12198 matches found
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
CVE-2026-33829 - Security Vulnerability Quick Usage ba...
wined
Windows Exploitation wined Tools The following scripts were...
Apache ActiveMQ - Remote Code Execution via HTTP Discovery Transport Bypass
Apache ActiveMQ before 5.19.6 and 6.0.0 through 6.2.4 is vulnerable to remote code execution via a bypass of the CVE-2026-34197 security fix. The original fix blocked the "vm://" transport scheme in BrokerView.addNetworkConnector and BrokerView.addConnector to prevent authenticated attackers from...
EUVD-2024-55607
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...
CVE-2026-8036
creationtimestamp| type| source ---|---|--- 2026-06-02 23:46:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndrozqits2m...
CVE-2024-14036
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...
CVE-2024-14036
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 are affected by a denial-of-service vulnerability where specially crafted, unencrypted SDC discovery messages exhaust CPU resources. Network-adjacent attackers with hospital-network access can trigger high CPU load, causing subsequent SDC ...
CVE-2024-14036 Dräger Core 1.0.5 Denial of Service via Malformed SDC Message
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...
CVE-2024-14036
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...
CVE-2024-14036 Dräger Core 1.0.5 Denial of Service via Malformed SDC Message
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...
CVE-2026-9522
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...
CVE-2026-9522
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...
CVE-2026-9522
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...
CVE-2026-9522
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...
CVE-2026-9522
Summary (CVE-2026-9522): Improper access control in the PAM account discovery feature of Devolutions Server 2026.1.19 and earlier enables an authenticated user without administrative privileges to delete network discovery scan configurations. Affected product is Devolutions Server (version line n...
EUVD-2026-33937
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...
Apache ActiveMQ - Remote Code Execution
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations o...
CVE-2026-45609
mcp-security provides Security and Authorization support for Model Context Protocol in Spring AI. Prior to 0.1.9, the mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol MCP security specifications. Specifically, it processes untrusted...
PT-2026-45863
Name of the Vulnerable Software and Affected Versions Dräger Core version 1.0.5 Dräger M540 Converter Service version 1.0.9 Description A denial of service issue allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC Service-oriented Device...
PT-2026-45789
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...