Lucene search
+L

1861 matches found

NVD
NVD
added 2026/03/16 6:16 p.m.4 views

CVE-2026-29521

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS0.0011EPSS
Exploits0References2
CVE
CVE
added 2026/03/16 4:55 p.m.9 views

CVE-2026-29521

CVE-2026-29521 affects Hereta ETH-IMC408M devices with firmware 1.0.15 and earlier, where missing CSRF protections in setup.cgi allow cross-site request forgery. An attacker hosting malicious pages can submit forged requests using automatically-included HTTP Basic Authentication credentials to mo...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/16 4:55 p.m.2 views

CVE-2026-29521 Hereta ETH-IMC408M CSRF via Configuration Setup

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25784

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/06 2:37 p.m.9 views

CVE-2026-28543

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

4.7CVSS5.8AI score0.00071EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/05 9:30 a.m.9 views

EUVD-2026-9803

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

4.7CVSS5.9AI score0.00071EPSS
Exploits0References4
NVD
NVD
added 2026/03/05 8:15 a.m.12 views

CVE-2026-28543

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

4.7CVSS0.00071EPSS
Exploits0References3
OSV
OSV
added 2026/03/05 8:15 a.m.4 views

CVE-2026-28543

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

4.7CVSS5.8AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/05 7:58 a.m.5 views

CVE-2026-28543

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

4.4CVSS5.9AI score0.00071EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/05 7:58 a.m.4 views

CVE-2026-28543

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

4.4CVSS5.9AI score0.00071EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/05 7:58 a.m.33 views

CVE-2026-28543

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

4.4CVSS0.00071EPSS
Exploits0References3
CVE
CVE
added 2026/03/05 7:58 a.m.17 views

CVE-2026-28543

Technical details about CVE-2026-28543 are not publicly available in the provided documents. Monitor for updates from Huawei bulletins and relevant security advisories.

4.7CVSS5.9AI score0.00071EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.16 views

PT-2026-23423

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...

4.4CVSS5.9AI score0.00071EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 12:59 p.m.6 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server traditional which is affected by a denial of service due to jose4j.

Summary The security issue described in CVE-2024-29371 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

7.5CVSS5.9AI score0.00248EPSS
Exploits1Affected Software1
Zero Science Lab
Zero Science Lab
added 2026/03/02 12:0 a.m.246 views

Honeywell Trend IQ4xx BMS Controller Unauthenticated Remote Web-HMI Control And Lockout

Summary The Honeywell IQ4 Trend IQ4 is a line of intelligent building-management controllers designed to provide advanced unitary control, HVAC integration, and scalable I/O expansion for commercial environments. These controllers use Ethernet and TCP/IP networking with embedded XML, support BACn...

10CVSS5.7AI score0.05585EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/17 8:45 a.m.11 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server traditional which could provide weaker than expected security.

Summary The security issue described in CVE-2025-13333 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

4.9CVSS5.4AI score0.0031EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/09 1:33 a.m.5 views

CVE-2026-25857

Tenda G300-F router firmware version 16.01.14.2 and prior contain an OS command injection vulnerability in the WAN diagnostic functionality formSetWanDiag. The implementation constructs a shell command that invokes curl and incorporates attacker-controlled input into the command line without...

8.8CVSS6.1AI score0.02819EPSS
Exploits1References1
NVD
NVD
added 2026/02/04 5:16 p.m.7 views

CVE-2026-23106

In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...

5.5CVSS0.001EPSS
Exploits0References2
OSV
OSV
added 2026/02/04 5:16 p.m.9 views

UBUNTU-CVE-2026-23106

In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...

5.5CVSS5.7AI score0.001EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/04 6:14 a.m.4 views

CVE-2026-20987

Improper input validation in GalaxyDiagnostics prior to version 3.5.050 allows local privileged attackers to execute privileged commands...

8.7CVSS5.5AI score0.00136EPSS
Exploits0References2
Rows per page
Query Builder