Lucene search
K

7965 matches found

NVD
NVD
added 2026/01/23 4:16 a.m.6 views

CVE-2026-0778

Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this...

8.8CVSS0.00606EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 3:29 a.m.24 views

CVE-2026-0778

CVE-2026-0778 concerns Enel X JuiceBox 40 Telnet service. The Telnet daemon, listening on TCP 2000, lacks authentication before allowing remote connections, enabling network-adjacent attackers to execute arbitrary code with the service account context. Documents from ZDI, Red Hat, NVD, CVE listin...

8.8CVSS6.5AI score0.00606EPSS
Exploits0References1
OSV
OSV
added 2026/01/21 1:31 p.m.2 views

OPENSUSE-SU-2026:20100-1 Security update for gimp

This update for gimp fixes the following issues: Changes in gimp: - CVE-2025-14422: Fixed PNM File Parsing Integer Overflow bsc1255293 - CVE-2025-14423: Fixed LBM File Parsing Stack-based Buffer Overflow bsc1255294 - CVE-2025-14424: Fixed XCF File Parsing Use-After-Free bsc1255295 - CVE-2025-1442...

7.8CVSS5.8AI score0.00544EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : openjpeg-1.3-8.AXS4 (AXSA:2012-758:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-758:01 advisory. OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image...

10CVSS8.4AI score0.07695EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:41 a.m.11 views

CVE-2001-1517

RunAs runas.exe in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying tha...

2.1CVSS6.9AI score0.02121EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:40 a.m.15 views

CVE-2001-1518

RunAs runas.exe in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service RunAs hang by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the...

2.1CVSS6.8AI score0.05627EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.6 views

CVE-2019-16640

An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the class UploadFile is mishandled %00 and /var/./html are not checked, which can allow an attacker to upload any file to the gateway. This affects EG-2000SE EGRGOS 11.9 B11P1...

7.5CVSS6.9AI score0.00442EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.9 views

CVE-2019-16639

An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface without access control, which can allow an attacker who only has web interface access to use TELNET commands and/or show admin passwords via the modeurl=exec= substring. This affects EG-2000SE EGRGOS 11.9...

9.8CVSS7.1AI score0.00822EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:31 a.m.7 views

CVE-2019-16641

An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently, an attacker can use login.php to login to any account, without providing its password. This affects EG-2000SE EGRGOS 11.11B1...

8.4CVSS7.4AI score0.00301EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/24 12:30 a.m.4 views

EUVD-2025-204980

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.1AI score0.00539EPSS
Exploits0References3
OSV
OSV
added 2025/12/23 10:15 p.m.4 views

UBUNTU-CVE-2025-14425

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS6.2AI score0.00539EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/23 10:15 p.m.3 views

CVE-2025-14425

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.4AI score0.00539EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/23 9:31 p.m.22 views

CVE-2025-14425 GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00539EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/26 1:19 a.m.4 views

EUVD-2025-199687

The RupsMon and USBMate services in UPSilon 2000 run with SYSTEM privileges and contain unquoted service paths. This allows a local attacker to perform path interception and escalate privileges if they have write permissions to the directories proceeding that of which the real service executables...

7.1CVSS6.3AI score0.00103EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/26 1:19 a.m.3 views

CVE-2025-66269 Unquoted Service Path in UPSilon2000V6.0(RupsMon and USBMate) running as SYSTEM

The RupsMon and USBMate services in UPSilon 2000 run with SYSTEM privileges and contain unquoted service paths. This allows a local attacker to perform path interception and escalate privileges if they have write permissions to the directories proceeding that of which the real service executables...

7.1CVSS6.5AI score0.00103EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/26 1:19 a.m.9 views

CVE-2025-66269 Unquoted Service Path in UPSilon2000V6.0(RupsMon and USBMate) running as SYSTEM

The RupsMon and USBMate services in UPSilon 2000 run with SYSTEM privileges and contain unquoted service paths. This allows a local attacker to perform path interception and escalate privileges if they have write permissions to the directories proceeding that of which the real service executables...

7.1CVSS0.00103EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/26 1:16 a.m.10 views

CVE-2025-66266 Insecure SYSTEM Service Permissions in UPSilon2000V6.0 (RupsMon.exe) leading to trivial Local Privilege Escalation

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

9.3CVSS0.0012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/22 12:0 a.m.10 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : FFmpeg vulnerabilities (USN-7830-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7830-1 advisory. It was discovered that FFmpeg incorrectly handled the return values of functions in its Firequalizer filter and in th...

8.8CVSS6.4AI score0.00544EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2025/10/21 5:30 p.m.5 views

CVE-2025-9574

Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...

10CVSS6.9AI score0.00754EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/20 6:30 p.m.5 views

EUVD-2025-35083

Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...

9.9CVSS6.4AI score0.00754EPSS
Exploits0References2
Rows per page
Query Builder