a code p… | No | 🟠 High | Spring Framework | Exploit | Update to v5.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-40999
CVSS 8.6 CVE-2026-40999 — When WS-Addressing is used with non-anonymous ReplyTo or FaultT… 📄 التفاصيل ← |
NVD | When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate o… | No | 🟠 High | Spring Framework | Exploit | Update to v5.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-41699
CVSS 8.1 CVE-2026-41699 — Spring for GraphQL applications are vulnerable to Unsafe Deseri… 📄 التفاصيل ← |
NVD | Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated G… | No | 🟠 High | Spring Framework | Exploit | Update to v2.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-41700
CVSS 8.1 CVE-2026-41700 — Spring for GraphQL applications that have enabled the WebSocket… 📄 التفاصيل ← |
NVD | Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross-Si… | No | 🟠 High | Spring Framework | Exploit | Update to v2.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-41856
CVSS 7.5 CVE-2026-41856 — The Spring GraphQL annotation detection mechanism for @Controll… 📄 التفاصيل ← |
NVD | The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly re… | No | 🟠 High | Spring Framework | Exploit | Update to v2.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Web |
CVE-2023-33999
CVSS 7.1 CVE-2023-33999 — Improper neutralization of input during web page generation (&#… 📄 التفاصيل ← |
NVD | Improper neutralization of input during web page generation ('cross-site scripting') vulne… | No | 🟠 High | Exploit | Refer to CVE-2023-33999 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| AI/LLM |
CVE-2026-5497
CVSS 7.5 CVE-2026-5497 — vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory… 📄 التفاصيل ← |
NVD | vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attac… | No | 🟠 High | AI Attack | Update to v0.8.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| OT/ICS |
CVE-2026-10087
CVSS 8.7 CVE-2026-10087 — GitLab has remediated an issue in GitLab EE affecting all versi… 📄 التفاصيل ← |
NVD | GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 b… | No | 🟠 High | GitLab | ICS/OT | Update to v17.1 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Containers |
CVE-2026-53423
CVE-2026-53423 — Allocation of Resources Without Limits or Throttling vulnerabil… 📄 التفاصيل ← |
NVD | Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membrane_mp4… | No | 🟠 High | Exploit | Refer to CVE-2026-53423 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-6552
CVSS 8.7 CVE-2026-6552 — GitLab has remediated an issue in GitLab EE affecting all versio… 📄 التفاصيل ← |
NVD | GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 b… | No | 🟠 High | GitLab | Exploit | Update to v15.5 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| DDoS |
CVE-2026-7250
CVSS 7.5 CVE-2026-7250 — GitLab has remediated an issue in GitLab CE/EE affecting all ver… 📄 التفاصيل ← |
NVD | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.10.8, 18.… | No | 🟠 High | GitLab | DDoS | Update to v12.10 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-8464
CVE-2026-8464 — Golem OEE MES is vulnerable to an unauthenticated path traversal… 📄 التفاصيل ← |
NVD | Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an … | No | 🟠 High | Exploit | Update to v11.6.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-8589
CVSS 7.3 CVE-2026-8589 — GitLab has remediated an issue in GitLab EE affecting all versio… 📄 التفاصيل ← |
NVD | GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11… | No | 🟠 High | GitLab | Exploit | Update to v13.1.4 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Exploit |
CVE-2026-10847
CVSS 7.8 CVE-2026-10847 — A local privilege escalation vulnerability exists in Check Poin… 📄 التفاصيل ← |
NVD | A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS.… | No | 🟠 High | Microsoft Windows | Check Point | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Containers |
CVE-2026-11816
CVSS 8.1 CVE-2026-11816 — Keras versions prior to 3.14.0 are vulnerable to a path travers… 📄 التفاصيل ← |
NVD | Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction ut… | No | 🟠 High | Docker | Exploit | Update to v3.14.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-53661
CVE-2026-53661 — Boruta is a standalone authorization server that aims to implem… 📄 التفاصيل ← |
NVD | Boruta is a standalone authorization server that aims to implement OAuth 2.0 and Openid Connect up t… | No | 🟠 High | Exploit | Update to v0.9.1 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53777
CVSS 8.1 CVE-2026-53777 — Perry before 0.5.1159 contains a path traversal vulnerability t… 📄 التفاصيل ← |
NVD | Perry before 0.5.1159 contains a path traversal vulnerability that allows a malicious build server t… | No | 🟠 High | Exploit | Refer to CVE-2026-53777 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| AI/LLM |
CVE-2026-7787
CVSS 7.5 CVE-2026-7787 — IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticate… 📄 التفاصيل ← |
NVD | IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive i… | No | 🟠 High | Exploit | Refer to CVE-2026-7787 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-7870
CVSS 8.8 CVE-2026-7870 — IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated… 📄 التفاصيل ← |
NVD | IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified li… | No | 🟠 High | Exploit | Refer to CVE-2026-7870 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| iOS |
CVE-2026-44486
CVSS 7.5 CVE-2026-44486 — Axios is a promise based HTTP client for the browser and Node.j… 📄 التفاصيل ← |
NVD | Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios’… | No | 🟠 High | Apple iOS | Node.js | APT | Refer to CVE-2026-44486 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| iOS |
CVE-2026-44488
CVSS 7.5 CVE-2026-44488 — Axios is a promise based HTTP client for the browser and Node.j… 📄 التفاصيل ← |
NVD | Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.… | No | 🟠 High | Apple iOS | Node.js | APT | Update to v1.7.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| iOS |
CVE-2026-44492
CVSS 8.6 CVE-2026-44492 — Axios is a promise based HTTP client for the browser and Node.j… 📄 التفاصيل ← |
NVD | Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios … | No | 🟠 High | Apple iOS | Node.js | Exploit | Refer to CVE-2026-44492 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| iOS |
CVE-2026-44494
CVSS 8.7 CVE-2026-44494 — Axios is a promise based HTTP client for the browser and Node.j… 📄 التفاصيل ← |
NVD | Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.16.0, the A… | No | 🟠 High | Apple iOS | Node.js | APT | Refer to CVE-2026-44494 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| iOS |
CVE-2026-44495
CVSS 7 CVE-2026-44495 — Axios is a promise based HTTP client for the browser and Node.j… 📄 التفاصيل ← |
NVD | Axios is a promise based HTTP client for the browser and Node.js. From 0.19.0 to before 0.31.1 and 1… | No | 🟠 High | Apple iOS | Node.js | Exploit | Update to v0.31.1 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| iOS |
CVE-2026-44496
CVSS 7.5 CVE-2026-44496 — Axios is a promise based HTTP client for the browser and Node.j… 📄 التفاصيل ← |
NVD | Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on th… | No | 🟠 High | Apple iOS | Node.js | APT | Update to v0.32.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Supply Chain |
CVE-2026-44705
CVE-2026-44705 — tmp is a temporary file and directory creator for node.js. Prio… 📄 التفاصيل ← |
NVD | tmp is a temporary file and directory creator for node.js. Prior to 0.2.6, the tmp npm package conta… | No | 🟠 High | Node.js | Exploit | Refer to CVE-2026-44705 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-49982
CVSS 8.2 CVE-2026-49982 — tmp is a temporary file and directory creator for node.js. In v… 📄 التفاصيل ← |
NVD | tmp is a temporary file and directory creator for node.js. In version 0.2.6, the _assertPath guard a… | No | 🟠 High | Node.js | Exploit | Update to v0.2.6 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Web |
CVE-2026-46697
CVSS 7.5 CVE-2026-46697 — Fediverse Embeds embeds fediverse posts on WordPress sites. Pri… 📄 التفاصيل ← |
NVD | Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds… | No | 🟠 High | WordPress | Exploit | Update to v1.5 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Exploit |
CVE-2026-48546
CVSS 7.3 CVE-2026-48546 — KanaDojo before 0.1.18 contains a sandbox escape vulnerability … 📄 التفاصيل ← |
NVD | KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute ar… | No | 🟠 High | Node.js | Exploit | Refer to CVE-2026-48546 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| iOS |
CVE-2025-24284
CVSS 8.8 CVE-2025-24284 — This issue was addressed with improved checks to prevent unauth… 📄 التفاصيل ← |
NVD | This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed i… | No | 🟠 High | Apple macOS | Exploit | Refer to CVE-2025-24284 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| iOS |
CVE-2025-31272
CVSS 7.8 CVE-2025-31272 — The issue was addressed with improved checks. This issue is fix… 📄 التفاصيل ← |
NVD | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may … | No | 🟠 High | Apple macOS | Exploit | Refer to CVE-2025-31272 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| iOS |
CVE-2025-46315
CVSS 7.5 CVE-2025-46315 — A permissions issue was addressed with additional restrictions.… 📄 التفاصيل ← |
NVD | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 2… | No | 🟠 High | Apple macOS | Exploit | Refer to CVE-2025-46315 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Windows |
CVE-2026-11774
CVSS 7.6 CVE-2026-11774 — An integer overflow flaw was found in the SASL I/O layer of 389… 📄 التفاصيل ← |
NVD | An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In s… | No | 🟠 High | Red Hat Enterprise Linux | DDoS | Refer to CVE-2026-11774 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Containers |
CVE-2026-46519
CVSS 8.8 CVE-2026-46519 — mcp-server-kubernetes is a Model Context Protocol server for Ku… 📄 التفاصيل ← |
NVD | mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to… | No | 🟠 High | Kubernetes | Wiper | Update to v3.6.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-47162
CVE-2026-47162 — Vim is an open source, command line text editor. Prior to versi… 📄 التفاصيل ← |
NVD | Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injecti… | No | 🟠 High | Exploit | Update to v9.2.0495 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47163
CVE-2026-47163 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.1 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Linux |
CVE-2026-47167
CVE-2026-47167 — Vim is an open source, command line text editor. Prior to versi… 📄 التفاصيل ← |
NVD | Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnera… | No | 🟠 High | Exploit | Update to v9.2.0496 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47169
CVE-2026-47169 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.3 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47170
CVSS 7.7 CVE-2026-47170 — Garlic-Hub manages digital signage network — devices, content, … 📄 التفاصيل ← |
NVD | Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-ho… | No | 🟠 High | Exploit | Update to v1.1 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47171
CVE-2026-47171 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.3 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Containers |
CVE-2026-47172
CVE-2026-47172 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Docker | Exploit | Update to v1.0.3 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
| Vulnerability |
CVE-2026-47173
CVE-2026-47173 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.3 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47175
CVE-2026-47175 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.4 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47176
CVE-2026-47176 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.4 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47177
