Lucene search
+L

601 matches found

CNNVD
CNNVD
added 2026/03/23 12:0 a.m.11 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the American company Nexxt Solutions. Versions of the Nebula 300+ prior to 12.01.01.37 contain security vulnerabilities. These vulnerabilities stem from a hidden feature in the /goform/setSysTools endpoint, which may lead to the...

8.8CVSS5.8AI score0.00424EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.10 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the Nexxt Solutions company in the United States. Versions of the Nebula 300+ with the software version 12.01.01.37 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of rate limits on the...

9.8CVSS5.8AI score0.00333EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.17 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the American company Nexxt Solutions. Versions of the Nebula 300+ prior to 12.01.01.37 contain security vulnerabilities. These vulnerabilities stem from the lack of cross-site request forgery protection in the status change manageme...

7.2CVSS5.7AI score0.00117EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.6 views

PT-2026-27116

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing administrative endpoints. A remote attacker can induce an authenticated administrator to submit crafted requests that modify device settings, including security-relevant...

7.2CVSS5.9AI score0.00117EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.5 views

PT-2026-27114

Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. Once enabled, the service exposes a privileged diagnostic management interface over the network, increasing the attack surface...

8.5CVSS5.8AI score0.00424EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.9 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the American company Nexxt Solutions. Versions of the Nebula 300+ with the software version 12.01.01.37 and earlier contain security vulnerabilities. These vulnerabilities stem from unvalidated credentials exposure in the /goform/at...

7.1CVSS5.8AI score0.0025EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.6 views

PT-2026-27112

An unauthenticated credential disclosure vulnerability in the /goform/ate endpoint of Nexxt Solutions Nebula 300+ firmware through Nebula300+ v12.01.01.37 allows an adjacent attacker to obtain the administrator password in Base64-encoded form via a crafted HTTP request. The recovered credential c...

7.1CVSS5.8AI score0.0025EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.5 views

PT-2026-27117

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files...

6.8CVSS5.8AI score0.00178EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2026-12337

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

2.5CVSS5AI score0.00097EPSS
Exploits0References5
NVD
NVD
added 2026/03/16 2:20 p.m.5 views

CVE-2026-4217

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

2.5CVSS0.00097EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/16 5:2 a.m.3 views

CVE-2026-4217 XREAL Nebula App ai.nreal.nebula.universal CloudStoragePlugin.java credentials storage

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

2.5CVSS5AI score0.00097EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/16 5:2 a.m.4 views

CVE-2026-4217

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

2.5CVSS5AI score0.00097EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/16 5:2 a.m.32 views

CVE-2026-4217 XREAL Nebula App ai.nreal.nebula.universal CloudStoragePlugin.java credentials storage

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

2.5CVSS0.00097EPSS
Exploits0References4
CVE
CVE
added 2026/03/16 5:2 a.m.24 views

CVE-2026-4217

CVE-2026-4217 affects XREAL Nebula App up to version 3.2.1 on Android. The vulnerability resides in ai.nreal.nebula.universal’s CloudStoragePlugin.java (ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java) where manipulation of accessKey/secretAccessKey/securityToken can lead to unprotected sto...

2.5CVSS5AI score0.00097EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.13 views

XREAL Nebula App 安全漏洞

The XREAL Nebula App is an application designed for XREAL’s augmented reality devices. Versions of the XREAL Nebula App 3.2.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper handling of parameters such as accessKey, secretAccessKey, and securityToken in...

2.5CVSS5.8AI score0.00097EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.12 views

PT-2026-25614

A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument...

2.5CVSS5AI score0.00097EPSS
Exploits0References4
OSV
OSV
added 2026/02/17 6:9 p.m.5 views

GO-2026-4458 Blocklist Bypass possible via ECDSA Signature Malleability in github.com/slackhq/nebula

Blocklist Bypass possible via ECDSA Signature Malleability in github.com/slackhq/nebula...

8.1CVSS5.4AI score0.00133EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/02/10 12:23 a.m.5 views

SUSE CVE-2026-25793

Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of th...

8.1CVSS5.5AI score0.00133EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/08 1:21 a.m.6 views

CVE-2026-25793

Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of th...

8.1CVSS5.4AI score0.00133EPSS
Exploits0References5
NVD
NVD
added 2026/02/06 11:15 p.m.7 views

CVE-2026-25793

Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of th...

8.1CVSS0.00133EPSS
Exploits0References2
Rows per page
Query Builder