Lucene search
+L

38271 matches found

Nuclei
Nuclei
added 4 hours ago29 views

Intelbras NPLUG 1.0.0.14 - Authentication Bypass

Intelbras NPLUG 1.0.0.14 is vulnerable to authentication bypass through cookie manipulation. An attacker can bypass authentication by simply setting a cookie named "admin:". id: CVE-2018-12455 info: name: Intelbras NPLUG 1.0.0.14 - Authentication Bypass author: ritikchaddha severity: critical...

9.3CVSS7.8AI score0.05867EPSS
Exploits3References2
Nuclei
Nuclei
added 4 hours ago45 views

AVTECH DVR - Login Verification Code Bypass

AVTECH DVR products are vulnerable to verification code bypass just by entering the "login=quick" parameter to bypass verification code. id: CVE-2013-4982 info: name: AVTECH DVR - Login Verification Code Bypass author: ritikchaddha severity: low description: | AVTECH DVR products are vulnerable t...

9.8CVSS8.4AI score0.13117EPSS
Exploits6References1
Nuclei
Nuclei
added 4 hours ago23 views

GTranslate < 2.8.65 - Cross-Site Scripting

In the Pro and Enterprise versions of GTranslate 2.8.65, the gtranslaterequesturivar function runs at the top of all pages and echoes out the contents of $SERVER'REQUESTURI'. Although this uses addslashes, and most modern browsers automatically URLencode requests, this plugin is still vulnerable ...

6.1CVSS6AI score0.01572EPSS
Exploits2References2
Nuclei
Nuclei
added 4 hours ago21 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure

Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability caused by improper validation of the 'READ.filePath' parameter in fileread script and SendCGICMD API, letting authenticated attackers read arbitrary system files. id: CVE-2019-25246 info: name: BEWARD...

8.8CVSS5.4AI score0.17393EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday125 views

SAP Internet Graphics Server (IGS) - XML External Entity Injection

SAP Internet Graphics Servers IGS running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53 has two XML external entity injection XXE vulnerabilities within the XMLCHART page - CVE-2018-2392 and CVE-2018-2393. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag...

7.5CVSS7.3AI score0.40993EPSS
Exploits2References6
Nuclei
Nuclei
added yesterday1429 views

Microsoft FrontPage Extensions - Information Disclosure

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...

5CVSS5.4AI score0.47595EPSS
Exploits1References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-44918

HCL DFXAnalytics is affected by an Internal IP Address Disclosure vulnerability. The application includes internal IP address details within its generated server responses, which could allow a remote attacker to gather sensitive network topology information and use it to map the internal...

2.6CVSS6.1AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2 days ago3 views

CVE-2026-53366 ipv4: account for fraggap on the paged allocation path

In the Linux kernel, the following vulnerability has been resolved: ipv4: account for fraggap on the paged allocation path In ipappenddata, when the paged-allocation branch is taken, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen; pagedlen = datalen - transhdrlen;...

7.8CVSS6AI score0.00191EPSS
Exploits0References8
CVE
CVE
added 2 days ago8 views

CVE-2026-47083

Cyrus IMAPd up to 3.12.2 contains a cross-user ESEARCH content oracle: an authenticated IMAP user can enumerate folder names under any account they can name, with search returning message UIDs (no full content access). Root cause: ESEARCH handling exposes per-account folder/UID metadata to other ...

4.3CVSS6.2AI score0.00183EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 3 days ago4 views

Rapid7 MDR Team Discovers New SonicWall SMA1000 Zero Days being Actively Exploited (CVE-2026-15409, CVE-2026-15410)

Overview On July 14, 2026, SonicWall published a security advisory addressing two vulnerabilities affecting SMA1000 Series remote access appliances, including the critical server-side request forgery SSRF vulnerability CVE-2026-15409 CVSS 10.0 and the high-severity code injection vulnerability...

10CVSS7.6AI score0.01486EPSS
Exploits5
CVE
CVE
added 3 days ago43 views

CVE-2026-47703

Summary: CVE-2026-47703 affects AdGuard Home and its DoQ-to-UDP forwarding path. Prior to version 0.107.75, the backend UDP path could collapse the DNS transaction ID (txid) to 0 on client-triggered DoQ queries, reducing the entropy of the backend tuple from (txid, source-port) to only the source...

6.3CVSS6.1AI score0.00135EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-47737

A flaw was found in Puma, a Ruby/Rack web server. When setremoteaddress proxyprotocol: :v1 is enabled and persistent connections are used, Puma incorrectly re-parses PROXY protocol headers after each keep-alive request on the same connection. This allows a remote attacker to inject a second PROXY...

7.5CVSS6.1AI score0.00177EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 3 days ago4 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7AI score0.00728EPSS
Exploits0References8
OSV
OSV
added 3 days ago6 views

USN-8546-1 linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...

9.8CVSS6.9AI score0.00817EPSS
Exploits9References63
BDU FSTEC
BDU FSTEC
added 3 days ago6 views

The vulnerability of the Linux operating system’s kernel, which stems from the inability to release resources after their useful lifespan has ended, allows attackers to trigger service failures.

The vulnerability of the Linux operating system’s kernel is related to the failure to release resources after their useful lifespan has ended. Exploiting this vulnerability allows a remote attacker to cause service interruptions through specially created IPv6 traffic...

5.5CVSS6.1AI score0.00161EPSS
Exploits0References8Affected Software3
NVD
NVD
added 4 days ago3 views

CVE-2026-50696

Heap-based buffer overflow in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...

7.5CVSS0.00816EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 days ago4 views

CVE-2026-50306 Windows TCP/IP Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago20 views

CVE-2026-50696 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

...

7.5CVSS0.00816EPSS
Exploits0References1
CVE
CVE
added 4 days ago8 views

CVE-2026-50696

CVE-2026-50696 is a heap-based buffer overflow in the Windows Internet Key Exchange (IKE) Protocol that allows an unauthenticated, network-based attacker to cause a denial of service. The vulnerability is documented across several sources (NVD and CVE records), with a CVSS v3.1 base score of 7.5 ...

7.5CVSS6.2AI score0.00816EPSS
Exploits0References1Affected Software9
OSV
OSV
added 4 days ago5 views

SUSE-SU-2026:2989-1 Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.166 fixes various security issues The following security issues were fixed: - CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmcrelease bsc1264094. - CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1265197. -...

9.8CVSS6.2AI score0.00563EPSS
Exploits5References23
Rows per page
Query Builder