CVE-2026-47177 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.4 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Web |
CVE-2026-47181
CVE-2026-47181 — PenguinMod-BackendApi is the backend api for penguinmod. Prior … 📄 التفاصيل ← |
NVD | PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection v… | No | 🟠 High | Exploit | Update to v1.0.0 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47188
CVE-2026-47188 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.5 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-47189
CVE-2026-47189 — Quest Bot is an opensource modern Discord Bot built for moderat… 📄 التفاصيل ← |
NVD | Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to … | No | 🟠 High | Exploit | Update to v1.0.5 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-48547
CVSS 7.3 CVE-2026-48547 — KanaDojo contains a command injection vulnerability that allows… 📄 التفاصيل ← |
NVD | KanaDojo contains a command injection vulnerability that allows an attacker with pull request access… | No | 🟠 High | Exploit | Refer to CVE-2026-48547 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-52858
CVE-2026-52858 — Vim is an open source, command line text editor. Prior to versi… 📄 التفاصيل ← |
NVD | Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completi… | No | 🟠 High | Exploit | Update to v9.2.0561 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-52859
CVE-2026-52859 — Vim is an open source, command line text editor. Prior to versi… 📄 التفاصيل ← |
NVD | Vim is an open source, command line text editor. Prior to version 9.2.0565, the update_snapshot() fu… | No | 🟠 High | Exploit | Update to v9.2.0565 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-52860
CVE-2026-52860 — Vim is an open source, command line text editor. Prior to versi… 📄 التفاصيل ← |
NVD | Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-c… | No | 🟠 High | Exploit | Update to v9.2.0597 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Web |
CVE-2026-46489
CVSS 8.1 CVE-2026-46489 — SolidInvoice is an open-source invoicing platform. Prior to ver… 📄 التفاصيل ← |
NVD | SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, the company logo upload … | No | 🟠 High | Exploit | Update to v2.3.17 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Web |
CVE-2026-46622
CVSS 8.1 CVE-2026-46622 — SolidInvoice is an open-source invoicing platform. Prior to ver… 📄 التفاصيل ← |
NVD | SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to authe… | No | 🟠 High | Data Breach | Update to v2.3.17 |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53782
CVSS 7.4 CVE-2026-53782 — Summarize before 0.17.0 contains a server-side request forgery … 📄 التفاصيل ← |
NVD | Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers w… | No | 🟠 High | Exploit | Refer to CVE-2026-53782 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-50005
CVSS 7.7 CVE-2026-50005 — Brickcom cameras ship with default credentials that allows any … 📄 التفاصيل ← |
NVD | Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to si… | No | 🟠 High | Exploit | Refer to CVE-2026-50005 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-50245
CVSS 7.7 CVE-2026-50245 — Brickcom cameras allow unauthenticated access to live snapshot … 📄 التفاصيل ← |
NVD | Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no… | No | 🟠 High | Exploit | Refer to CVE-2026-50245 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Exploit |
CVE-2026-53806
CVSS 8.8 CVE-2026-53806 — OpenClaw before 2026.5.12 contains a shell option parsing vulne… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX s… | No | 🟠 High | Exploit | Refer to CVE-2026-53806 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53807
CVSS 8.8 CVE-2026-53807 — OpenClaw before 2026.5.6 contains an authorization bypass vulne… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive call… | No | 🟠 High | Exploit | Refer to CVE-2026-53807 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53810
CVSS 8.8 CVE-2026-53810 — OpenClaw before 2026.5.18 contains a code execution vulnerabili… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extensio… | No | 🟠 High | Exploit | Refer to CVE-2026-53810 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53811
CVSS 8.8 CVE-2026-53811 — OpenClaw before 2026.5.7 contains a privilege escalation vulner… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.7 contains a privilege escalation vulnerability in the Matrix allowFrom featu… | No | 🟠 High | Exploit | Refer to CVE-2026-53811 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53812
CVSS 7.7 CVE-2026-53812 — OpenClaw before 2026.5.18 contains a server-side request forger… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.18 contains a server-side request forgery vulnerability in browser control th… | No | 🟠 High | Exploit | Refer to CVE-2026-53812 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53813
CVSS 7.8 CVE-2026-53813 — OpenClaw before 2026.4.25 contains a path traversal vulnerabili… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading wh… | No | 🟠 High | Exploit | Refer to CVE-2026-53813 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Exploit |
CVE-2026-53814
CVSS 8.3 CVE-2026-53814 — OpenClaw before 2026.5.20 contains a privilege escalation vulne… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent r… | No | 🟠 High | Exploit | Refer to CVE-2026-53814 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53816
CVSS 7.2 CVE-2026-53816 — OpenClaw before 2026.5.18 contains an insufficient provenance v… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.18 contains an insufficient provenance validation vulnerability in node event… | No | 🟠 High | Exploit | Refer to CVE-2026-53816 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Exploit |
CVE-2026-53817
CVSS 8.8 CVE-2026-53817 — OpenClaw before 2026.5.22 contains a locality validation vulner… 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that al… | No | 🟠 High | Exploit | Refer to CVE-2026-53817 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Vulnerability |
CVE-2026-53819
CVSS 8.8 CVE-2026-53819 — OpenClaw before 2026.5.27 contains an arbitrary code execution … 📄 التفاصيل ← |
NVD | OpenClaw before 2026.5.27 contains an arbitrary code execution vulnerability in skill install flows … | No | 🟠 High | Exploit | Refer to CVE-2026-53819 NVD advisory |
UTC: 2026-06-11
EDT: 2026-06-11
SA: 2026-06-11
|
|
| Exploit |
CVE-2026-48303
CVE-2026-48303 - Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-48303 Published : June 9, 2026, 9:17 p.m. | 4 hours, 39 minutes ago Descr… | No | 🟠 High | Exploit | Update to v7.4.3 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Web |
CVE-2026-47938
CVE-2026-47938 - Adobe Campaign Classic (ACC) | Server-Side Request Forgery (SSR… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47938 Published : June 9, 2026, 9:17 p.m. | 4 hours, 39 minutes ago Descr… | No | 🟠 High | Exploit | Update to v7.4.3 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| VMware |
CVE-2026-47932
CVE-2026-47932 - ColdFusion | Improper Limitation of a Pathname to a Restricted … 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47932 Published : June 9, 2026, 9:17 p.m. | 4 hours, 39 minutes ago Descr… | No | 🟠 High | Exploit | Update to v2023.19 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| VMware |
CVE-2026-47931
CVE-2026-47931 - ColdFusion | Improper Input Validation (CWE-20) 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47931 Published : June 9, 2026, 9:17 p.m. | 4 hours, 39 minutes ago Descr… | No | 🟠 High | Exploit | Update to v2023.19 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| VMware |
CVE-2026-47929
CVE-2026-47929 - ColdFusion | Incorrect Authorization (CWE-863) 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47929 Published : June 9, 2026, 9:17 p.m. | 4 hours, 39 minutes ago Descr… | No | 🟠 High | Exploit | Update to v2023.19 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| VMware |
CVE-2026-47928
CVE-2026-47928 - ColdFusion | Improper Input Validation (CWE-20) 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-47928 Published : June 9, 2026, 9:17 p.m. | 4 hours, 39 minutes ago Descr… | No | 🟠 High | Exploit | Update to v2023.19 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| DDoS |
CVE-2026-40988
CVSS 7.5 CVE-2026-40988 — An application using spring-security-saml2-service-provider and… 📄 التفاصيل ← |
NVD | An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Lo… | No | 🟠 High | Spring Framework | DDoS | Update to v5.7.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Vulnerability |
CVE-2026-40993
CVSS 7.3 CVE-2026-40993 — An attacker with write permissions to the database table manage… 📄 التفاصيل ← |
NVD | An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataReposi… | No | 🟠 High | Spring Framework | Exploit | Update to v7.0.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Vulnerability |
CVE-2026-41003
CVSS 7.6 CVE-2026-41003 — An attacker able to influence values in RelyingPartyRegistratio… 📄 التفاصيل ← |
NVD | An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code o… | No | 🟠 High | Spring Framework | Exploit | Update to v5.7.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| DDoS |
CVE-2026-41695
CVSS 7.5 CVE-2026-41695 — Spring Data Commons applications may be vulnerable to denial of… 📄 التفاصيل ← |
NVD | Spring Data Commons applications may be vulnerable to denial of service through resource exhaustion … | No | 🟠 High | Spring Framework | DDoS | Update to v4.0.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Vulnerability |
CVE-2026-41716
CVSS 7.5 CVE-2026-41716 — Spring Data's internal property-lookup cache accepts and p… 📄 التفاصيل ← |
NVD | Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied … | No | 🟠 High | Spring Framework | Exploit | Update to v2.7.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| APT |
CVE-2026-41717
CVSS 8.1 CVE-2026-41717 — Spring Data MongoDB contains a SpEL (Spring Expression Language… 📄 التفاصيل ← |
NVD | Spring Data MongoDB contains a SpEL (Spring Expression Language) expression injection vulnerability.… | No | 🟠 High | Spring Framework | MongoDB | APT | Update to v5.0.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Vulnerability |
CVE-2026-41728
CVSS 7.5 CVE-2026-41728 — Spring Data REST's JSON Patch (application/json-patch+json… 📄 التفاصيل ← |
NVD | Spring Data REST's JSON Patch (application/json-patch+json) implementation does not apply the w… | No | 🟠 High | Spring Framework | Exploit | Update to v3.7.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Vulnerability |
CVE-2026-41729
CVSS 8.1 CVE-2026-41729 — Spring Data REST is vulnerable to SpEL expression injection thr… 📄 التفاصيل ← |
NVD | Spring Data REST is vulnerable to SpEL expression injection through map-typed properties when proces… | No | 🟠 High | Spring Framework | Exploit | Update to v3.7.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Web |
CVE-2026-41731
CVSS 8.1 CVE-2026-41731 — JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapp… 📄 التفاصيل ← |
NVD | JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper matched type headers against trust… | No | 🟠 High | Apache HTTP Server | Spring Framework | Exploit | Update to v4.0.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Web |
CVE-2026-41732
CVSS 8.1 CVE-2026-41732 — JsonPulsarHeaderMapper matched type headers against trusted pac… 📄 التفاصيل ← |
NVD | JsonPulsarHeaderMapper matched type headers against trusted packages using a prefix check, meaning t… | No | 🟠 High | Apache HTTP Server | Spring Framework | Exploit | Update to v2.0.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Vulnerability |
CVE-2026-44716
CVSS 7.5 CVE-2026-44716 — Pipecat is an open-source Python framework for building real-ti… 📄 التفاصيل ← |
NVD | Pipecat is an open-source Python framework for building real-time voice and multimodal conversationa… | No | 🟠 High | Exploit | Update to v0.0.90 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-46432
