Lucene search
K

161620 matches found

NVD
NVD
added 2026/05/04 1:16 a.m.13 views

CVE-2026-7714

A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...

6.9CVSS0.00456EPSS
Exploits0References7
NVD
NVD
added 2026/05/04 1:16 a.m.11 views

CVE-2026-42365

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

8.6CVSS0.00329EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/04 1:1 a.m.91 views

Exploit for Integer Overflow or Wraparound in Microsoft

CVE-2025-47987: Windows CredSSP Elevation of Privilege 📌...

7.8CVSS5.8AI score0.01677EPSS
Exploits3
EUVD
EUVD
added 2026/05/04 12:47 a.m.5 views

EUVD-2026-26860

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS6.2AI score0.00514EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/04 12:42 a.m.8 views

EUVD-2026-26856

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

8.6CVSS5.8AI score0.00329EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/04 12:42 a.m.8 views

CVE-2026-42365 GeoVision LPC2011/LPC2211 Web Interface guessable session cookie vulnerability

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

8.6CVSS5.8AI score0.00329EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/04 12:42 a.m.37 views

CVE-2026-42365 GeoVision LPC2011/LPC2211 Web Interface guessable session cookie vulnerability

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

8.6CVSS0.00329EPSS
Exploits0References2
CVE
CVE
added 2026/05/04 12:42 a.m.17 views

CVE-2026-42365

GeoVision GeoVision LPC2011/LPC2211 Web Interface (version 1.10) exposes a session cookie vulnerability that allows authentication bypass through a crafted sequence of HTTP requests and brute-forcing session cookies. The CVE notes a network‑based, low‑complexity exposure with no user interaction ...

8.6CVSS5.8AI score0.00329EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/04 12:42 a.m.6 views

CVE-2026-42365

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

8.6CVSS5.8AI score0.00329EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/04 12:39 a.m.4 views

CVE-2026-7161 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS5.8AI score0.00214EPSS
Exploits0References2
CVE
CVE
added 2026/05/04 12:39 a.m.22 views

CVE-2026-7161

GeoVision GV-IP Device Utility 9.0.5 is affected by an insufficient encryption vulnerability in Device Authentication. The protocol encrypts username/password for privileged commands using a derivation of Blowfish, but the symmetric key is included in the same UDP broadcast packet, making credent...

9.3CVSS5.8AI score0.00214EPSS
Exploits0References3Affected Software1
GithubExploit
GithubExploit
added 2026/05/04 12:37 a.m.98 views

Exploit for CVE-2026-42167

CVE-2026-42167: SQL Injection en ProFTPD modsql 📋 Resumen...

8.1CVSS5.9AI score0.05004EPSS
Exploits6
NVD
NVD
added 2026/05/04 12:16 a.m.8 views

CVE-2026-7710

A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Performing a manipulation of the argument mock-token results in improper authentication. Remote...

7.5CVSS0.00405EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/04 12:15 a.m.4 views

CVE-2026-7714 crocodilestick Calibre-Web-Automated Admin Endpoint cwa_functions.py missing authentication

A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...

6.9CVSS6.2AI score0.00456EPSS
Exploits0References7
CVE
CVE
added 2026/05/04 12:15 a.m.18 views

CVE-2026-7714

CVE-2026-7714 affects crocodilestick Calibre-Web-Automated (up to version 4.0.6). The vulnerability lies in the Admin Endpoint’s cps/cwa_functions.py, where authentication is missing, enabling a remote attacker to potentially exploit it. Exploit details have been published, and the project was in...

6.9CVSS6.2AI score0.00456EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/04 12:15 a.m.8 views

EUVD-2026-26865

A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...

6.9CVSS6.2AI score0.00456EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/04 12:15 a.m.4 views

CVE-2026-7714

A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...

6.9CVSS6.2AI score0.00456EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/05/04 12:15 a.m.36 views

CVE-2026-7714 crocodilestick Calibre-Web-Automated Admin Endpoint cwa_functions.py missing authentication

A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...

6.9CVSS0.00456EPSS
Exploits0References7
CVE
CVE
added 2026/05/04 12:0 a.m.22 views

CVE-2026-7713

CVE-2026-7713 affects crocodilestick Calibre-Web-Automated up to 4.0.6. The vulnerable component is the Kobo auth-token Route, specifically the generate_auth_token function in cps/kobo_auth.py, where improper authorization may be exploited remotely. An exploit has been published and publicized. A...

6.5CVSS6.2AI score0.00272EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/04 12:0 a.m.9 views

EUVD-2026-26854

A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...

6.5CVSS6.2AI score0.00272EPSS
Exploits0References9
Rows per page
Query Builder