Lucene search
+L

31014 matches found

nuclei
nuclei
added 13 hours ago20 views

Canon Devices - Authentication Bypass in Catwalk Server

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. For...

7.5CVSS7AI score0.04EPSS
Exploits1References3
nuclei
nuclei
added 13 hours ago51 views

VelotiSmart Wifi - Directory Traversal

VelotiSmart WiFi B-380 camera devices allow directory traversal via the uc-http service 1.0.0, as demonstrated by /../../etc/passwd on TCP port 80. id: CVE-2018-14064 info: name: VelotiSmart Wifi - Directory Traversal author: 0xAkoko severity: critical description: VelotiSmart WiFi B-380 camera...

9.8CVSS7AI score0.3757EPSS
Exploits5References5
cve
cve
added yesterday13 views

CVE-2026-15907

The vulnerability CVE-2026-15907 affects H3C SecPath F1000-C8300 devices (firmware up to 20260522). It targets an unknown function at /webui/?g=log_fw_nbc_mail_jsondata, where manipulation of the subject parameter can cause SQL injection. The attack is remote, with a published exploit; the vendor...

7.5CVSS6.7AI score
Exploits0References5
redhat
redhat
added yesterday5 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update

Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.8AI score0.01735EPSS
Exploits7References32
rocky
rocky
added yesterday5 views

libinput security update

An update is available for libinput. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libinput is a library that handles input devices for display servers and...

9.8CVSS6.1AI score0.00498EPSS
Exploits0
osv
osv
added yesterday4 views

RLSA-2026:39296 Moderate: libinput security update

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Security Fixes: libinput: local privilege escalation via crafted uinput devices CVE-2026-50292 For more details about the security issues, including the impac...

6.7CVSS6.1AI score0.00498EPSS
Exploits0References2
ossf
ossf
added yesterday6 views

Malicious code in ssweb-wp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdc75de95852418c3d695299d52199b24e52202b2e5595089b3107a73c1e86b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
ossf
ossf
added yesterday5 views

Malicious code in @sauruslord/libsignal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c2cf2672d98396a7b66cb732741d269732f5faae72293ea46e06b879e7a45b Package name impersonates Open Whisper Systems' libsignal-node but ships unrelated code. On require of index.js, after a 1-second delay, install.js...

6.1AI score
Exploits0References2
redhat
redhat
added 2 days ago6 views

Moderate: Red Hat Security Advisory: libinput security update

An update for libinput is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS6.1AI score0.00498EPSS
Exploits0References2
nvd
nvd
added 2 days ago3 views

CVE-2026-50310

Integer overflow or wraparound in Windows Devices Human Interface allows an authorized attacker to disclose information locally...

4.7CVSS0.00305EPSS
Exploits0References1
osv
osv
added 2 days ago2 views

SUSE-SU-2026:2961-1 Security update for the Linux Kernel (Live Patch 39 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.163 fixes various security issues The following security issues were fixed: - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. - CVE-2026-31505: iavf: fix out-of-bounds writes in iavfgetethtoolstats...

9.8CVSS6.2AI score0.00563EPSS
Exploits8References45
ossf
ossf
added 2 days ago7 views

Malicious code in @akshajrawat/plugin-repo-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 596ef9a9a6888c00110ee80e3633052ed89887a8465e9a5eaa824a81e5211e46 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References3
osv
osv
added 2 days ago4 views

MAL-2026-10554 Malicious code in @akshajrawat/plugin-repo-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 596ef9a9a6888c00110ee80e3633052ed89887a8465e9a5eaa824a81e5211e46 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References3
fedora
fedora
added 2 days ago7 views

[SECURITY] Fedora 43 Update: golang-github-openprinting-ipp-usb-0.9.34-1.fc43

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol...

7.5CVSS6.9AI score0.00939EPSS
Exploits0
osv
osv
added 2 days ago4 views

ALSA-2026:39296 Moderate: libinput security update

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. Security Fixes: libinput: local privilege escalation via crafted uinput devices CVE-2026-50292 For more details about the security issues, including the impac...

9.8CVSS6.1AI score0.00498EPSS
Exploits0References4
osv
osv
added 3 days ago3 views

SUSE-SU-2026:2930-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.3 fixes various security issues The following security issues were fixed: - CVE-2025-71089: iommu: disable SVA when CONFIGX86 is set bsc1256615. - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. -...

9.8CVSS6.7AI score0.00563EPSS
Exploits8References51
cve
cve
added 3 days ago22 views

CVE-2026-4769

The affected product family is WAGO System I/O Field series devices. The CVE describes an undocumented internal diagnostic capability that activates during the initial startup sequence and remains accessible without authentication for a brief window in the early boot phase. During this window, an...

9.8CVSS6.1AI score0.00447EPSS
Exploits0References1
cvelist
cvelist
added 3 days ago34 views

CVE-2026-4769 Unauthenticated Access to Internal Diagnostic Interface

Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an...

9.8CVSS0.00447EPSS
Exploits0References1
ossf
ossf
added 3 days ago6 views

Malicious code in ishowfeet13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bca534c9132e075eb12129f9986f32127805ef4e81a801de877aaf3a9bda6e The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
ossf
ossf
added 3 days ago5 views

Malicious code in ishowfeet10 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4148b124e7ddd86ab1dd66865b0dad79d42d666a36a5e122f07e12b0d3029570 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
Rows per page
Query Builder