CVSS 7.8 CVE-2026-46432 — LMDeploy is a toolkit for compressing, deploying, and serving l… 📄 التفاصيل ← |
NVD | LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.1… | No | 🟠 High | Exploit | Update to v0.12.3 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Web |
CVE-2026-46491
CVSS 8.6 CVE-2026-46491 — SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS serv… 📄 التفاصيل ← |
NVD | SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp mod… | No | 🟠 High | PHP | Exploit | Update to v7.0.3 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Vulnerability |
CVE-2026-46517
CVSS 7.8 CVE-2026-46517 — LMDeploy is a toolkit for compressing, deploying, and serving l… 📄 التفاصيل ← |
NVD | LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.1… | No | 🟠 High | Exploit | Update to v0.12.3 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Web |
CVE-2026-46518
CVSS 7.7 CVE-2026-46518 — OpenEMR is a free and open source electronic health records and… 📄 التفاصيل ← |
NVD | OpenEMR is a free and open source electronic health records and medical practice management applicat… | No | 🟠 High | Exploit | Update to v8.0.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-46541
CVSS 7.5 CVE-2026-46541 — Nimiq is a Rust implementation of the Nimiq Proof-of-Stake prot… 📄 التفاصيل ← |
NVD | Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus… | No | 🟠 High | Exploit | Update to v1.4.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-46545
CVSS 7.5 CVE-2026-46545 — Nimiq is a Rust implementation of the Nimiq Proof-of-Stake prot… 📄 التفاصيل ← |
NVD | Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus… | No | 🟠 High | Exploit | Update to v1.5.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-53673
CVSS 8.1 CVE-2026-53673 — BuddyPress 14.4.0 contains an insecure direct object reference … 📄 التفاصيل ← |
NVD | BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST AP… | No | 🟠 High | Exploit | Refer to CVE-2026-53673 NVD advisory |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| DDoS |
CVE-2026-53674
CVSS 7.1 CVE-2026-53674 — BuddyPress 14.4.0 contains a regular expression injection vulne… 📄 التفاصيل ← |
NVD | BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention reso… | No | 🟠 High | DDoS | Refer to CVE-2026-53674 NVD advisory |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-45329
CVSS 7.1 CVE-2026-45329 — ESF-IDF is the Espressif Internet of Things (IOT) Development F… 📄 التفاصيل ← |
NVD | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, … | No | 🟠 High | Oracle | Exploit | Update to v5.5.4 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Vulnerability |
CVE-2026-45541
CVSS 7.5 CVE-2026-45541 — ESF-IDF is the Espressif Internet of Things (IOT) Development F… 📄 التفاصيل ← |
NVD | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5… | No | 🟠 High | Exploit | Update to v5.2.6 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-45542
CVSS 7.1 CVE-2026-45542 — ESF-IDF is the Espressif Internet of Things (IOT) Development F… 📄 التفاصيل ← |
NVD | ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5… | No | 🟠 High | Exploit | Update to v5.2.6 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Exploit |
CVE-2025-62851
CVE-2025-62851 — A path traversal vulnerability has been reported to affect Lice… 📄 التفاصيل ← |
NVD | A path traversal vulnerability has been reported to affect License Center. If a local attacker gains… | No | 🟠 High | Exploit | Update to v1.9.56 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Exploit |
CVE-2025-66273
CVE-2025-66273 — A command injection vulnerability has been reported to affect s… 📄 التفاصيل ← |
NVD | A command injection vulnerability has been reported to affect several QNAP operating system versions… | No | 🟠 High | QNAP NAS | Exploit | Update to v5.2.9 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Exploit |
CVE-2025-66279
CVE-2025-66279 — A command injection vulnerability has been reported to affect s… 📄 التفاصيل ← |
NVD | A command injection vulnerability has been reported to affect several QNAP operating system versions… | No | 🟠 High | QNAP NAS | Exploit | Update to v5.2.9 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Exploit |
CVE-2026-22893
CVE-2026-22893 — A command injection vulnerability has been reported to affect s… 📄 التفاصيل ← |
NVD | A command injection vulnerability has been reported to affect several QNAP operating system versions… | No | 🟠 High | QNAP NAS | Exploit | Update to v5.2.9 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Exploit |
CVE-2026-24717
CVE-2026-24717 — A path traversal vulnerability has been reported to affect seve… 📄 التفاصيل ← |
NVD | A path traversal vulnerability has been reported to affect several QNAP operating system versions. I… | No | 🟠 High | QNAP NAS | Exploit | Update to v5.2.9 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Exploit |
CVE-2026-24719
CVE-2026-24719 — A command injection vulnerability has been reported to affect s… 📄 التفاصيل ← |
NVD | A command injection vulnerability has been reported to affect several QNAP operating system versions… | No | 🟠 High | QNAP NAS | Exploit | Update to v5.2.9 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Exploit |
CVE-2026-24720
CVE-2026-24720 — An allocation of resources without limits or throttling vulnera… 📄 التفاصيل ← |
NVD | An allocation of resources without limits or throttling vulnerability has been reported to affect Fi… | No | 🟠 High | Exploit | Refer to CVE-2026-24720 NVD advisory |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-11837
CVSS 7.3 CVE-2026-11837 — A local privilege escalation vulnerability was found in the ans… 📄 التفاصيل ← |
NVD | A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The… | No | 🟠 High | Exploit | Refer to CVE-2026-11837 NVD advisory |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-10846
CVE-2026-10846 — NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when … 📄 التفاصيل ← |
NVD | NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolv… | No | 🟠 High | Exploit | Update to v1.9.0 |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Vulnerability |
CVE-2026-11815
CVE-2026-11815 — An attacker who intercepts and tampers with traffic between the… 📄 التفاصيل ← |
NVD | An attacker who intercepts and tampers with traffic between the client application and the API Gatew… | No | 🟠 High | Exploit | Refer to CVE-2026-11815 NVD advisory |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
|
| Web |
CVE-2026-3326
CVE-2026-3326 — The Xstore WordPress theme before 9.7.3 does not properly saniti… 📄 التفاصيل ← |
NVD | The Xstore WordPress theme before 9.7.3 does not properly sanitise and escape a parameter before usi… | No | 🟠 High | WordPress | Exploit | Refer to CVE-2026-3326 NVD advisory |
UTC: 2026-06-10
EDT: 2026-06-10
SA: 2026-06-10
|
| Cloud | Apache HTTP Server 2.4.68 Released With Fix For Use-After-Free, DoS, XSS, and Bu… 📄 التفاصيل ← | Cyber Security News | The Apache Software Foundation released Apache HTTP Server version 2.4.68 on June 8, 2026, addressin… | No | 🟠 High | Apache HTTP Server | Exploit | Update to v2.4.68 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Threat Intel | 21 0-Day Vulnerabilities in FFmpeg Enables Remote Code Execution Attacks 📄 التفاصيل ← | Cyber Security News | An autonomous security agent uncovered 21 zero-day vulnerabilities in FFmpeg, the world&#8217;s … | Yes | 🟠 High | Zero-Day | Apply vendor security patch |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
|
| Cisco | Attackers exploiting unpatched Cisco SD-WAN flaw 📄 التفاصيل ← | CSO Online | Cisco warns customers of an actively exploited high-severity vulnerability in Catalyst SD-WAN Manage… | Yes | 🟠 High | Cisco SD-WAN | Exploit | Cisco Security Advisory |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| APT |
CVE-2026-8795
CVSS 7.8 CVE-2026-8795 — A YAML injection vulnerability exists in the Windows.Collectors.… 📄 التفاصيل ← |
NVD | A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velocir… | No | 🟠 High | Microsoft Windows | APT | Update to v0.76.6 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Web |
CVE-2026-7556
CVSS 7.2 CVE-2026-7556 — The FV Flowplayer Video Player plugin for WordPress is vulnerabl… 📄 التفاصيل ← |
NVD | The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… | No | 🟠 High | WordPress | Exploit | Update to v7.5.49 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Vulnerability |
CVE-2026-40983
CVSS 7.5 CVE-2026-40983 — In Micrometer, it is possible for a user to provide specially c… 📄 التفاصيل ← |
NVD | In Micrometer, it is possible for a user to provide specially crafted gRPC requests that may cause a… | No | 🟠 High | Exploit | Update to v1.16.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
|
| Vulnerability |
CVE-2026-40984
CVSS 7.5 CVE-2026-40984 — In Micrometer, it is possible for a user to provide specially c… 📄 التفاصيل ← |
NVD | In Micrometer, it is possible for a user to provide specially crafted HTTP requests that may cause a… | No | 🟠 High | Exploit | Update to v1.16.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
|
| Vulnerability |
CVE-2026-41006
CVSS 7.5 CVE-2026-41006 — Spring HATEOAS's internal PropertyUtils.createObjectFromPr… 📄 التفاصيل ← |
NVD | Spring HATEOAS's internal PropertyUtils.createObjectFromProperties method, used by the Collecti… | No | 🟠 High | Spring Framework | Exploit | Update to v1.5.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Vulnerability |
CVE-2026-41007
CVSS 7.5 CVE-2026-41007 — Spring HATEOAS maintains an unbounded static cache of StringLin… 📄 التفاصيل ← |
NVD | Spring HATEOAS maintains an unbounded static cache of StringLinkRelation instances keyed on attacker… | No | 🟠 High | Spring Framework | Exploit | Update to v1.5.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Vulnerability |
CVE-2026-41720
CVSS 7.4 CVE-2026-41720 — Spring LDAP's DirContextAuthenticationStrategy implementat… 📄 التفاصيل ← |
NVD | Spring LDAP's DirContextAuthenticationStrategy implementations do not reject a bind request whe… | No | 🟠 High | Spring Framework | Exploit | Update to v2.4.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| DDoS |
CVE-2026-41842
CVSS 7.5 CVE-2026-41842 — Spring MVC and WebFlux applications are vulnerable to Denial of… 📄 التفاصيل ← |
NVD | Spring MVC and WebFlux applications are vulnerable to Denial of Service (DoS) attacks when resolving… | No | 🟠 High | Spring Framework | DDoS | Update to v7.0.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Web |
CVE-2026-41845
CVSS 7.1 CVE-2026-41845 — Due to incorrect escaping, the use of JavaScriptUtils.javaScrip… 📄 التفاصيل ← |
NVD | Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape() may lead to JavaScript code… | No | 🟠 High | Spring Framework | Exploit | Update to v7.0.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Exploit |
CVE-2026-41849
CVSS 7.5 CVE-2026-41849 — An integer overflow vulnerability exists in the evaluation logi… 📄 التفاصيل ← |
NVD | An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language (… | No | 🟠 High | Spring Framework | Exploit | Update to v5.3.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| DDoS |
CVE-2026-41850
CVSS 7.5 CVE-2026-41850 — Applications that evaluate user-supplied Spring Expression Lang… 📄 التفاصيل ← |
NVD | Applications that evaluate user-supplied Spring Expression Language (SpEL) expressions are vulnerabl… | No | 🟠 High | Spring Framework | DDoS | Update to v7.0.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Vulnerability |
CVE-2026-41855
CVSS 8.1 CVE-2026-41855 — In an untrusted JMS environment, org.springframework.jms.suppor… 📄 التفاصيل ← |
NVD | In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageCon… | No | 🟠 High | Spring Framework | Exploit | Update to v7.0.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Web |
CVE-2026-9185
CVSS 7.5 CVE-2026-9185 — The 6Storage Rentals plugin for WordPress is vulnerable to Autho… 📄 التفاصيل ← |
