Lucene search
K

77 matches found

NVD
NVD
added 2 days ago3 views

CVE-2026-49800

Integer overflow or wraparound in Windows Web Proxy Auto-Discovery Protocol WPAD allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago20 views

CVE-2026-49800 Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability

...

7.8CVSS0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2 days ago2 views

CVE-2026-49800 Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-58455

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A heap-based buffer overflow exists in the Windows Web Proxy Auto-Discovery Protocol WPAD. This flaw allows an authorized attacker with local access to elevate their privileges on the system....

7.8CVSS6.2AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.8 views

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A security vulnerability exists in OpenClaw that stems from automatically discovering and loading plugins from .OpenClaw/extensions/ without explicit trust validation, which can be exploited by an attacker to cause arbitrar...

8.8CVSS6.1AI score0.00331EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/13 8:55 p.m.12 views

OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories

Summary OpenClaw automatically discovered and loaded plugins from .openclaw/extensions/ inside the current workspace without an explicit trust or install step. A malicious repository could include a crafted workspace plugin that executed as soon as a user ran OpenClaw from that cloned directory...

8.8CVSS6.3AI score0.00331EPSS
Exploits0References5Affected Software1
GithubExploit
GithubExploit
added 2025/11/26 12:34 a.m.290 views

Exploit for CVE-2024-32019

CVE-2024-32019 Proof of Concept Python A Python implementat...

8.8CVSS7.4AI score0.01165EPSS
Exploits15
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.8 views

CVE-2013-10072

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...

7.2CVSS6.8AI score0.00688EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/31 12:30 a.m.10 views

EUVD-2013-7287

Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...

8.7CVSS7.5AI score0.03511EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/31 12:30 a.m.9 views

EUVD-2013-7288

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...

7.2CVSS6.3AI score0.00688EPSS
Exploits0References3
NVD
NVD
added 2025/10/30 10:15 p.m.8 views

CVE-2013-10072

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...

7.2CVSS0.00688EPSS
Exploits0References2
NVD
NVD
added 2025/10/30 10:15 p.m.5 views

CVE-2013-10073

Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...

8.8CVSS0.03511EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/30 9:32 p.m.3 views

CVE-2013-10073 Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection

Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...

8.7CVSS7.6AI score0.03511EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/30 9:32 p.m.14 views

CVE-2013-10073 Nagios XI < 2012R1.6 Auto-Discovery Shell Command Injection

Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto-Discovery tool. User-controlled input is passed to a shell without adequate sanitation or argument quoting, allowing an authenticated user with access to discovery functionality to execute arbitrary...

8.7CVSS0.03511EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:32 p.m.15 views

CVE-2013-10073

CVE-2013-10073 affects Nagios XI versions prior to 2012R1.6. The Auto-Discovery tool accepts user-controlled input that is passed to a shell without adequate sanitation or argument quoting, enabling an authenticated user with discovery access to execute arbitrary commands with the privileges of t...

8.8CVSS7.6AI score0.03511EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/10/30 9:32 p.m.20 views

CVE-2013-10072 Nagios XI < 2012R1.6 Auto-Discovery Missing Authorization

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...

7.2CVSS0.00688EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/30 9:32 p.m.5 views

CVE-2013-10072 Nagios XI < 2012R1.6 Auto-Discovery Missing Authorization

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...

7.2CVSS6.4AI score0.00688EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:32 p.m.12 views

CVE-2013-10072

Summary: CVE-2013-10072 affects Nagios XI versions before 2012R1.6, with an authorization flaw in the Auto-Discovery feature. The issue allows users with read-only roles to directly access Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and ...

7.2CVSS6.4AI score0.00688EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.5 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2012R1.6, which stems from the Auto-Discove...

8.8CVSS6.9AI score0.03511EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.7 views

PT-2025-44534

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R1.6 Description Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could access Auto-Discovery endpoints and pages that require...

7.2CVSS6.5AI score0.00688EPSS
Exploits0References4
Rows per page
Query Builder