Lucene search
+L

147 matches found

CVE
CVE
added 2026/01/23 4:47 p.m.12 views

CVE-2021-47894

CVE-2021-47894 affects Managed Switch Port Mapping Tool 2.85.2. A DoS allows an attacker to crash the application by pasting a 10,000-character buffer into the IP Address and SNMP Community Name fields, exploiting an oversized-buffer condition. The vulnerability impacts availability and is local ...

7.5CVSS5.7AI score0.00252EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/23 4:47 p.m.28 views

CVE-2021-47894 Managed Switch Port Mapping Tool 2.85.2 - Denial of Service

Managed Switch Port Mapping Tool 2.85.2 contains a denial of service vulnerability that allows attackers to crash the application by creating an oversized buffer. Attackers can generate a 10,000-character buffer and paste it into the IP Address and SNMP Community Name fields to trigger the...

7.5CVSS0.00252EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000839)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000839 advisory. The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to...

4.4CVSS7.8AI score0.00329EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001786)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001786 advisory. The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to...

4.4CVSS7.8AI score0.00329EPSS
Exploits0References13
OSV
OSV
added 2026/01/13 6:43 p.m.7 views

CVE-2025-68949 n8n has a Webhook Node IP Whitelist Bypass via Partial String Matching

n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured...

5.3CVSS6.4AI score0.00253EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 11:24 a.m.4 views

CVE-2021-31552

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly executed certain rules related to blocking accounts after account creation. Such rules would allow for user accounts to be created while blocking only the IP address used to create an account and not...

5.5CVSS6.8AI score0.00576EPSS
Exploits0References1
OSV
OSV
added 2025/12/29 9:57 p.m.4 views

MAL-2025-192961 Malicious code in awsutil (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 86d4af9fafbcfb6e3789a38b426c744e4ac67da10eb1fa225be3a715189fb1c2 Dependency confusion research package with advanced module-mocking --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also...

7AI score
Exploits0References1
NVD
NVD
added 2025/12/23 5:15 p.m.7 views

CVE-2025-29228

Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter...

9.8CVSS0.01134EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/22 9:35 p.m.30 views

CVE-2023-53969 Screen SFT DAB 600/C Firmware 1.9.3 Authentication Bypass Password Change

Screen SFT DAB 600/C firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authentication controls by exploiting IP address session binding. Attackers can reuse the same IP address and issue unauthorized requests to the userManager API to change user passwords...

9.3CVSS0.00456EPSS
Exploits2References5
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

Red Hat OpenShift 代码问题漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying and running applications. A code issue vulnerability exists in Red Hat OpenShift that stems from a lack of IP address and network range validation, which could...

6.4CVSS6.9AI score0.00311EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.12 views

PT-2025-51683

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

5CVSS6.6AI score0.00167EPSS
Exploits0References1
CVE
CVE
added 2025/12/13 4:31 a.m.22 views

CVE-2025-11707

CVE-2025-11707 – Login Lockdown & Protection (WordPress) : A vulnerability in all versions up to and including 2.14 allows unauthenticated attackers who have access to an admin email to generate valid unblock keys for their IP, bypassing IP blocks after failed logins due to insufficient randomnes...

5.3CVSS5.7AI score0.00416EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/10 9:16 p.m.8 views

CVE-2021-47703

OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external domain in the 'ip'...

7.2CVSS7.1AI score0.00281EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/12/04 12:11 a.m.11 views

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

7.5CVSS6.8AI score0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/03 12:0 a.m.3 views

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

6.4AI score0.00289EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/27 6:2 p.m.6 views

CVE-2025-64126

An OS command injection vulnerability exists due to improper input validation. The application accepts a parameter directly from user input without verifying it is a valid IP address or filtering potentially malicious characters. This could allow an unauthenticated attacker to inject arbitrary...

10CVSS7.7AI score0.02328EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/26 5:47 p.m.45 views

CVE-2025-64126 Zenitel TCIV-3+ OS Command Injection

An OS command injection vulnerability exists due to improper input validation. The application accepts a parameter directly from user input without verifying it is a valid IP address or filtering potentially malicious characters. This could allow an unauthenticated attacker to inject arbitrary...

10CVSS0.02328EPSS
Exploits0References3
NVD
NVD
added 2025/11/21 9:15 a.m.10 views

CVE-2025-12039

The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 2.0.5 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for...

5.3CVSS0.00255EPSS
Exploits0References3
NVD
NVD
added 2025/11/20 4:15 p.m.10 views

CVE-2025-60738

An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 20250721 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters...

9.8CVSS0.01001EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.10 views

PT-2025-47580

An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 - 2025 07 21 and before allows a remote attacker to execute arbitrary code via the ping.php component does not perform secure filtering on IP parameters...

8AI score0.01001EPSS
Exploits2References2
Rows per page
Query Builder