NVD | The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Control… | No | 🟠 High | WordPress | Exploit | Update to v2.22.0 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Web |
CVE-2026-9662
CVSS 8.1 CVE-2026-9662 — The Recover Exit For WooCommerce plugin for WordPress is vulnera… 📄 التفاصيل ← |
NVD | The Recover Exit For WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all v… | No | 🟠 High | WordPress | PHP | Exploit | Update to v1.0.3 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Exploit |
CVE-2026-11572
CVSS 8.8 CVE-2026-11572 — Versions of the package degit before 2.8.6, from 3.0.0 and befo… 📄 التفاصيل ← |
NVD | Versions of the package degit before 2.8.6, from 3.0.0 and before 3.3.1 are vulnerable to Command In… | No | 🟠 High | Exploit | Update to v2.8.6 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
|
| Web |
CVE-2026-34905
CVE-2026-34905 — Exposure of Sensitive Information to an Unauthorized Actor vuln… 📄 التفاصيل ← |
NVD | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This iss… | No | 🟠 High | Apache HTTP Server | Exploit | Update to v2.0.1 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Web |
CVE-2026-9185
CVSS 7.5 CVE-2026-9185 — GHSA: The 6Storage Rentals plugin for WordPress is vulnerable to… 📄 التفاصيل ← |
GHSA | The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Control… | No | 🟠 High | Exploit |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
||
| Vulnerability |
CVE-2026-11572
CVSS 8.8 CVE-2026-11572 — GHSA: Versions of the package degit before 2.8.6, from 3.0.0 an… 📄 التفاصيل ← |
GHSA | Versions of the package degit before 2.8.6, from 3.0.0 and before 3.3.1 are vulnerable to Command In… | No | 🟠 High | Exploit |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
||
| Web |
CVE-2026-9662
CVSS 8.1 CVE-2026-9662 — GHSA: The Recover Exit For WooCommerce plugin for WordPress is v… 📄 التفاصيل ← |
GHSA | The Recover Exit For WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all v… | No | 🟠 High | Exploit |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
||
| Web |
CVE-2026-41539
CVE-2026-41539 — GHSA: A cross-site scripting (XSS) vulnerability has been repor… 📄 التفاصيل ← |
GHSA | A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system… | No | 🟠 High | Exploit |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
||
| Vulnerability |
CVE-2026-5068
CVSS 7.6 CVE-2026-5068 — A remote, unauthenticated BLE peer can trigger a 2-byte out-of-b… 📄 التفاصيل ← |
NVD | A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host du… | No | 🟠 High | Exploit | Refer to CVE-2026-5068 NVD advisory |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
|
| Web |
CVE-2026-11616
CVSS 8.8 CVE-2026-11616 — The Events Calendar for GeoDirectory plugin for WordPress is vu… 📄 التفاصيل ← |
NVD | The Events Calendar for GeoDirectory plugin for WordPress is vulnerable to Privilege Escalation in v… | No | 🟠 High | WordPress | Exploit | Update to v2.3.28 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Windows |
CVE-2026-49818
CVE-2026-49818 — The Apache Airflow Samba provider's `GCSToSambaOperator` j… 📄 التفاصيل ← |
NVD | The Apache Airflow Samba provider's `GCSToSambaOperator` joined GCS object names to the SMB des… | No | 🟠 High | Apache HTTP Server | Exploit | Refer to CVE-2026-49818 NVD advisory |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Web |
CVE-2026-8365
CVSS 8.8 CVE-2026-8365 — The Blocksy theme for WordPress is vulnerable to PHP Object Inje… 📄 التفاصيل ← |
NVD | The Blocksy theme for WordPress is vulnerable to PHP Object Injection leading to Remote Code Executi… | No | 🟠 High | WordPress | PHP | Exploit | Update to v2.1.35 |
UTC: 2026-06-09
EDT: 2026-06-09
SA: 2026-06-09
|
| Cisco | Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability 📄 التفاصيل ← | Cisco Security RSS | A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an… | No | 🟠 High | Exploit | Cisco Security Advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| AI/LLM | Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens 📄 التفاصيل ← | Cyber Security News | A five-step attack chain that silently redirects Claude Code&#8217;s Model Context Protocol (MCP… | No | 🟠 High | Exploit | Apply vendor security patch |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Web |
CVE-2026-11483
CVSS 7.3 CVE-2026-11483 — A security flaw has been discovered in SourceCodester Class and… 📄 التفاصيل ← |
NVD | A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This af… | No | 🟠 High | Exploit | Refer to CVE-2026-11483 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Web |
CVE-2026-11484
CVSS 7.3 CVE-2026-11484 — A weakness has been identified in SourceCodester Class and Exam… 📄 التفاصيل ← |
NVD | A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts… | No | 🟠 High | Exploit | Refer to CVE-2026-11484 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Web |
CVE-2026-11485
CVSS 7.3 CVE-2026-11485 — A security vulnerability has been detected in SourceCodester Cl… 📄 التفاصيل ← |
NVD | A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. … | No | 🟠 High | Exploit | Refer to CVE-2026-11485 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Web |
CVE-2026-11486
CVSS 7.3 CVE-2026-11486 — A vulnerability was detected in SourceCodester Class and Exam T… 📄 التفاصيل ← |
NVD | A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by th… | No | 🟠 High | Exploit | Refer to CVE-2026-11486 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Web |
CVE-2026-11488
CVSS 7.3 CVE-2026-11488 — A vulnerability has been found in code-projects Simple Flight T… 📄 التفاصيل ← |
NVD | A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affect… | No | 🟠 High | PHP | Exploit | Refer to CVE-2026-11488 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Web |
CVE-2026-11489
CVSS 7.3 CVE-2026-11489 — A vulnerability was found in code-projects Online Music Site 1.… 📄 التفاصيل ← |
NVD | A vulnerability was found in code-projects Online Music Site 1.0. This vulnerability affects unknown… | No | 🟠 High | Exploit | Refer to CVE-2026-11489 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Web |
CVE-2026-11490
CVSS 7.3 CVE-2026-11490 — A vulnerability was determined in code-projects Online Music Si… 📄 التفاصيل ← |
NVD | A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unkno… | No | 🟠 High | Exploit | Refer to CVE-2026-11490 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| VMware |
CVE-2026-41723
CVSS 8 CVE-2026-41723 — GHSA: VMware Cloud Foundation Operations contains multiple stor… 📄 التفاصيل ← |
GHSA | VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A m… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Microsoft |
CVE-2026-3238
CVSS 7.5 CVE-2026-3238 — GHSA: A flaw was found in Samba’s WINS server component when run… 📄 التفاصيل ← |
GHSA | A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Control… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| VMware |
CVE-2026-41724
CVSS 8 CVE-2026-41724 — GHSA: VMware Cloud Foundation Operations contains multiple stor… 📄 التفاصيل ← |
GHSA | VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A m… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Vulnerability |
CVE-2026-11498
CVSS 8.8 CVE-2026-11498 — GHSA: A vulnerability was found in Tenda HG7HG9 and HG10 300001… 📄 التفاصيل ← |
GHSA | A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. Affected by this issue is the … | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| VMware |
CVE-2026-41722
CVSS 8 CVE-2026-41722 — GHSA: VMware Cloud Foundation Operations contains multiple stor… 📄 التفاصيل ← |
GHSA | VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A m… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Network |
CVE-2026-50752
CVSS 7.4 CVE-2026-50752 — GHSA: A weakness in the certificate validation logic of the dep… 📄 التفاصيل ← |
GHSA | A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an una… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Exploit |
CVE-2026-11504
CVSS 8.8 CVE-2026-11504 — GHSA: A vulnerability was detected in Tenda CX12L 16.03.53.12. … 📄 التفاصيل ← |
GHSA | A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSch… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Exploit |
CVE-2026-9506
CVE-2026-9506 — GHSA: This vulnerability exists in Bagisto due to improper valid… 📄 التفاصيل ← |
GHSA | This vulnerability exists in Bagisto due to improper validation of user-supplied input in the ImageC… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Vulnerability |
CVE-2026-49234
CVE-2026-49234 — GHSA: When sending a specifically crafted non-UTF-8 string as s… 📄 التفاصيل ← |
GHSA | When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/or… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Vulnerability |
CVE-2026-49232
CVE-2026-49232 — GHSA: Routinator exits on any error when accepting incoming HTT… 📄 التفاصيل ← |
GHSA | Routinator exits on any error when accepting incoming HTTP or RTR connections, including ones it can… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Windows |
CVE-2026-49235
CVE-2026-49235 — GHSA: When Routinator encounters a file via RRDP using a specif… 📄 التفاصيل ← |
GHSA | When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Ro… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Vulnerability |
CVE-2026-49233
CVE-2026-49233 — GHSA: Routinator does not properly check the module component o… 📄 التفاصيل ← |
GHSA | Routinator does not properly check the module component of rsync URIs, which are used to create the … | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Network |
CVE-2026-43974
CVE-2026-43974 — GHSA: Unexpected Status Code or Return Value vulnerability in n… 📄 التفاصيل ← |
GHSA | Unexpected Status Code or Return Value vulnerability in ninenines gun (gun_http module) allows a mal… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Exploit |
CVE-2026-43973
CVE-2026-43973 — GHSA: Uncontrolled Resource Consumption vulnerability in nineni… 📄 التفاصيل ← |
GHSA | Uncontrolled Resource Consumption vulnerability in ninenines gun (gun_http module) allows a maliciou… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Web |
CVE-2026-7186
CVE-2026-7186 — GHSA: Stored cross-site scripting in the URL dashboard widget in… 📄 التفاصيل ← |
GHSA | Stored cross-site scripting in the URL dashboard widget in Checkmk | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Browser |
CVE-2026-11628
CVE-2026-11628 — Use after free in Ozone in Google Chrome prior to 149.0.7827.10… 📄 التفاصيل ← |
NVD | Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potenti… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11628 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11629
CVE-2026-11629 — Use after free in Ozone in Google Chrome prior to 149.0.7827.10… 📄 التفاصيل ← |
NVD | Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potent… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11629 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11630
CVE-2026-11630 — Use after free in File Input in Google Chrome prior to 149.0.78… 📄 التفاصيل ← |
NVD | Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to p… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11630 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11631
CVE-2026-11631 — Use after free in Aura in Google Chrome on Windows prior to 149… 📄 التفاصيل ← |
NVD | Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11632
CVE-2026-11632 — Use after free in TabStrip in Google Chrome prior to 149.0.7827… 📄 التفاصيل ← |
NVD | Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who co… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11632 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11633
CVE-2026-11633 — Use after free in Bluetooth in Google Chrome on Mac prior to 14… 📄 التفاصيل ← |
NVD | Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacke… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11633 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11634
