Lucene search
K

219900 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.7 views

Wireshark 2.2.x < 2.2.1 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.1 advisory. - In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture...

7.5CVSS5.8AI score0.02205EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/04/30 11:45 p.m.4 views

CVE-2026-7513 UTT HiPER 1200GW formRemoteControl strcpy buffer overflow

A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

9CVSS7.5AI score0.00472EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/30 11:45 p.m.33 views

CVE-2026-7513 UTT HiPER 1200GW formRemoteControl strcpy buffer overflow

A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

9CVSS0.00472EPSS
Exploits0References4
OSV
OSV
added 2026/04/30 9:54 p.m.7 views

CLSA-2026-1777586051 openssh: Fix of CVE-2026-35386

CVE-2026-35386: fix client-side command execution via control characters in usernames by adding iscntrl rejection to validruser...

8.1CVSS5.9AI score0.00247EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 9:49 p.m.6 views

CLSA-2026-1777585781 openssh: Fix of CVE-2026-35386

CVE-2026-35386: fix client-side command execution via control characters in usernames by adding iscntrl rejection to validruser...

8.1CVSS5.9AI score0.00247EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 9:48 p.m.5 views

MAL-2026-3206 Malicious code in currentclock (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d1c91399e9fe0c5525eac175fb302553dfca29a3cea2f469e7c9be512629e71c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
NVD
NVD
added 2026/04/30 9:16 p.m.16 views

CVE-2026-33451

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS0.00104EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/30 9:6 p.m.11 views

Malicious code in doisomgcxog (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 78d6a043bbe150c65e0a3e7e56c69f1ff32171b70a684d512c87a2bfe0baf0b5 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/30 9:6 p.m.5 views

MAL-2026-3205 Malicious code in doisomgcxog (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 78d6a043bbe150c65e0a3e7e56c69f1ff32171b70a684d512c87a2bfe0baf0b5 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/30 8:48 p.m.6 views

CVE-2026-6706

Improper access control in the vault documentation feature in Devolutions Server allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request. This issue affects Server: from 2026.1.6.0 through 2026.1.14.0, through 2025.3.18.0...

6.5CVSS5.2AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/30 8:48 p.m.6 views

CVE-2026-41940

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel...

9.8CVSS5.7AI score0.981EPSS
Exploits64References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 8:22 p.m.4 views

CVE-2026-40951

CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and trigger a denial of service...

6.8CVSS5.5AI score0.00095EPSS
Exploits0References2
NVD
NVD
added 2026/04/30 8:16 p.m.7 views

CVE-2026-33448

CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. Attackers with control of a modified server can force the client to dump the contents of a small portion of memory to the log files potentially revealing secrets...

4.8CVSS0.001EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 8:16 p.m.18 views

CVE-2026-40949

CVE-2026-40949 affects the Secure Access Windows client (prior to version 14.50). The vulnerability is a buffer overflow in the Windows client component that attackers could exploit when they have local control of the host. The documented impact is a denial of service, with the CVSS 4.0 base scor...

6.8CVSS5.7AI score0.00103EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/30 8:12 p.m.6 views

CVE-2026-33452

CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can use it to ‘blue screen’ the system...

5.9CVSS5.7AI score0.00097EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/30 8:4 p.m.34 views

CVE-2026-33450 Out of bounds read in Secure Access MacOS clients prior to 14.50

CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of a modified server can send a malformed packet to the client causing a denial of service...

2.3CVSS0.00156EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/30 7:47 p.m.5 views

EUVD-2026-26416

CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. Attackers with control of a modified server can force the client to dump the contents of a small portion of memory to the log files potentially revealing secrets...

4.8CVSS5.3AI score0.001EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 6:23 p.m.9 views

CVE-2026-40603

Chartbrew CVE-2026-40603 affects Chartbrew 4.9.0, where a legacy /api/project/dashboard/:brewName route exposes a project’s report data to any authenticated member of the same team, bypassing project-level authorization. This allows a low-privileged same-team user to read another project’s dashbo...

6.5CVSS5.4AI score0.00241EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/30 6:23 p.m.30 views

CVE-2026-40603 Chartbrew: Incorrect Access Control in /api/project/dashboard/:brewName via same-team override

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...

6.5CVSS0.00241EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/30 6:22 p.m.2 views

CVE-2026-40600 Chartbrew: Incorrect Access Control in project share policy routes via unbound policy_id

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew allows authenticated users with access to one project to update or delete a SharePolicy record that belongs to a different project. The affect...

8.1CVSS5.3AI score0.00232EPSS
Exploits0References2
Rows per page
Query Builder