Lucene search
+L

874 matches found

cve
cve
added 2 days ago6 views

CVE-2026-12659

The CVE-2026-12659 issue affects Rockwell Automation’s Flex 5000® Adapter. It is a denial-of-service vulnerability caused by improper handling of exceptional conditions when processing crafted CIP packets sent to the adapter. The impact is a loss of availability in the affected module and I/O, wi...

8.7CVSS6.1AI score0.00253EPSS
Exploits0References1
cve
cve
added 2 days ago6 views

CVE-2026-9128

CVE-2026-9128 describes a code execution issue in Studio 5000 Logix Designer due to an unquoted search path in the External Tools configuration. The executable paths in the external tools config file are not properly quoted, so spaces can cause the OS to resolve to unintended executables earlier ...

7.3CVSS6.5AI score0.00096EPSS
Exploits0References1
cve
cve
added 2 days ago5 views

CVE-2026-9127

Summary: CVE-2026-9127 affects Studio 5000 Logix Designer®. The issue: incorrect authorization on a configuration file allows any authenticated user to modify the paths of external tools configured within the application. If exploited, an attacker could point the configuration to a malicious exec...

7.3CVSS6.6AI score0.0011EPSS
Exploits0References1
cve
cve
added 2 days ago7 views

CVE-2026-9108

Studio 5000 Logix Designer is affected by a path traversal vulnerability in which ACD project files may contain unvalidated file names. During project opening, paths can escape the intended extraction directory, potentially allowing an attacker to write arbitrary files to attacker-controlled loca...

5.4CVSS6.2AI score0.00109EPSS
Exploits0References1
nvd
nvd
added 2026/06/26 11:17 p.m.14 views

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.8CVSS0.00459EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/26 10:52 p.m.38 views

CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS0.00569EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/26 10:52 p.m.7 views

CVE-2026-31928

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS5.8AI score0.00569EPSS
Exploits0References3
cve
cve
added 2026/06/26 10:52 p.m.18 views

CVE-2026-31928

The CVE-2026-31928 entry concerns DMP-5000 devices shipped with a default administrative web account and weak authentication controls that are not required to be changed during initial configuration or operation, enabling full system access if exploited. The issue is tied to hard-coded/default cr...

9.8CVSS5.8AI score0.00569EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/26 10:48 p.m.16 views

CVE-2026-33560

The CVE-2026-33560 issue affects the DMP-5000 file service, where an authenticated user can upload files of any type without validation, because there is no file-extension filtering or content inspection, allowing executable binaries/scripts to be written to the server. The vulnerability stems fr...

8.8CVSS5.9AI score0.00459EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/06/26 10:48 p.m.8 views

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS5.9AI score0.00459EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/26 10:48 p.m.58 views

CVE-2026-33560 Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS0.00459EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/06/01 12:0 a.m.28 views

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from insufficient access control granularity. This vulnerability could allow attackers to exploit trusted user-space applications to map...

7.1CVSS5.3AI score0.00097EPSS
Exploits0References2
nvd
nvd
added 2026/05/22 5:16 p.m.17 views

CVE-2026-42626

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

5.9CVSS0.0016EPSS
Exploits0References2
euvd
euvd
added 2026/05/22 12:0 a.m.10 views

EUVD-2026-31475

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

5.9CVSS5.8AI score0.0016EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/22 12:0 a.m.8 views

CVE-2026-42626

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

5.9CVSS5.8AI score0.0016EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/22 12:0 a.m.11 views

HP ENVY 5000 Series 安全漏洞

The HP ENVY 5000 Series is a series of integrated inkjet printers from the American company HP that support wireless printing and scanning. The HP ENVY 5000 Series VERBASPP1N003.2237A.00 version has a security vulnerability. This vulnerability stems from improper management of concurrent TCP...

5.9CVSS5.8AI score0.0016EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/22 12:0 a.m.8 views

CVE-2026-42626

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

5.8AI score0.0016EPSS
Exploits0References1
cve
cve
added 2026/05/22 12:0 a.m.37 views

CVE-2026-42626

HP ENVY 5000 series printers (VERBASPP1N003.2237A.00) are affected by a DoS condition caused by improper management of concurrent TCP connections to port 9100 (JetDirect/RAW printing). An unauthenticated remote attacker on the same network can establish a persistent connection and send keep-alive...

5.9CVSS5.8AI score0.0016EPSS
Exploits0References2
nessus
nessus
added 2026/04/30 12:0 a.m.8 views

HP Printer Buffer Overflow (CVE-2006-6742)

Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service device crash via a long string in the 1 LIST or 2 NLST...

7.8CVSS5.9AI score0.02909EPSS
Exploits0References2
cvelist
cvelist
added 2026/04/04 1:51 p.m.20 views

CVE-2018-25238 VSCO 1.1.1.0 Denial of Service via Search

VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application...

6.9CVSS0.00159EPSS
Exploits0References3
Rows per page
Query Builder