CVE-2026-11634 — Use after free in Gamepad in Google Chrome on Windows prior to … 📄 التفاصيل ← |
NVD | Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attac… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11635
CVE-2026-11635 — Use after free in Bluetooth in Google Chrome on Mac prior to 14… 📄 التفاصيل ← |
NVD | Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacke… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11635 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11636
CVE-2026-11636 — Use after free in Autofill in Google Chrome on Windows prior to… 📄 التفاصيل ← |
NVD | Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote atta… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11637
CVE-2026-11637 — Use after free in Views in Google Chrome on Mac prior to 149.0.… 📄 التفاصيل ← |
NVD | Use after free in Views in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11637 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11638
CVE-2026-11638 — Use after free in Printing in Google Chrome prior to 149.0.7827… 📄 التفاصيل ← |
NVD | Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to pot… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11638 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11639
CVE-2026-11639 — Use after free in Compositing in Google Chrome on Mac prior to … 📄 التفاصيل ← |
NVD | Use after free in Compositing in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attac… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11639 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11640
CVE-2026-11640 — Integer overflow in libyuv in Google Chrome prior to 149.0.7827… 📄 التفاصيل ← |
NVD | Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who ha… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11640 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11641
CVE-2026-11641 — Use after free in Bluetooth in Google Chrome on Windows prior t… 📄 التفاصيل ← |
NVD | Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote att… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11642
CVE-2026-11642 — Use after free in Web Apps in Google Chrome prior to 149.0.7827… 📄 التفاصيل ← |
NVD | Use after free in Web Apps in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who ha… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11642 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11643
CVE-2026-11643 — Use after free in Proxy in Google Chrome prior to 149.0.7827.10… 📄 التفاصيل ← |
NVD | Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execut… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11643 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Linux |
CVE-2026-11644
CVE-2026-11644 — Use after free in Views in Google Chrome on Linux prior to 149.… 📄 التفاصيل ← |
NVD | Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who co… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11644 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11646
CVE-2026-11646 — Use after free in ViewTransitions in Google Chrome prior to 149… 📄 التفاصيل ← |
NVD | Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11646 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Android |
CVE-2026-11647
CVE-2026-11647 — Use after free in Printing in Google Chrome on Android prior to… 📄 التفاصيل ← |
NVD | Use after free in Printing in Google Chrome on Android prior to 149.0.7827.103 allowed a remote atta… | No | 🟠 High | Android | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11647 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11648
CVE-2026-11648 — Use after free in FullScreen in Google Chrome on Windows prior … 📄 التفاصيل ← |
NVD | Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote at… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11649
CVE-2026-11649 — Use after free in V8 in Google Chrome prior to 149.0.7827.103 a… 📄 التفاصيل ← |
NVD | Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute a… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11649 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11650
CVE-2026-11650 — Use after free in V8 in Google Chrome prior to 149.0.7827.103 a… 📄 التفاصيل ← |
NVD | Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute a… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11650 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11651
CVE-2026-11651 — Use after free in Network in Google Chrome prior to 149.0.7827.… 📄 التفاصيل ← |
NVD | Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to exec… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11651 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11652
CVE-2026-11652 — Use after free in Extensions in Google Chrome prior to 149.0.78… 📄 التفاصيل ← |
NVD | Use after free in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11652 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11654
CVE-2026-11654 — Use after free in CameraCapture in Google Chrome on Mac prior t… 📄 التفاصيل ← |
NVD | Use after free in CameraCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote att… | No | 🟠 High | Google Chrome | Chromium | APT | Refer to CVE-2026-11654 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11656
CVE-2026-11656 — Use after free in ServiceWorker in Google Chrome prior to 149.0… 📄 التفاصيل ← |
NVD | Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who con… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11656 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11657
CVE-2026-11657 — Use after free in Payments in Google Chrome on Mac prior to 149… 📄 التفاصيل ← |
NVD | Use after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11657 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11661
CVE-2026-11661 — Use after free in Views in Google Chrome on Windows prior to 14… 📄 التفاصيل ← |
NVD | Use after free in Views in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacke… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| VMware |
CVE-2026-11662
CVE-2026-11662 — Type Confusion in Bindings in Google Chrome prior to 149.0.7827… 📄 التفاصيل ← |
NVD | Type Confusion in Bindings in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to exe… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11662 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11663
CVE-2026-11663 — Use after free in Skia in Google Chrome prior to 149.0.7827.103… 📄 التفاصيل ← |
NVD | Use after free in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had co… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11663 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11664
CVE-2026-11664 — Use after free in Payments in Google Chrome prior to 149.0.7827… 📄 التفاصيل ← |
NVD | Use after free in Payments in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to pot… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11664 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11670
CVE-2026-11670 — Use after free in PDF in Google Chrome prior to 149.0.7827.103 … 📄 التفاصيل ← |
NVD | Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11670 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11671
CVE-2026-11671 — Use after free in Navigation in Google Chrome prior to 149.0.78… 📄 التفاصيل ← |
NVD | Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to p… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11671 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11673
CVE-2026-11673 — Use after free in InterestGroups in Google Chrome prior to 149.… 📄 التفاصيل ← |
NVD | Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11673 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11674
CVE-2026-11674 — Use after free in Guest View in Google Chrome prior to 149.0.78… 📄 التفاصيل ← |
NVD | Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to e… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11674 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11679
CVE-2026-11679 — Use after free in Codecs in Google Chrome on Windows prior to 1… 📄 التفاصيل ← |
NVD | Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attack… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11680
CVE-2026-11680 — Use after free in Media in Google Chrome on Windows prior to 14… 📄 التفاصيل ← |
NVD | Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacke… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Linux |
CVE-2026-11681
CVE-2026-11681 — Use after free in Ozone in Google Chrome on Linux prior to 149.… 📄 التفاصيل ← |
NVD | Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11681 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11683
CVE-2026-11683 — Use after free in WebCodecs in Google Chrome prior to 149.0.782… 📄 التفاصيل ← |
NVD | Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to ex… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11683 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11684
CVE-2026-11684 — Insufficient policy enforcement in Network in Google Chrome pri… 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11684 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11687
CVE-2026-11687 — Use after free in Dawn in Google Chrome on Mac prior to 149.0.7… 📄 التفاصيل ← |
NVD | Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11687 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11689
CVE-2026-11689 — Insufficient policy enforcement in Passwords in Google Chrome p… 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remo… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11689 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11692
CVE-2026-11692 — Use after free in Read Anything in Google Chrome prior to 149.0… 📄 التفاصيل ← |
NVD | Use after free in Read Anything in Google Chrome prior to 149.0.7827.103 allowed a remote attacker w… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11692 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11694
CVE-2026-11694 — Use after free in ServiceWorker in Google Chrome prior to 149.0… 📄 التفاصيل ← |
NVD | Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker w… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11694 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11698
CVE-2026-11698 — Use after free in Bluetooth in Google Chrome on Mac prior to 14… 📄 التفاصيل ← |
NVD | Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacke… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11698 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11699
CVE-2026-11699 — Use after free in Bluetooth in Google Chrome on Mac prior to 14… 📄 التفاصيل ← |
NVD | Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacke… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11699 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Browser |
CVE-2026-11700
CVE-2026-11700 — Use after free in Tracing in Google Chrome prior to 149.0.7827.… 📄 التفاصيل ← |
NVD | Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11700 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
| Web |
CVE-2026-7556
CVSS 7.2 CVE-2026-7556 — GHSA: The FV Flowplayer Video Player plugin for WordPress is vul… 📄 التفاصيل ← |
GHSA | The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Vulnerability |
CVE-2026-44751
CVSS 7.1 CVE-2026-44751 — GHSA: Application server ABAP does not perform necessary author… 📄 التفاصيل ← |
GHSA | Application server ABAP does not perform necessary authorization checks for an authenticated user al… | No | 🟠 High | Exploit |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
||
| Vulnerability |
CVE-2026-44751
CVSS 7.1 CVE-2026-44751 — Application server ABAP does not perform necessary authorizatio… 📄 التفاصيل ← |
NVD | Application server ABAP does not perform necessary authorization checks for an authenticated user al… | No | 🟠 High | Exploit | Refer to CVE-2026-44751 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Exploit |
CVE-2026-11618
CVSS 7.3 CVE-2026-11618 — A vulnerability was determined in DTStack Taier up to 1.4.0. Th… 📄 التفاصيل ← |
NVD | A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function pr… | No | 🟠 High | Exploit | Refer to CVE-2026-11618 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| DDoS |
