Lucene search
K

349 matches found

Nuclei
Nuclei
added yesterday6 views

CHAOS 5.0.1 'sendCommandHandler' - Cross-Site Scripting

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component. id: CVE-2024-31839 info: name: CHAOS 5.0.1 'sendCommandHandler' - Cross-Site Scripting author: riteshs4hu severity:...

4.8CVSS7.1AI score0.08104EPSS
Exploits6References2
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.9 views

GHSA-JPCC-P29G-P8MQ vulnerabilities

Vulnerabilities for packages: chartmuseum, datadog-agent-fips, newrelic-infrastructure-agent, zot, cluster-api-helm-controller, neuvector-scanner, kube-arangodb, gatekeeper, chaos-mesh-fips, google-osconfig-agent, kaniko, trivy-operator, rancher-agent, neuvector-scanner-fips, trivy-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.5 views

CVE-2026-47262 vulnerabilities

Vulnerabilities for packages: chartmuseum, datadog-agent-fips, newrelic-infrastructure-agent, zot, cluster-api-helm-controller, neuvector-scanner, kube-arangodb, gatekeeper, chaos-mesh-fips, google-osconfig-agent, kaniko, trivy-operator, rancher-agent, neuvector-scanner-fips, trivy-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.7 views

GHSA-XHF5-7WJV-PQXP vulnerabilities

Vulnerabilities for packages: chartmuseum, datadog-agent-fips, newrelic-infrastructure-agent, zot, cluster-api-helm-controller, neuvector-scanner, kube-arangodb, gatekeeper, chaos-mesh-fips, google-osconfig-agent, kaniko, trivy-operator, rancher-agent, neuvector-scanner-fips, trivy-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.6 views

CVE-2026-53488 vulnerabilities

Vulnerabilities for packages: chartmuseum, datadog-agent-fips, newrelic-infrastructure-agent, zot, cluster-api-helm-controller, neuvector-scanner, kube-arangodb, gatekeeper, chaos-mesh-fips, google-osconfig-agent, kaniko, trivy-operator, rancher-agent, neuvector-scanner-fips, trivy-fips,...

9.4CVSS5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 3:49 p.m.11 views

Malicious code in yelp-react-component-chaos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 711cd262cc670c0e66cf2878b6fa22db21a2e420313a58aa029cbc619f2b27cc On npm install, preinstall.js collects hostname, username, cwd, network interfaces, and the names of environment variables matching...

5.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-36618

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

4.3CVSS5.4AI score0.00159EPSS
Exploits0References1
NVD
NVD
added 2026/06/03 6:16 p.m.17 views

CVE-2026-36618

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

4.3CVSS0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.16 views

PT-2026-46004

Mercusys AC12G EU V1 with firmware AC12GEU V1 200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

5.8AI score0.00159EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.35 views

CVE-2026-36618

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the response to the CHAOS TXT query, and it may lead to the disclosure of the DNS resolver software...

4.3CVSS5.4AI score0.00159EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 12:0 a.m.19 views

CVE-2026-36618

Mercusys AC12G (EU) V1 devices (firmware AC12G(EU)_V1_200909) are affected. The issue arises because the DNS resolver (unbound 1.22.0) reveals its version when responding to version.bind CHAOS TXT queries, which can aid targeted attacks against known vulnerabilities. The vulnerability pertains to...

4.3CVSS5.8AI score0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.8 views

CVE-2026-36618

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

5.8AI score0.00159EPSS
Exploits0References1
CVE
CVE
added 2026/05/20 1:10 p.m.95 views

CVE-2026-5946

Summary of CVE-2026-5946 (CVE entry for named in BIND) : The issue involves the DNS message handling in the BIND 9 recursive resolver (named) when processing DNS classes other than IN (e.g., CHAOS/HESIOD) or non-IN data in questions. According to the sources, specially crafted requests reaching c...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References13Affected Software1
Cvelist
Cvelist
added 2026/05/20 1:10 p.m.61 views

CVE-2026-5946 Invalid handling of CLASS != IN

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

7.5CVSS0.0181EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/20 1:10 p.m.16 views

EUVD-2026-31107

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/05/20 1:10 p.m.12 views

CVE-2026-5946

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References13
Chainguard
Chainguard
added 2026/05/04 1:17 p.m.8 views

GHSA-F67M-9J94-QV9J vulnerabilities

Vulnerabilities for packages: chaos-tproxy...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/04 1:17 p.m.8 views

GHSA-F3PG-QWVG-P99C vulnerabilities

Vulnerabilities for packages: chaos-tproxy...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/04 1:17 p.m.32 views

CVE-2021-32714 vulnerabilities

Vulnerabilities for packages: chaos-tproxy...

9.1CVSS7.3AI score0.01133EPSS
Exploits1
Rows per page
Query Builder