ARTIKEL SUCHE

Threat Feed Query

Durchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.

2842 Ergebnisse fuer critical Seite 30 von 143

CVE-2026-34875 - Mbed TLS FFDH Key Export Buffer Overflow

CVE ID :CVE-2026-34875 Published : April 1, 2026, 6:16 p.m. | 2 hours, 20 minutes ago Description :An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public ke

cvefeed.io • 2026-04-01 Sicherheitslücke

CVE-2026-30643 - DedeCMS Remote Code Execution Vulnerability

CVE ID :CVE-2026-30643 Published : April 1, 2026, 5:28 p.m. | 3 hours, 8 minutes ago Description :An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a modu

cvefeed.io • 2026-04-01 Sicherheitslücke

CVE-2026-30292 - Docudepot PDF Reader File Overwrite Vulnerability

CVE ID :CVE-2026-30292 Published : April 1, 2026, 3:22 p.m. | 5 hours, 13 minutes ago Description :An arbitrary file overwrite vulnerability in Docudepot PDF Reader: PDF Viewer APP v1.0.34 allows attackers to overw

cvefeed.io • 2026-04-01 Sicherheitslücke

CVE-2026-30291 - Ora Tools PDF Reader File Overwrite Vulnerability

CVE ID :CVE-2026-30291 Published : April 1, 2026, 3:22 p.m. | 5 hours, 13 minutes ago Description :An arbitrary file overwrite vulnerability in Ora Tools PDF Reader ' Reader & Editor APPv4.3.5 allows attackers to o

cvefeed.io • 2026-04-01 Sicherheitslücke

CVE-2026-30289 - Tinybeans Private Family Album App File Overwrite Vulnerability

CVE ID :CVE-2026-30289 Published : April 1, 2026, 2:16 p.m. | 4 hours, 20 minutes ago Description :An arbitrary file overwrite vulnerability in Tinybeans Private Family Album App v5.9.5-prod allows attackers to ove

cvefeed.io • 2026-04-01 Sicherheitslücke

CVE-2026-1579 - PX4 Autopilot Missing authentication for critical function

CVE ID :CVE-2026-1579 Published : March 31, 2026, 8:20 p.m. | 16 minutes ago Description :The MAVLink communication protocol does not require cryptographic authentication by default. When MAVLink 2.0 message signi

cvefeed.io • 2026-03-31 Sicherheitslücke

CVE-2026-3356 - Missing Authentication for Critical Function vulnerability in Anritsu Remote Spectrum Monitor

CVE ID :CVE-2026-3356 Published : March 31, 2026, 7:16 p.m. | 1 hour, 20 minutes ago Description :The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to acc

cvefeed.io • 2026-03-31 Sicherheitslücke

CVE-2026-30282 - UXGROUP LLC Cast to TV Screen Mirroring Arbitrary File Overwrite Vulnerability

CVE ID :CVE-2026-30282 Published : March 31, 2026, 6:16 p.m. | 19 minutes ago Description :An arbitrary file overwrite vulnerability in UXGROUP LLC Cast to TV Screen Mirroring v2.2.77 allows attackers to overwrite

cvefeed.io • 2026-03-31 Sicherheitslücke

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

The SQL injection vulnerability allows unauthenticated attackers to execute arbitrary code remotely, via crafted HTTP requests. The post Exploitation of Critical Fortinet FortiClient EMS Flaw Begins appeared first on Sec

securityweek.com • 2026-03-31 Sicherheitslücke

CISA Warns of Citrix NetScaler Vulnerability Actively Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability affecting Citrix NetScaler products. Identified as CVE-2026-3055, this security flaw has been of

cybersecuritynews.com • 2026-03-31 Sicherheitslücke

Critical Citrix NetScaler memory flaw actively exploited in attacks

Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix  NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data. [...]

bleepingcomputer.com • 2026-03-30 Sicherheitslücke

It’s a mystery … alleged unpatched Telegram zero-day allows device takeover, but Telegram denies

A critical Telegram flaw could allow zero-click remote code execution on devices, but Telegram denies it. Researcher Michael DePlante (@izobashi) of TrendAI Zero Day disclosed a new Telegram vulnerability through Zero Da

securityaffairs.com • 2026-03-30 Update

Stored XSS Bug in Jira Work Management Could Lead to Full Organization Takeover

A popular collaboration tool within the Atlassian ecosystem is widely used by organizations to track projects, manage approvals, and manage daily tasks. Recently, security researchers at Snapsec uncovered a critical Stor

cybersecuritynews.com • 2026-03-30 Sicherheitslücke

Critical Grafana Vulnerabilities Let Attackers Achieve Remote Code Execution

Urgent security updates for Grafana version 12.4.2 address two critical vulnerabilities that could allow attackers to achieve full remote code execution (RCE) and execute denial-of-service (DoS) attacks. System administr

cybersecuritynews.com • 2026-03-30 Update

Critical n8n Vulnerability Let Attackers Achieve Remote Code Execution

A critical security flaw in n8n, a widely used open-source workflow automation platform, exposes host servers to Remote Code Execution (RCE) attacks. Tracked as CVE-2026-33660, this critical vulnerability allows authenti

cybersecuritynews.com • 2026-03-30 Sicherheitslücke

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on unpatched devices. [...]

bleepingcomputer.com • 2026-03-30 Update

Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical Fortinet FortiClient EMS vulnerability, tracked as CVE-2026-21643 (CVSS s

securityaffairs.com • 2026-03-30 Sicherheitslücke

Critical Fortinet Forticlient EMS Vulnerability Exploited in Attacks

A critical SQL injection vulnerability in Fortinet’s FortiClient Endpoint Management Server (EMS), tracked as CVE-2026-21643, is actively being exploited in the wild. Threat actors have been leveraging this flaw in attac

cybersecuritynews.com • 2026-03-30 Sicherheitslücke

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

The critical-severity flaw leaks application memory and can be exploited to obtain authenticated administrative session IDs. The post Exploitation of Fresh Citrix NetScaler Vulnerability Begins appeared first on Security

securityweek.com • 2026-03-30 Databreach

Critical Fortinet Forticlient EMS flaw now exploited in attacks

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused. [...]

bleepingcomputer.com • 2026-03-30 Sicherheitslücke