CVE-2026-34986
CVSS 7.5 CVE-2026-34986 — A flaw was found in Go JOSE, a library for handling JSON Web En… 📄 التفاصيل ← |
CIRCL CVE | A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote atta… | No | 🟠 High | DDoS | Refer to CVE-2026-34986 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Exploit |
CVE-2026-4660
CVSS 7.5 CVE-2026-4660 — A flaw was found in the go-getter library. A remote attacker cou… 📄 التفاصيل ← |
CIRCL CVE | A flaw was found in the go-getter library. A remote attacker could exploit this vulnerability by pro… | No | 🟠 High | Exploit | Refer to CVE-2026-4660 NVD advisory |
UTC: 2026-06-08
EDT: 2026-06-08
SA: 2026-06-08
|
|
| Supply Chain | glitchtip-gzip-decompression-poc 📄 التفاصيل ← | Vulners | GlitchTip gzip decompression PoC This PoC demonstrates that compressed input can decompress above th… | PoC Only | 🟠 High | PoC Research | Apply vendor security patch |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
|
| Exploit | Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma … 📄 التفاصيل ← | Sploitus | No | 🟠 High | Exploit for Authentication | Exploit | Apply vendor security patch |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
|
| Vulnerability |
CVE-2026-11451
CVSS 7.3 CVE-2026-11451 — A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts … 📄 التفاصيل ← |
NVD | A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cg… | No | 🟠 High | GL.iNet | GL.iNet | Exploit | Update to v4.8.1 |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Vulnerability |
CVE-2026-11452
CVSS 7.3 CVE-2026-11452 — A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5… 📄 التفاصيل ← |
NVD | A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN_0042e2… | No | 🟠 High | GL.iNet | GL.iNet | Exploit | Update to v4.8.1 |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Web |
CVE-2026-11456
CVSS 7.3 CVE-2026-11456 — A vulnerability was identified in Chanjet CRM 1.0. This affects… 📄 التفاصيل ← |
NVD | A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/j… | No | 🟠 High | PHP | Exploit | Refer to CVE-2026-11456 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Exploit |
CVE-2026-11457
CVSS 7.3 CVE-2026-11457 — A security flaw has been discovered in erzhongxmu JeeWMS up to … 📄 التفاصيل ← |
NVD | A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2… | No | 🟠 High | A security flaw | Exploit | Refer to CVE-2026-11457 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Network |
CVE-2026-49494
CVSS 7.5 CVE-2026-49494 — Comodo Internet Security's firewall driver Inspect.sys con… 📄 التفاصيل ← |
NVD | Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv… | No | 🟠 High | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Web |
CVE-2026-11471
CVSS 7.3 CVE-2026-11471 — A vulnerability was found in SourceCodester Class and Exam Time… 📄 التفاصيل ← |
NVD | A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted elem… | No | 🟠 High | Exploit | Refer to CVE-2026-11471 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
|
| Web |
CVE-2026-11472
CVSS 7.3 CVE-2026-11472 — A vulnerability was determined in SourceCodester Class and Exam… 📄 التفاصيل ← |
NVD | A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects… | No | 🟠 High | Exploit | Refer to CVE-2026-11472 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
|
| Web |
CVE-2026-11474
CVSS 7.3 CVE-2026-11474 — A security flaw has been discovered in Kushan2k student-managem… 📄 التفاصيل ← |
NVD | A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b30… | No | 🟠 High | PHP | Exploit | Refer to CVE-2026-11474 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Web |
CVE-2023-54350
CVSS 7.5 CVE-2023-54350 — WordPress Augmented-Reality plugin contains a remote code execu… 📄 التفاصيل ← |
NVD | WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder co… | No | 🟠 High | WordPress | PHP | Exploit | Refer to CVE-2023-54350 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Web |
CVE-2023-54351
CVSS 7.2 CVE-2023-54351 — WordPress Sonaar Music Plugin 4.7 contains a stored cross-site … 📄 التفاصيل ← |
NVD | WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnerability that allows u… | No | 🟠 High | WordPress | PHP | Exploit | Refer to CVE-2023-54351 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
| Web |
CVE-2026-11482
CVSS 7.3 CVE-2026-11482 — A vulnerability was identified in SourceCodester Class and Exam… 📄 التفاصيل ← |
NVD | A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted… | No | 🟠 High | Exploit | Refer to CVE-2026-11482 NVD advisory |
UTC: 2026-06-07
EDT: 2026-06-07
SA: 2026-06-07
|
|
| Microsoft | Top 5 Best Tools for Simulated DDoS Attacks in 2026 📄 التفاصيل ← | Cyber Security News | Last year, a botnet hurled 31.4 Tbps of junk traffic at a single target—enough data to stream every … | No | 🟠 High | Top 5 Best | Botnet | Apply vendor security patch |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Supply Chain | OWASP CVE Lite CLI – New Tool to Scan for Vulnerabilities in Your Projects 📄 التفاصيل ← | Cyber Security News | CVE Lite CLI is a free, open-source vulnerability scanner officially recognized as an OWASP Incubato… | No | 🟠 High | OWASP CVE Lite | Exploit | Apply vendor security patch |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Web |
CVE-2026-7537
CVSS 7.2 CVE-2026-7537 — The MDJM Event Management plugin for WordPress is vulnerable to … 📄 التفاصيل ← |
NVD | The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File Upload in all version… | No | 🟠 High | WordPress | Exploit | Update to v1.7.8 |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Vulnerability |
CVE-2026-11413
CVSS 8.8 CVE-2026-11413 — A security vulnerability has been detected in JingDong JD Cloud… 📄 التفاصيل ← |
NVD | A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted… | No | 🟠 High | A security vulnerability | Exploit | Refer to CVE-2026-11413 NVD advisory |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Web |
CVE-2026-9851
CVSS 7.2 CVE-2026-9851 — The Booking Package plugin for WordPress is vulnerable to Privil… 📄 التفاصيل ← |
NVD | The Booking Package plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover … | No | 🟠 High | WordPress | Exploit | Update to v1.7.16 |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Vulnerability |
CVE-2026-26422
CVSS 8.4 CVE-2026-26422 — clash-verge-service-ipc before 2.3.0 has a world-reachable IPC … 📄 التفاصيل ← |
NVD | clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege … | No | 🟠 High | clash-verge-service-ipc before | Exploit | Refer to CVE-2026-26422 NVD advisory |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Vulnerability |
CVE-2026-11450
CVSS 7.3 CVE-2026-11450 — A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This a… 📄 التفاصيل ← |
NVD | A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the lib… | No | 🟠 High | GL.iNet | GL.iNet | Exploit | Update to v4.7 |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Web |
CVE-2026-11435
CVSS 7.3 CVE-2026-11435 — A security vulnerability has been detected in Jinher OA 1.0. Th… 📄 التفاصيل ← |
NVD | A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the… | No | 🟠 High | A security vulnerability | Exploit | Refer to CVE-2026-11435 NVD advisory |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Vulnerability |
CVE-2026-11437
CVSS 7.3 CVE-2026-11437 — A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Af… 📄 التفاصيل ← |
NVD | A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of… | No | 🟠 High | A flaw has | Exploit | Refer to CVE-2026-11437 NVD advisory |
UTC: 2026-06-06
EDT: 2026-06-06
SA: 2026-06-06
|
| Microsoft | Microsoft 365 Service Degradation Bypassed Windows Driver Auto-Update Controls 📄 التفاصيل ← | Cyber Security News | Microsoft has resolved a Microsoft 365 service degradation issue that temporarily bypassed Windows d… | No | 🟠 High | Microsoft 365 | Microsoft Windows | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| General | Dashlane Details How Hackers Managed to Download Encrypted Password Vaults 📄 التفاصيل ← | Cyber Security News | Dashlane has disclosed that threat actors successfully brute-forced two-factor authentication (2FA) … | No | 🟠 High | Dashlane Details How | Exploit | Apply vendor security patch |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Cisco | ClawHub, Cisco, Vercel’s Malicious Skill Detector Bypassed to upload Malicious S… 📄 التفاصيل ← | Cyber Security News | AI skill scanners from ClawHub, Cisco, and Vercel’s skills. The platform can be bypassed with minima… | No | 🟠 High | Cisco | Supply Chain | Cisco Security Advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| General | US government report slams NIST for NVD backlog 📄 التفاصيل ← | CSO Online | A report from the US Commerce department’s inspector general blames the National Institute of Standa… | No | 🟠 High | US government report | Exploit | Apply vendor security patch |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web | [webapps] WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection 📄 التفاصيل ← | Exploit-DB | WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection | PoC Only | 🟠 High | WordPress | Exploit | Apply vendor security patch |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50593
CVSS 7.3 CVE-2026-50593 — Graphite before 1.3.15 has an integer underflow and resultant o… 📄 التفاصيل ← |
NVD | Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actio… | No | 🟠 High | Graphite before | Exploit | Refer to CVE-2026-50593 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50234
CVSS 7.5 CVE-2026-50234 — Lyrion Music Server 9.2.0 contains a path traversal vulnerabili… 📄 التفاصيل ← |
NVD | Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attack… | No | 🟠 High | Lyrion Music Server | Exploit | Refer to CVE-2026-50234 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-21837
CVE-2026-21837 — HCL Digital Experience is affected by an OS command injection v… 📄 التفاصيل ← |
NVD | HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Man… | No | 🟠 High | HCL Digital Experience | Exploit | Refer to CVE-2026-21837 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Supply Chain |
CVE-2026-11332
CVSS 7.8 CVE-2026-11332 — A flaw was found in ansible-core. The ansible-galaxy role insta… 📄 التفاصيل ← |
NVD | A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency speci… | No | 🟠 High | A flaw was | Exploit | Refer to CVE-2026-11332 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50265
CVSS 7 CVE-2026-50265 — A flaw was found in libinput. A local attacker with access to /… 📄 التفاصيل ← |
NVD | A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev … | No | 🟠 High | A flaw was | Exploit | Refer to CVE-2026-50265 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-8914
CVE-2026-8914 — In Teltonika Networks RUTOS devices, running versions 7.22 throu… 📄 التفاصيل ← |
NVD | In Teltonika Networks RUTOS devices, running versions 7.22 through 7.23.2 and TSWOS devices running … | No | 🟠 High | In Teltonika Networks | Exploit | Update to v7.22 |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-11345
CVE-2026-11345 — An Improper Authentication vulnerability in the /api/Cdn/GetFil… 📄 التفاصيل ← |
NVD | An Improper Authentication vulnerability in the /api/Cdn/GetFile endpoint of linqi allows unauthenti… | No | 🟠 High | An Improper Authentication | Exploit | Refer to CVE-2026-11345 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web |
CVE-2026-11346
CVE-2026-11346 — A Server-Side Request Forgery (SSRF) vulnerability in the custo… 📄 التفاصيل ← |
NVD | A Server-Side Request Forgery (SSRF) vulnerability in the custom process creation feature of linqi a… | No | 🟠 High | A Server-Side Request | Exploit | Refer to CVE-2026-11346 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50256
CVSS 7.8 CVE-2026-50256 — A stack-based buffer overflow flaw was found in the X.Org X ser… 📄 التفاصيل ← |
