Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

27648 risultati

News
'ShinyHunters misbruikte sinds 27 mei zerodaylek in Oracle PeopleSoft'

'ShinyHunters misbruikte sinds 27 mei zerodaylek in Oracle PeopleSoft' De criminele groepering ShinyHunters heeft sinds 27 mei misbruik gemaakt van een kritieke kwetsbaarheid in Oracle PeopleSoft waar op het moment van de aanvallen nog geen patch voor beschikbaar was, zo ... Read more Published Date: Jun 12, 2026 (4 days, 3 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-35273

CVEfeed Newsroom12 giu 2026
VulnerabilitàAlta
CVE-2026-12058 - PcSuite Connection Confirmation Bypass

CVE ID :CVE-2026-12058 Published : 2026年6月12日 09:16 | 4 小时,6 分钟 ago Description :The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-11535 - PcSuite Bluetooth Information Leakage Vulnerability

CVE ID :CVE-2026-11535 Published : June 12, 2026, 9:16 a.m. | 2 hours, 6 minutes ago Description :The authentication mechanism of a certain function in the PcSuite has a defect, which may result in information leakage within the range of a Bluetooth connection. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-12059 (CVSS 8.8)

The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope.

NVD (NIST)12 giu 2026
VulnerabilitàAlta
CVE-2026-12059 - Cellopoint|CelloOS - Improper Access Control

CVE ID :CVE-2026-12059 Published : June 12, 2026, 7:16 a.m. | 4 hours, 6 minutes ago Description :The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-12060 - Hepta Platforms|Heptabase - Exposed Dangerous

CVE ID :CVE-2026-12060 Published : June 12, 2026, 7:16 a.m. | 4 hours, 6 minutes ago Description :Heptabase developed by Hepta Platforms has a Exposed Dangerous Method or Function vulnerability, allowing unauthenticated remote attackers to leverage social engineering techniques to trick a victim into opening or loading a malicious webpage within the Heptabase application, thereby gaining unauthorized access to camera and microphone permissions. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-9271 - KeepInMind - Dashboard Notes < 0.8.4.2 - Contributor+ Stored XSS

CVE ID :CVE-2026-9271 Published : June 12, 2026, 7:16 a.m. | 4 hours, 6 minutes ago Description :Vulnerability Title Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-9269 - Secure Copy Content Protection and Content Locking < 5.1.5 - Admin+ Stored XSS via ays_sccp_sub_icon_image Parameter

CVE ID :CVE-2026-9269 Published : June 12, 2026, 7:16 a.m. | 4 hours, 6 minutes ago Description :The Secure Copy Content Protection and Content Locking WordPress plugin before 5.1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-44892 - Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size

CVE ID :CVE-2026-44892 Published : June 12, 2026, 5:16 a.m. | 4 hours, 6 minutes ago Description :Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the default configuration of the `Http3ConnectionHandler` in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify `HTTP3_SETTINGS_MAX_FIELD_SECTION_SIZE`, the implementation defaults to an unbounded limit. This insecure default configuration allows a malicious client or server to send an enormous number of headers, leading to a memory exhaustion Denial of Service via an `OutOfMemoryError`. Version 4.2.15.Final contains a patch. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-45169 - Idira Privileged Access Manager (PAM) Self-Hosted Vault: Denial of Service due to Unexpected Input Processing

CVE ID :CVE-2026-45169 Published : June 12, 2026, 5:16 a.m. | 4 hours, 6 minutes ago Description :Idira Privileged Access Manager (PAM) Self-Hosted Vault versions prior to 15.0.3, 14.6.5, 14.2.7, and 14.0.8 exhibit a validation vulnerability. Under specific circumstances and configuration scenarios, processing unexpected input could potentially lead to an unexpected service termination, resulting in a localized denial of service (DoS). CyberArk Security Bulletin: CA26-17 Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-48613 - phpBB SQL Injection via Profile Field Migration

CVE ID :CVE-2026-48613 Published : June 12, 2026, 4:17 a.m. | 5 hours, 5 minutes ago Description :SQL injection vulnerability in phpBB profile field migration due to improper handling of user-supplied profile field data during migration, allowing execution of arbitrary SQL queries. Only applies to phpBB forums that had been updated from versions prior to phpBB 3.3.8 and have not been updated to 3.3.11 or newer yet. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026
VulnerabilitàAlta
CVE-2026-48612 - Okta OAuth Account Linking Vulnerability

CVE ID :CVE-2026-48612 Published : June 12, 2026, 4:17 a.m. | 5 hours, 5 minutes ago Description :Improper state verification in the OAuth implementation could allow an attacker to manipulate the authentication flow and cause a victim’s account to be linked to an attacker-controlled account. This can result in unauthorized account linking and potential account takeover. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE12 giu 2026

Pagina 514 di 2304

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.