ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2026-28795 - OpenChatBI: Critical Path Traversal Vulnerability in save_report Tool of OpenChatBI
CVE ID : CVE-2026-28795 Published : March 6, 2026, 7:16 a.m. | 28 minutes ago Description : OpenChatBI is an intelligent chat-based BI tool powered by large language models, designed to help users query, analyze, and
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evid
CVE-2026-22552 - ePower epower.ie Missing Authentication for Critical Function
CVE ID : CVE-2026-22552 Published : March 6, 2026, 12:16 a.m. | 1 hour, 28 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impers
CVE-2026-21536 - Microsoft Devices Pricing Program Remote Code Execution Vulnerability
CVE ID : CVE-2026-21536 Published : March 5, 2026, 11:16 p.m. | 28 minutes ago Description : Microsoft Devices Pricing Program Remote Code Execution Vulnerability Severity: 9.8 | CRITICAL Visit the link for more det
WordPress membership plugin bug exploited to create admin accounts
Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than 60,000 WordPress sites. [...]
CVE-2026-30784 - RustDesk hbbs/hbbr Servers Broker Connections Without Any Authorization Check
CVE ID : CVE-2026-30784 Published : March 5, 2026, 4:16 p.m. | 1 hour, 28 minutes ago Description : Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server
Cisco Secure Firewall Management Vulnerability Enables Remote Code Execution
Cisco has issued an urgent security advisory for a critical vulnerability affecting its Secure Firewall Management Center (FMC) software. This flaw, rated with the maximum possible CVSS score of 10.0, allows remote, unau
CVE-2026-21628 - Extension - astroidframe.work - Unauthenticated Remote Code Execution in Astroid Framework 2.0.0 - 3.3.10 for Joomla
CVE ID : CVE-2026-21628 Published : March 5, 2026, 10:15 a.m. | 1 hour, 28 minutes ago Description : A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leadi
Cisco Secure Firewall Management Vulnerability Allow Attackers to Bypass Authentication
Cisco has released a critical security advisory warning of a severe vulnerability in its Secure Firewall Management Center (FMC) Software. This flaw allows an unauthenticated, remote attacker to bypass authentication and
Cisco Catalyst SD-WAN Vulnerabilities Allow Attackers to Gain Root Access
An urgent security advisory from Cisco warns that multiple vulnerabilities in Cisco Catalyst SD-WAN Manager could allow attackers to bypass authentication, gain root access, and overwrite critical files. Two of these vul
CVE-2026-28536 - Cisco Device Authentication Bypass Vulnerability
CVE ID : CVE-2026-28536 Published : March 5, 2026, 7:16 a.m. | 28 minutes ago Description : Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerabilit
CVE-2025-70223 - D-Link DIR-513 Buffer Overflow Vulnerability
CVE ID : CVE-2025-70223 Published : March 4, 2026, 7:16 p.m. | 27 minutes ago Description : Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork. Severity: 9.
CVE-2025-70220 - D-Link DIR-513 Stack Buffer Overflow Vulnerability
CVE ID : CVE-2025-70220 Published : March 4, 2026, 6:16 p.m. | 1 hour, 27 minutes ago Description : Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wiza
IPVanish VPN for macOS Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code
A critical privilege escalation vulnerability has been discovered in the IPVanish VPN application for macOS. This flaw allows any unprivileged local user to execute arbitrary code as root without requiring user interacti
Critical XSS Vulnerability in Angular i18n Enables Malicious Code Execution
A high-severity Cross-Site Scripting (XSS) vulnerability, designated as CVE-2026-27970, has been discovered in Angular’s internationalization (i18n) pipeline. The vulnerability allows attackers to execute malicious JavaS
CVE-2026-27446 - Apache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federation
CVE ID : CVE-2026-27446 Published : March 4, 2026, 9:15 a.m. | 27 minutes ago Description : Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthent
CVE-2026-27441 - PDF Password CMDi
CVE ID : CVE-2026-27441 Published : March 4, 2026, 9:15 a.m. | 27 minutes ago Description : SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS comma
CISA Warns of VMware Aria Operations Vulnerability Exploited in Attacks
A critical vulnerability affecting VMware Aria Operations has been added to the Known Exploited Vulnerabilities (KEV) catalog. Broadcom recently issued a security advisory detailing a flaw that allows unauthenticated att
CVE-2026-1775 - Missing Authentication for Critical Function in Labkotec LID-3300IP
CVE ID : CVE-2026-1775 Published : March 3, 2026, 10:16 p.m. | 1 hour, 27 minutes ago Description : The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated at
Zerobot Malware Exploiting Tenda Command Injection Vulnerabilities to Deploy Malware
A Mirai-based botnet campaign known as Zerobot has resurfaced with renewed force, this time targeting critical flaws in Tenda AC1206 routers and the n8n workflow automation platform. The campaign, now operating on its ni