Lucene search
K

261 matches found

Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.21 views

PT-2026-36836

Name of the Vulnerable Software and Affected Versions D-Link DIR-600L Hardware Revision A1 Description A hardcoded telnet backdoor exists in the device. At boot, the device starts a telnet daemon via the /bin/telnetd.sh script using the username "Alphanetworks" and a static password "wrgn35 dlwbr...

9.8CVSS5.8AI score0.00472EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/04/03 6:0 p.m.3 views

CVE-2026-23467

A flaw was found in the Linux kernel's drm/i915/dmc driver. Under specific, unlikely conditions during system startup, an uninitialized component can be accessed, leading to a null pointer dereference. This can be triggered if the Display Controller 6 DC6 hardware state is unintentionally enabled...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/28 12:27 a.m.6 views

SUSE CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.4 views

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

6.1CVSS6.2AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 4:16 p.m.6 views

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

6.1CVSS0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/25 2:21 p.m.4 views

CVE-2026-23369

A flaw was found in the Linux kernel's i2c i801 driver. Under rare circumstances, multiple udev threads can concurrently access the i801acpiiohandler during system boot. This can lead to a null pointer dereference when the i2clockbus attempts to use an unregistered memory area. A local attacker...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-27792

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches Cisco Catalyst ESS9300 Embedded Series Switches Cisco Catalyst IE9310 and IE9320 Rugged Series Switches Cisco IE3500 and IE3505 Rugged Series Switches Description A flaw exists in t...

6.1CVSS6.2AI score0.00162EPSS
Exploits0References4
CVE
CVE
added 2026/03/18 5:14 a.m.19 views

CVE-2026-32606

CVE-2026-32606 affects IncusOS (immutable OS image) where, prior to 202603142010, systemd-cryptenroll TPM-based LUKS key release can occur if PCR7/PCR11 conditions are met, allowing physical attackers to substitute the root partition, boot with a recovery key, and retrieve the LUKS master key via...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:14 a.m.4 views

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/03/16 4:26 p.m.5 views

GHSA-WJ2J-QWCF-CFCC IncusOS has a LUKS encryption bypass due to insufficient TPM policy

The default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the system's owner or any tampering of Secure Boot state or kernel UKI boot image. That's...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.6 views

Cisco Secure Firewall Management Center Software Authentication Bypass (cisco-sa-onprem-fmc-authbypass-5JPp45V2)

A vulnerability in the web interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due ...

10CVSS7.8AI score0.33898EPSS
Exploits2References3
NVD
NVD
added 2026/03/04 6:16 p.m.13 views

CVE-2026-20079

A vulnerability in the web interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due ...

10CVSS0.33898EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-22009)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22009 advisory. - In the Linux kernel, the following vulnerability has been resolved: regulator: dummy: force synchronous...

5.5CVSS5.4AI score0.00171EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : shim-15-8.el7 (AXSA:2020-250:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-250:01 advisory. grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process CVE-2020-10713 grub2: grubmalloc does not validate allocation...

8.2CVSS8.3AI score0.01588EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004257)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004257 advisory. An issue was discovered in the Linux kernel before 5.6. svmcpuuninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this...

5.5CVSS6.7AI score0.00392EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/01/07 8:2 p.m.23 views

CVE-2025-64305 Columbia Weather Systems MicroServer Cleartext Storage in a File or on Disk

MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal...

7.1CVSS0.00144EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/30 3:30 p.m.7 views

EUVD-2023-60385

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.5AI score
Exploits0References8
Cvelist
Cvelist
added 2025/12/30 12:15 p.m.38 views

CVE-2023-54256

...

Exploits0
CVE
CVE
added 2025/12/30 12:15 p.m.15 views

CVE-2022-50870

CVE-2022-50870: In the Linux kernel (powerpc RTAS), rtas_os_term() could hang during panic due to risky device-tree traversal when devtree_lock is held. The fix caches relevant RTAS/DT characteristics at boot and changes the ibm,extended-os-term lookup to a boolean property via of_property_read_b...

5.8AI score0.00177EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.5 views

PT-2025-54085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: don't reset device side if dwc3 was configured as host-only Commit c4a5153e87fd "usb: dwc3: core: Power-off core/PHYs on system suspend in host mode" replaces check for HOST only dr mode with current dr role. But durin...

6.4AI score
Exploits0References8
Rows per page
Query Builder