Lucene search
K

1528 matches found

OSV
OSV
added 2026/04/16 5:35 p.m.6 views

MAL-2026-2817 Malicious code in lightweight-charts-4.1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7a7bcf5678b42c2da20ad8e444066092ac3a9c17a6c8867a034717d1d8c344 The package lightweight-charts-4.1 was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/15 7:23 p.m.4 views

CVE-2026-27917

Use after free in Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/14 6:30 p.m.3 views

EUVD-2026-22461

Use after free in Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys allows an authorized attacker to elevate privileges locally...

7CVSS5.7AI score0.00243EPSS
Exploits0References2
CVE
CVE
added 2026/04/14 4:57 p.m.31 views

CVE-2026-27917

CVE-2026-27917 is a use-after-free vulnerability in the Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) that can elevate privileges locally. Connected documents confirm the issue and its root cause (memory corruption via use-after-free) and indicate that Microsoft released fixes (e.g., K...

7CVSS5.7AI score0.00243EPSS
Exploits0References1Affected Software14
Vulnrichment
Vulnrichment
added 2026/04/14 4:57 p.m.6 views

CVE-2026-27917 Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability

...

7CVSS6.2AI score0.00243EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/04/14 2:0 p.m.5 views

Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability

Use after free in Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys allows an authorized attacker to elevate privileges locally...

7CVSS6.2AI score0.00243EPSS
Exploits0
Snyk
Snyk
added 2026/04/14 1:8 a.m.6 views

LDAP Injection

Overview mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. Affected versions of this package are vulnerable to LDAP Injection through the Ldap authentication handler in mitmproxy/addons/proxyauth.py. An attacker can...

8.3CVSS5.8AI score0.00166EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys contains a resource management vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following...

7CVSS5.8AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.4 views

CVE-2026-33784

A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...

9.8CVSS5.8AI score0.00456EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:22 p.m.6 views

CVE-2026-21915

A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...

8.4CVSS5.8AI score0.0224EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/13 12:0 a.m.5 views

Hardware-Efficient Compound IC Protection with Lightweight Cryptography

Over the years, many techniques have been introduced to protect integrated circuits ICs from hardware security threats that emerged in the globalized IC manufacturing supply chain, such as overproduction and piracy. However, most of these techniques have been rendered inefficient since they do no...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/04/10 12:30 a.m.5 views

EUVD-2026-21203

A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...

9.8CVSS5.9AI score0.00456EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/10 12:30 a.m.8 views

EUVD-2026-21078

A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...

8.4CVSS5.9AI score0.0224EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/09 9:36 p.m.24 views

CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access

A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...

9.8CVSS0.00456EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/09 9:26 p.m.18 views

CVE-2026-21915 JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root

A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...

8.4CVSS0.0224EPSS
Exploits0References1
CVE
CVE
added 2026/04/09 9:26 p.m.7 views

CVE-2026-21915

The CVE describes a vulnerability in Juniper Networks’ JSI Virtual Lightweight Collector (vLWC). A Permissive List of Allowed Input in the CLI enables local, high-privilege attackers to inject shell commands that run with root permissions, potentially yielding full system control. Affected: all J...

8.4CVSS5.9AI score0.0224EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/09 2:34 p.m.18 views

CVE-2026-34578 OPNsense has an LDAP Injection via Unsanitized Username in Authentication

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldapescape. An unauthenticated attacker can inject LDAP filter metacharacters into the username field ...

8.2CVSS0.00415EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.8 views

Juniper Networks Support Insights Virtual Lightweight Collector 安全漏洞

Juniper Networks Support Insights Virtual Lightweight Collector is a network device telemetry data collection and operational analysis tool developed by Juniper Networks. Versions of Juniper Networks Support Insights Virtual Lightweight Collector prior to version 3.0.94 contained security...

9.8CVSS7.3AI score0.00456EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.14 views

PT-2026-31803

Name of the Vulnerable Software and Affected Versions Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC versions prior to 3.0.94 Description A Use of Default Password issue in Juniper Networks JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based...

9.8CVSS5.8AI score0.00456EPSS
Exploits0References16
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.7 views

Juniper Networks Support Insights Virtual Lightweight Collector 安全漏洞

Juniper Networks Support Insights Virtual Lightweight Collector is a network device telemetry data collection and operational analysis tool developed by Juniper Networks. Versions of Juniper Networks Support Insights Virtual Lightweight Collector prior to version 3.0.94 contained security...

8.4CVSS5.9AI score0.0224EPSS
Exploits0References1
Rows per page
Query Builder