Lucene search
K

12609 matches found

NVD
NVD
added yesterday5 views

CVE-2026-12576

DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...

7.5CVSS0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday20 views

CVE-2026-10539 Unauthenticated command injection in Control-M/Server communication command

A Control-M/Server communication command does not sufficiently filter or sanitize user-supplied input. Under certain conditions, this issue may allow an unauthenticated attacker to execute unauthorized commands on the affected server, potentially leading to compromise of the server. This...

9.5CVSS0.00235EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-40931

DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday34 views

Fujian Kelixin Communication - Command Injection

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. id: CVE-2024-2621 info: name: Fujian Kelixin Communication - Command...

9.8CVSS6.4AI score0.0194EPSS
Exploits0References6
EUVD
EUVD
added yesterday4 views

EUVD-2026-40765

Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00174EPSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-40703

Race in WebRTC in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00174EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-40573

Inappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00208EPSS
Exploits0References3
NVD
NVD
added 2 days ago5 views

CVE-2026-14078

Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

8.8CVSS0.00174EPSS
Exploits0References2
OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-13887

Inappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2 days ago3 views

CVE-2026-13887

Inappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00208EPSS
Exploits0References2
CVE
CVE
added 2 days ago6 views

CVE-2026-14078

Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

8.8CVSS5.8AI score0.00174EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2 days ago19 views

CVE-2026-13887

Inappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00208EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-13887

Inappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00208EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago4 views

Malicious code in ripshakti1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 764edbf390c427ef99a9d9164034b966fbac251f00240bbb219825c0c92422a6 package.json declares a preinstall lifecycle hook node index.js that auto-executes on npm install. index.js queries the AWS EC2 instance metadata...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-40275

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server...

7CVSS5.8AI score0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-10763

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server...

7CVSS0.00347EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40052

Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...

7.3CVSS5.8AI score0.00089EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago7 views

CVE-2026-22078

Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...

7.3CVSS5.8AI score0.00089EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-22078 O+ Connect's lack of authentication for IPC channels led to a local privilege escalation vulnerability.

Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...

7.3CVSS0.00089EPSS
Exploits0References1
CVE
CVE
added 3 days ago13 views

CVE-2026-22078

CVE-2026-22078 concerns O+ Connect where an unauthenticated IPC service allows a local attacker to escalate privileges via the IPC channel. The root cause is lack of client authentication on the IPC interface, enabling external applications to perform sensitive actions with elevated privileges. T...

7.3CVSS5.8AI score0.00089EPSS
Exploits0References1
Rows per page
Query Builder