Lucene search
K

360 matches found

NVD
NVD
added 2026/07/02 3:17 p.m.7 views

CVE-2026-54400

A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device...

9.1CVSS0.00257EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Library. The supported versions affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. This easily exploitable vulnerability allows an...

4.3CVSS6.8AI score0.03444EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/17 2:53 p.m.8 views

CVE-2026-35067

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

5.7CVSS5.9AI score0.0015EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 2:36 p.m.9 views

EUVD-2026-37731

Dell PowerFlex Manager, versions Versions, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access...

8.1CVSS5.3AI score0.00216EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/16 7:33 a.m.5 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS6.8AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/16 7:33 a.m.9 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
CVE
CVE
added 2026/06/11 6:55 p.m.16 views

CVE-2026-49949

CodexBar

6CVSS5.5AI score0.00253EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/11 10:32 a.m.9 views

EUVD-2026-36234

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS5.5AI score0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.19 views

PT-2026-48747

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.22 Description An issue in the Control UI pairing process involves insufficient locality-derived trust validation. This allows attackers with network access to spoof locality information to convert temporary...

8.8CVSS5.2AI score0.00309EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.15 views

CodexBar 安全漏洞

CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.33.0 contained security vulnerabilities. These vulnerabilities stemmed from credential forwarding, which could allow network adjacent attackers to intercept sensitive...

6CVSS5.3AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.10 views

CVE-2026-47672

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...

6.5CVSS5.5AI score0.00162EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11241

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

8CVSS5.8AI score0.00112EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/02 9:22 p.m.8 views

CVE-2024-14036

Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.16 views

PT-2026-45863

Name of the Vulnerable Software and Affected Versions Dräger Core version 1.0.5 Dräger M540 Converter Service version 1.0.9 Description A denial of service issue allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC Service-oriented Device...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability. This vulnerability stemmed from an out-of-bound read operation in the Media component, which could allow local network attackers to execute...

4CVSS5.9AI score0.00106EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. in the United States. Payments is one of the payment components included in Google Chrome. Blink is a browser rendering engine developed jointly by Google Inc. and Opera Software AB in Norway. V8 is an open-source JavaScript engine used in...

8.8CVSS5.5AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Cast components after their release, which could allow local network attackers to execute arbitrary...

8.8CVSS5.9AI score0.00187EPSS
Exploits0References3
NVD
NVD
added 2026/06/01 7:16 p.m.15 views

CVE-2026-43625

CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp and Ollama provider sessions. Attackers can position themselves on the network path to receive...

8.2CVSS0.00186EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/01 6:46 p.m.8 views

CVE-2026-43625

CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp and Ollama provider sessions. Attackers can position themselves on the network path to receive...

8.2CVSS5.8AI score0.00186EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in connman

A stack-based buffer overflow in dnsproxy in ConnMan prior to version 1.39 could be exploited by network-adjacent attackers to execute malicious code...

8.8CVSS8.5AI score0.01301EPSS
Exploits0References1
Rows per page
Query Builder