Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

26239 risultati

VulnerabilitàAlta
CVE-2025-71320 - picklescan - Remote Code Execution via Incomplete Disallowed Inputs

CVE ID :CVE-2025-71320 Published : June 17, 2026, 3:04 p.m. | 2 hours, 37 minutes ago Description :picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary code execution when the pickle is deserialized. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2025-71321 - picklescan - Arbitrary File Writing via distutils Module Bypass

CVE ID :CVE-2025-71321 Published : June 17, 2026, 3:04 p.m. | 2 hours, 37 minutes ago Description :picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the dangerous blocklist by using distutils.file_util.write_file. Attackers can construct malicious pickle objects to overwrite critical system files and achieve denial of service or remote code execution. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-35066 - Dell PowerFlex Manager Improper Access Control Denial of Service

CVE ID :CVE-2026-35066 Published : June 17, 2026, 2:58 p.m. | 2 hours, 43 minutes ago Description :Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-35067 - Dell PowerFlex Manager Improper Access Control

CVE ID :CVE-2026-35067 Published : June 17, 2026, 2:53 p.m. | 2 hours, 49 minutes ago Description :Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-35162 - Dell PowerFlex Manager Improper Access Control Denial of Service

CVE ID :CVE-2026-35162 Published : June 17, 2026, 2:48 p.m. | 2 hours, 54 minutes ago Description :Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-35065 - Dell PowerFlex Manager Missing Authentication for Critical Function

CVE ID :CVE-2026-35065 Published : June 17, 2026, 2:42 p.m. | 1 hour ago Description :Dell PowerFlex Manager, version(s) [Versions], contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-10850 - Plane 1.3.1 - Stored XSS in intake issue description_html

CVE ID :CVE-2026-10850 Published : June 17, 2026, 2:39 p.m. | 1 hour, 2 minutes ago Description :Plane CE 1.3.1 allows a low-privileged project member to submit arbitrary HTML/JS in the description_html field when creating an intake work item through the API v1 intake endpoint. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-32804 - Dell PowerFlex Manager Improper Authentication

CVE ID :CVE-2026-32804 Published : June 17, 2026, 2:36 p.m. | 1 hour, 5 minutes ago Description :Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-47103 - Python StateMachine 3.0.0 < 3.2.0 RCE via SCXML eval() Injection

CVE ID :CVE-2026-47103 Published : June 17, 2026, 2:32 p.m. | 1 hour, 10 minutes ago Description :Python StateMachine versions 3.0.0 before 3.2.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary code by supplying malicious SCXML documents containing crafted `` attributes evaluated unsafely. The SCXMLProcessor passes attacker-controlled expression strings through a call chain ending in Python's built-in eval() without sandboxing, enabling arbitrary code execution in the context of the hosting process. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-49502 - Dell PowerFlex Manager Improper Authentication

CVE ID :CVE-2026-49502 Published : June 17, 2026, 2:30 p.m. | 1 hour, 12 minutes ago Description :Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-12528 - 389-ds-base: 389-ds-base: heap-buffer-overflows in __aclp__normalize_acltxt()

CVE ID :CVE-2026-12528 Published : June 17, 2026, 2:27 p.m. | 1 hour, 15 minutes ago Description :A flaw was found in 389 Directory Server in the __aclp__normalize_acltxt() function of aclparse.c. A malformed ACI (Access Control Instruction) string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after whitespace stripping, leading to a 1-byte out-of-bounds write and subsequent out-of-bounds reads. An authenticated user with write access to the aci attribute could send a crafted ACI value to silently corrupt heap memory in the directory server process. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-54812 - WordPress Motors plugin <= 1.4.109 - SQL Injection vulnerability

CVE ID :CVE-2026-54812 Published : June 17, 2026, 2:24 p.m. | 1 hour, 18 minutes ago Description :Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026

Pagina 335 di 2187

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.