NVD | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between … | No | 🟠 High | A stack-based buffer | Exploit | Refer to CVE-2026-50256 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50257
CVSS 7.8 CVE-2026-50257 — A use-after-free flaw was found in the X.Org X server and Xwayl… 📄 التفاصيل ← |
NVD | A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client… | No | 🟠 High | A use-after-free flaw | Exploit | Refer to CVE-2026-50257 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50258
CVSS 7.8 CVE-2026-50258 — A stack-based buffer overflow flaw was found in the X.Org X ser… 📄 التفاصيل ← |
NVD | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has mu… | No | 🟠 High | A stack-based buffer | Exploit | Refer to CVE-2026-50258 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50259
CVSS 7.8 CVE-2026-50259 — A stack-based buffer overflow flaw was found in the X.Org X ser… 📄 التفاصيل ← |
NVD | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() … | No | 🟠 High | A stack-based buffer | Exploit | Refer to CVE-2026-50259 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50260
CVSS 7.8 CVE-2026-50260 — A use-after-free flaw was found in the X.Org X server and Xwayl… 📄 التفاصيل ← |
NVD | A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that s… | No | 🟠 High | A use-after-free flaw | Exploit | Refer to CVE-2026-50260 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50261
CVSS 7.8 CVE-2026-50261 — A use-after-free flaw was found in the X.Org X server and Xwayl… 📄 التفاصيل ← |
NVD | A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client … | No | 🟠 High | A use-after-free flaw | Exploit | Refer to CVE-2026-50261 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-50264
CVSS 7.8 CVE-2026-50264 — An out-of-bounds write flaw was found in the X.Org X server and… 📄 التفاصيل ← |
NVD | An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuff… | No | 🟠 High | An out-of-bounds write | Exploit | Refer to CVE-2026-50264 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web |
CVE-2026-50231
CVSS 7.2 CVE-2026-50231 — Lyrion Music Server 9.2.0 contains an unauthenticated stored cr… 📄 التفاصيل ← |
NVD | Lyrion Music Server 9.2.0 contains an unauthenticated stored cross-site scripting vulnerability in t… | No | 🟠 High | Lyrion Music Server | Exploit | Refer to CVE-2026-50231 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web |
CVE-2026-50232
CVSS 7.2 CVE-2026-50232 — Lyrion Music Server 9.2.0 contains a stored cross-site scriptin… 📄 التفاصيل ← |
NVD | Lyrion Music Server 9.2.0 contains a stored cross-site scripting vulnerability that allows attackers… | No | 🟠 High | Lyrion Music Server | Exploit | Refer to CVE-2026-50232 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-10879
CVE-2026-10879 — DBI versions before 1.648 for Perl have a heap overflow when pr… 📄 التفاصيل ← |
NVD | DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more tha… | No | 🟠 High | DBI | Exploit | Update to v1.648 |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web |
CVE-2026-11334
CVSS 7.3 CVE-2026-11334 — A vulnerability was detected in tittuvarghese CollegeManagement… 📄 التفاصيل ← |
NVD | A vulnerability was detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec8… | No | 🟠 High | A vulnerability was | Exploit | Refer to CVE-2026-11334 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-37737
CVE-2026-37737 — sanic-cors version 2.2.0 and prior contains an improper regular… 📄 التفاصيل ← |
NVD | sanic-cors version 2.2.0 and prior contains an improper regular expression in the try_match() functi… | No | 🟠 High | sanic-cors | Exploit | Update to v2.2.0 |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Windows |
CVE-2026-48095
CVSS 8.8 CVE-2026-48095 — 7-Zip is a file archiver with a high compression ratio. Version… 📄 التفاصيل ← |
NVD | 7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buff… | No | 🟠 High | 7-Zip is a | DDoS | Update to v26.00 |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-49493
CVSS 8.8 CVE-2026-49493 — GHSA: Markdown Preview Enhanced before 0.8.28 parses Bitfield f… 📄 التفاصيل ← |
GHSA | Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS(), which… | No | 🟠 High | GHSA: Markdown Preview | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Vulnerability |
CVE-2026-50733
CVSS 8.8 CVE-2026-50733 — GHSA: Markdown Preview Enhanced before 0.8.28 parses WaveDrom d… 📄 التفاصيل ← |
GHSA | Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown co… | No | 🟠 High | GHSA: Markdown Preview | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Vulnerability |
CVE-2026-8714
CVE-2026-8714 — GHSA: A denial-of-service vulnerability exists in the RTSP serve… 📄 التفاصيل ← |
GHSA | A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due … | No | 🟠 High | GHSA: A denial-of-service vulnerability | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Vulnerability |
CVE-2026-49492
CVSS 8.8 CVE-2026-49492 — GHSA: Markdown Preview Enhanced before 0.8.28 opens external fi… 📄 التفاصيل ← |
GHSA | Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a sh… | No | 🟠 High | Microsoft Windows | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Vulnerability |
CVE-2026-2379
CVSS 5.9 CVE-2026-2379 — GHSA: On affected platforms with hardware IPSec support running … 📄 التفاصيل ← |
GHSA | On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features ena… | No | 🟠 High | GHSA: On affected | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Microsoft | GHSA-wx3m-whqv-xv47 — GHSA: skillctl: Path traversal and symlink-follow in skill… 📄 التفاصيل ← | GHSA | ## Impact `skillctl` 0.1.0 and 0.1.1 contained four path-safety vulnerabilities that, in combinatio… | No | 🟠 High | GHSA-wx3m-whqv-xv47 — GHSA: | Wiper |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Web |
CVE-2026-24425
CVSS 8.8 CVE-2026-24425 — GHSA: Twig: Possible sandbox bypass when using a source policy 📄 التفاصيل ← |
GHSA | # Description When using the sandbox with a `SourcePolicyInterface`, Twig does not always apply the… | No | 🟠 High | GHSA: Twig: Possible | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Web |
CVE-2026-47743
CVSS 8.7 CVE-2026-47743 — GHSA: Shopper: Multiple data integrity and disclosure issues in… 📄 التفاصيل ← |
GHSA | ## Impact Three related defects on admin Livewire components allowed data tampering, sensitive data… | No | 🟠 High | GHSA: Shopper: Multiple | APT |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Web |
CVE-2026-47761
CVSS 8.7 CVE-2026-47761 — GHSA: TinyMCE Cross-Site Scripting (XSS) vulnerability using me… 📄 التفاصيل ← |
GHSA | ### Impact Stored XSS vulnerability in the media plugin. Attackers can inject malicious scripts via … | No | 🟠 High | GHSA: TinyMCE Cross-Site | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Web |
CVE-2026-47762
CVSS 8.7 CVE-2026-47762 — GHSA: TinyMCE Cross-Site Scripting (XSS) vulnerability through … 📄 التفاصيل ← |
GHSA | ### Impact Stored XSS vulnerability via forged mce:protected comments. Allows attackers to bypass sa… | No | 🟠 High | GHSA: TinyMCE Cross-Site | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Web |
CVE-2026-47759
CVSS 8.7 CVE-2026-47759 — GHSA: TinyMCE Cross-Site Scripting (XSS) vulnerability using th… 📄 التفاصيل ← |
GHSA | ### Impact Stored XSS vulnerability via unsanitized data-mce-* attributes (data-mce-href, data-mce-s… | No | 🟠 High | GHSA: TinyMCE Cross-Site | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Web |
CVE-2026-47760
CVSS 8.7 CVE-2026-47760 — GHSA: TinyMCE Cross-Site Scripting (XSS) vulnerability using sa… 📄 التفاصيل ← |
GHSA | ### Impact TinyMCE 6.8.x contains an XSS vulnerability caused by improper SVG namespace scope handli… | No | 🟠 High | GHSA: TinyMCE Cross-Site | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Vulnerability |
CVE-2026-11416
CVE-2026-11416 - MoviePilot Path Traversal via Cloud Storage Download Handlers 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-11416 Published : June 5, 2026, 9:42 p.m. | 46 minutes ago Description :M… | No | 🟠 High | MoviePilot Path Traversal | Exploit | Refer to CVE-2026-11416 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-11423
CVE-2026-11423 - Path Traversal in Altium Enterprise Server Collaboration Servic… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-11423 Published : June 5, 2026, 9:16 p.m. | 1 hour, 12 minutes ago Descri… | No | 🟠 High | Path Traversal in | Exploit | Refer to CVE-2026-11423 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-11431
CVE-2026-11431 - Path Traversal in Altium Projects Service Allows Arbitrary File… 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-11431 Published : June 5, 2026, 9:08 p.m. | 1 hour, 21 minutes ago Descri… | No | 🟠 High | Path Traversal in | Exploit | Refer to CVE-2026-11431 NVD advisory |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web |
CVE-2026-11424
CVE-2026-11424 — GHSA: A server-side request forgery (SSRF) vulnerability exists… 📄 التفاصيل ← |
GHSA | A server-side request forgery (SSRF) vulnerability exists in a GraphQL service component shared by A… | No | 🟠 High | GHSA: A server-side | Exploit |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
|
| Web |
CVE-2026-9290
CVSS 7.5 CVE-2026-9290 — The WP User Manager – User Profile Builder & Membership plug… 📄 التفاصيل ← |
NVD | The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to Lo… | No | 🟠 High | WordPress | PHP | Exploit | Update to v2.9.17 |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| iOS |
CVE-2026-8438
CVSS 7.2 CVE-2026-8438 — The All-In-One Security (AIOS) – Security and Firewall plugin fo… 📄 التفاصيل ← |
NVD | The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is vulnerable to Stored … | No | 🟠 High | Apple iOS | WordPress | Exploit | Update to v5.4.7 |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Web |
CVE-2026-8901
CVSS 7.2 CVE-2026-8901 — The Integration for Freshsales – Contact Form 7, WPForms, Elemen… 📄 التفاصيل ← |
NVD | The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin f… | No | 🟠 High | WordPress | Exploit | Update to v1.0.15 |
UTC: 2026-06-05
EDT: 2026-06-05
SA: 2026-06-05
|
| Vulnerability |
CVE-2026-42824
CVE-2026-42824 M365 Copilot Information Disclosure Vulnerability 📄 التفاصيل ← |
Microsoft MSRC | Improper neutralization of special elements used in a command ('command injection') in M36… | No | 🟠 High | Microsoft Copilot | Microsoft 365 | Exploit | Refer to CVE-2026-42824 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Supply Chain | Hugging Face Transformers RCE flaw enables stealthy compromise via AI model conf… 📄 التفاصيل ← | CSO Online | A high severity vulnerability in Hugging Face Transformers enables attackers to compromise systems t… | No | 🟠 High | Hugging Face Transformers | Supply Chain | Apply vendor security patch |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Network | Comodo Internet Security 0-Day Vulnerability Lets Attacker Crash the User’s Wind… 📄 التفاصيل ← | Cyber Security News | An unpatched zero-day vulnerability in Comodo Internet Security&#8217;s firewall driver, Inspect… | Yes | 🟠 High | Microsoft Windows | Zero-Day | Microsoft Patch Tuesday |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| General | 🏴☠️ Thegentlemen has just published a new victim : Suburban Water 📄 التفاصيل ← | Ransomware.live | ***.com ***.com/c/suburban-water-inc/350908787 Suburban Water, Inc. is a dedicated public water util… | No | 🟠 High | 🏴☠️ Thegentlemen has | Exploit | Apply vendor security patch |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Network | Acer Working to Patch Wave 7 Router 0-day Vulnerability 📄 التفاصيل ← | Cyber Security News | Acer is preparing a firmware update to address a critical zero-day vulnerability affecting its Wave … | Yes | 🟠 High | Acer Working to | Zero-Day | Apply vendor security patch |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| General | So You Have an AI Security Budget. Now what? 📄 التفاصيل ← | Snyk Blog | An AI security budget should fund more than visibility. The real priority is unified governance and … | No | 🟠 High | So You Have | AI Attack | Apply vendor security patch |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser | OTX: Browser Spy-Ons: Threat Actor's Extension Hijack Your AI Conversations 📄 التفاصيل ← | AlienVault OTX | Multiple malicious Chrome extensions are exploiting the growing use of AI platforms by disguising th… | Yes | 🟠 High | OTX: Browser Spy-Ons: | AI Attack | Block IOCs |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Web |
