Lucene search
K

845 matches found

CVE
CVE
added yesterday7 views

CVE-2026-50496

CVE-2026-50496 is an out-of-bounds read vulnerability in Windows Network Policy Server SNMP that allows an unauthenticated attacker to disclose information over the network. Affects the SNMP component of Windows NPS; impact is information disclosure with a CVSS v3.1 base score of 7.5 (Network att...

7.5CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-50470

CVE-2026-50470 describes an out-of-bounds read in Windows Network Policy Server SNMP that could let an unauthenticated attacker disclose information over the network. The vulnerability affects the NPS SNMP handling and has a CVSS v3.1 base score of 7.5 (High) with network attack vector, low attac...

7.5CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added yesterday14 views

CVE-2026-15427 OS Command Injection in TR-069 (CWMP) Management Interface in TP-Link Archer VX1800v

An OS command injection vulnerability exists in the TR-069 / CWMP management interface of Archer VX1800v v1 due to insufficient input validation and sanitization of parameters, allowing crafted input to be executed as system-level commands. Exploitation requires specific conditions such as TR-069...

8.6CVSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-33799 Junos OS and Junos OS Evolved: Receipt of a specific SNMPv3 request results in memory leak and eventual snmpd crash

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS0.00368EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 5:16 p.m.8 views

CVE-2026-13211

The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role...

4.3CVSS0.00139EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/29 10:51 p.m.7 views

CVE-2026-10648 NULL-pointer dereference in MCUmgr serial/console SMP transport on buffer-pool exhaustion

mcumgrserialprocessfrag in subsys/mgmt/mcumgr/transport/src/serialutil.c calls netbufreset on the result of smppacketalloc before checking it for NULL. smppacketalloc uses netbufallocKNOWAIT against the shared MCUmgr packet pool CONFIGMCUMGRTRANSPORTNETBUFCOUNT, default 4, which returns NULL when...

6.2CVSS6.2AI score0.00109EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/26 3:32 p.m.7 views

EUVD-2026-39654

In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible...

3.1CVSS5.8AI score0.00143EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 12:0 a.m.27 views

CVE-2026-39006

CVE-2026-39006 concerns SNMP4J-Agent 3.8.3 where a remote attacker can execute arbitrary code via the snmp4jCfgStoragePath component. Documented impact is critical (CVSS v3.1: 9.8) with network discovery and no user interaction required; exploitation status is not provided in the supplied sources...

9.8CVSS6AI score0.00515EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49299

Name of the Vulnerable Software and Affected Versions SNMP4J-Agent version 3.8.3 Description A remote attacker can execute arbitrary code through the snmp4jCfgStoragePath component. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

9.8CVSS5.7AI score0.00515EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/06/13 2:19 a.m.10 views

SUSE CVE-2026-42769

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

5.9CVSS5.7AI score0.00262EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/11 1:24 p.m.8 views

openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

A flaw was found in the Certificate Management Protocol CMP implementation within OpenSSL. An attacker with existing Registration Authority RA level credentials could exploit an error in the certificate verification process during a Root Certificate Authority CA key update. This vulnerability...

5.3CVSS5.5AI score0.00262EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/11 1:24 p.m.10 views

openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...

5.9CVSS5.4AI score0.00349EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/11 1:9 p.m.9 views

openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

A flaw was found in the Certificate Management Protocol CMP implementation within OpenSSL. An attacker with existing Registration Authority RA level credentials could exploit an error in the certificate verification process during a Root Certificate Authority CA key update. This vulnerability...

5.3CVSS5.5AI score0.00262EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/11 1:9 p.m.10 views

openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...

5.9CVSS5.4AI score0.00349EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/10 1:34 p.m.15 views

CVE-2026-42769

A flaw was found in the Certificate Management Protocol CMP implementation within OpenSSL. An attacker with existing Registration Authority RA level credentials could exploit an error in the certificate verification process during a Root Certificate Authority CA key update. This vulnerability...

5.9CVSS5.1AI score0.00262EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 1:34 p.m.11 views

CVE-2026-42767

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...

5.9CVSS5.4AI score0.00349EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-42769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response...

5.3CVSS5.7AI score0.00262EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-42767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact...

5.9CVSS7.1AI score0.00349EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/09 6:30 p.m.16 views

EUVD-2026-35486

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

5.3CVSS5.7AI score0.00262EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/09 6:30 p.m.22 views

EUVD-2026-35484

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS5.5AI score0.00349EPSS
Exploits0References7
Rows per page
Query Builder