CVE-2026-49771
CVSS 7.6 CVE-2026-49771 — Improper Neutralization of Special Elements used in an SQL Comm… 📄 التفاصيل ← |
NVD | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulne… | No | 🟠 High | Improper Neutralization of | Exploit | Refer to CVE-2026-49771 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Kaspersky | GHSA-74m6-4hjp-7226 — GHSA: Klever-Go P2P MultiDataInterceptor leaks global thro… 📄 التفاصيل ← | GHSA | ## Publisher note **Fixed in `v1.7.17`.** Operators running `< v1.7.17` should upgrade. The deco… | No | 🟠 High | GHSA-74m6-4hjp-7226 — GHSA: | Data Breach |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
|
| Web |
CVE-2019-25745
CVSS 8.2 CVE-2019-25745 — WordPress Plugin Google Review Slider 6.1 contains a time-based… 📄 التفاصيل ← |
NVD | WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability th… | No | 🟠 High | WordPress | Exploit | Refer to CVE-2019-25745 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Vulnerability |
CVE-2026-10870
CVSS 7.2 CVE-2026-10870 — A flaw has been found in Shibby Tomato 1.28.0000. This affects … 📄 التفاصيل ← |
NVD | A flaw has been found in Shibby Tomato 1.28.0000. This affects the function start_dhcpc of the file … | No | 🟠 High | A flaw has been found in Shibby Tomato | Exploit | Refer to CVE-2026-10870 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11230
CVE-2026-11230 - Google Chrome Use-After-Free in Extensions 📄 التفاصيل ← |
MITRE CVE High | CVE ID :CVE-2026-11230 Published : June 4, 2026, 11:17 p.m. | 5 hours, 9 minutes ago Descr… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11230 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11173
CVSS 8.8 CVE-2026-11173 — Out of bounds write in V8 in Google Chrome prior to 149.0.7827.… 📄 التفاصيل ← |
NVD | Out of bounds write in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11173 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11171
CVSS 8.8 CVE-2026-11171 — Integer overflow in Blink in Google Chrome prior to 149.0.7827.… 📄 التفاصيل ← |
NVD | Integer overflow in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execu… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11171 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11164
CVSS 8.8 CVE-2026-11164 — Use after free in Blink in Google Chrome prior to 149.0.7827.53… 📄 التفاصيل ← |
NVD | Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11164 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11147
CVSS 8.8 CVE-2026-11147 — Use after free in WebML in Google Chrome on Windows prior to 14… 📄 التفاصيل ← |
NVD | Use after free in WebML in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11136
CVSS 8.8 CVE-2026-11136 — Use after free in Canvas in Google Chrome prior to 149.0.7827.5… 📄 التفاصيل ← |
NVD | Use after free in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execut… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11136 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11130
CVSS 8.8 CVE-2026-11130 — Use after free in Media in Google Chrome prior to 149.0.7827.53… 📄 التفاصيل ← |
NVD | Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11130 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11125
CVSS 8.8 CVE-2026-11125 — Use after free in Compositing in Google Chrome prior to 149.0.7… 📄 التفاصيل ← |
NVD | Use after free in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to e… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11125 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11118
CVSS 8.8 CVE-2026-11118 — Use after free in WebRTC in Google Chrome prior to 149.0.7827.5… 📄 التفاصيل ← |
NVD | Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execut… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11118 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11117
CVSS 8.8 CVE-2026-11117 — Use after free in Views in Google Chrome on Windows prior to 14… 📄 التفاصيل ← |
NVD | Use after free in Views in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker… | No | 🟠 High | Microsoft Windows | Google Chrome | Chromium | Exploit | Microsoft Patch Tuesday |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11086
CVSS 8.8 CVE-2026-11086 — Inappropriate implementation in Dawn in Google Chrome prior to … 📄 التفاصيل ← |
NVD | Inappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attack… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11086 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11077
CVSS 8.8 CVE-2026-11077 — Bad cast in Dawn in Google Chrome prior to 149.0.7827.53 allowe… 📄 التفاصيل ← |
NVD | Bad cast in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitr… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11077 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| VMware |
CVE-2026-11076
CVSS 8.8 CVE-2026-11076 — Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 a… 📄 التفاصيل ← |
NVD | Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute a… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11076 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Linux |
CVE-2026-11074
CVSS 8.8 CVE-2026-11074 — Use after free in WebRTC in Google Chrome on Linux prior to 149… 📄 التفاصيل ← |
NVD | Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11074 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11068
CVSS 8.8 CVE-2026-11068 — Use after free in WebSockets in Google Chrome prior to 149.0.78… 📄 التفاصيل ← |
NVD | Use after free in WebSockets in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to ex… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11068 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Kaspersky |
CVE-2026-10586
CVSS 7.2 CVE-2026-10586 — The Gutenberg Essential Blocks – Page Builder for Gutenberg Blo… 📄 التفاصيل ← |
NVD | The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPre… | No | 🟠 High | WordPress | Exploit | Update to v6.1.3 |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Web |
CVE-2026-10877
CVSS 7.3 CVE-2026-10877 — A security vulnerability has been detected in SourceCodester Sh… 📄 التفاصيل ← |
NVD | A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up… | No | 🟠 High | PHP | Exploit | Refer to CVE-2026-10877 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11239
CVSS 7.5 CVE-2026-11239 — Inappropriate implementation in Extensions in Google Chrome pri… 📄 التفاصيل ← |
NVD | Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11239 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11241
CVSS 8 CVE-2026-11241 — Insufficient validation of untrusted input in Cast in Google Ch… 📄 التفاصيل ← |
NVD | Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11241 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Android |
CVE-2026-11247
CVE-2026-11247 — Insufficient policy enforcement in CustomTabs in Google Chrome … 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 all… | No | 🟠 High | Android | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11247 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11249
CVE-2026-11249 — Use after free in Network in Google Chrome prior to 149.0.7827.… 📄 التفاصيل ← |
NVD | Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11249 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11251
CVE-2026-11251 — Insufficient policy enforcement in Password Manager in Google C… 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11251 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11252
CVE-2026-11252 — Insufficient policy enforcement in Content Settings in Google C… 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Content Settings in Google Chrome prior to 149.0.7827.53 allowed … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11252 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11262
CVSS 8.8 CVE-2026-11262 — Use after free in TabStrip in Google Chrome prior to 149.0.7827… 📄 التفاصيل ← |
NVD | Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to exec… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11262 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Android |
CVE-2026-11263
CVE-2026-11263 — Insufficient policy enforcement in WebAuthentication in Google … 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827… | No | 🟠 High | Android | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11263 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11267
CVE-2026-11267 — Insufficient policy enforcement in Extensions in Google Chrome … 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an att… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11267 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| iOS |
CVE-2026-11272
CVE-2026-11272 — Insufficient validation of untrusted input in Reading List in G… 📄 التفاصيل ← |
NVD | Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.78… | No | 🟠 High | Apple iOS | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11272 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| iOS |
CVE-2026-11277
CVE-2026-11277 — Insufficient policy enforcement in Chrome for iOS in Google Chr… 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 all… | No | 🟠 High | Apple iOS | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11277 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11279
CVSS 8.8 CVE-2026-11279 — Out of bounds read in DevTools in Google Chrome prior to 149.0.… 📄 التفاصيل ← |
NVD | Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11279 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Linux |
CVE-2026-11282
CVE-2026-11282 — Insufficient policy enforcement in Sandbox in Google Chrome on … 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed … | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11282 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Android |
CVE-2026-11287
CVE-2026-11287 — Insufficient policy enforcement in Navigation in Google Chrome … 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 all… | No | 🟠 High | Android | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11287 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11288
CVE-2026-11288 — Insufficient policy enforcement in CSS in Google Chrome prior t… 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote atta… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11288 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11292
CVE-2026-11292 — Insufficient policy enforcement in Blink in Google Chrome prior… 📄 التفاصيل ← |
NVD | Insufficient policy enforcement in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote at… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11292 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11293
CVE-2026-11293 — Use after free in Input in Google Chrome prior to 149.0.7827.53… 📄 التفاصيل ← |
NVD | Use after free in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potenti… | No | 🟠 High | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11293 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Android |
CVE-2026-11295
CVE-2026-11295 — Inappropriate implementation in WebView in Google Chrome on And… 📄 التفاصيل ← |
NVD | Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a… | No | 🟠 High | Android | Google Chrome | Chromium | Exploit | Refer to CVE-2026-11295 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|
| Browser |
CVE-2026-11296
CVSS 7.5 CVE-2026-11296 — Inappropriate implementation in ImageCapture in Google Chrome p… 📄 التفاصيل ← |
NVD | Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remot… | No | 🟠 High | Google Chrome | Chromium | APT | Refer to CVE-2026-11296 NVD advisory |
UTC: 2026-06-04
EDT: 2026-06-04
SA: 2026-06-04
|