Lucene search
K

745 matches found

Cvelist
Cvelist
added yesterday16 views

CVE-2026-50509 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

...

7.8CVSS
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-50509

CVE-2026-50509 is a Windows WWAN Service deserialization vulnerability that could enable local privilege escalation when an authorized user triggers the flaw. Affected component: Windows Wireless Wide Area Network Service (WwanSvc). Root cause: deserialization of untrusted data leading to elevati...

7.8CVSS6AI score
Exploits0References1
Microsoft CVE
Microsoft CVE
added yesterday3 views

Windows Network Connections Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Wireless Wide Area Network Service allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score
Exploits0
EUVD
EUVD
added 2026/06/30 12:52 p.m.7 views

EUVD-2026-40310

Arbitrary File Read Unauthenticated in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled...

7.1CVSS5.8AI score0.00415EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 4:16 p.m.8 views

CVE-2026-9718

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 3:7 p.m.5 views

EUVD-2026-39435

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS5.9AI score0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 3:7 p.m.49 views

CVE-2026-9718

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS0.00243EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:7 p.m.5 views

CVE-2026-9718

CWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impacting system availability when a specially crafted request is sent to a vulnerable network-exposed service...

6.9CVSS5.9AI score0.00243EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 3:5 p.m.29 views

CVE-2026-9717

CVE-2026-9717 is a CWE-78 OS Command Injection vulnerability. Description states that a privileged, authenticated user can trigger unauthorized command execution with elevated privileges by interacting with a vulnerable network-exposed service. Documents consistently describe impact to integrity,...

8.6CVSS6AI score0.01191EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:5 p.m.6 views

CVE-2026-9717

CWE-78 Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could allow unauthorized execution of commands with elevated privileges, impacting system integrity, confidentiality, and availability when a privileged authenticated user interacts wi...

8.6CVSS6AI score0.01191EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 12:33 a.m.6 views

EUVD-2026-39146

Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS6.5AI score0.00689EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 11:15 p.m.15 views

CVE-2026-9786

CVE-2026-9786 affects Quest NetVault Backup NVBUDashboard. The flaw is a SQL injection in the NVBUDashboard JSON-RPC message processing that fails to validate a user-supplied string used to build SQL queries, allowing code execution in the context of NETWORK SERVICE. Authentication is required to...

8.8CVSS7.8AI score0.00689EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/24 11:14 p.m.36 views

CVE-2026-9785 Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.00689EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 11:14 p.m.11 views

CVE-2026-9782

Quest NetVault Backup NVBUDeviceDrive is affected by a SQL Injection in the JSON‑RPC message processing path. The flaw stems from improper validation of a user-supplied string used to construct SQL queries, enabling an attacker to execute arbitrary code in the context of NETWORK SERVICE. Authenti...

8.8CVSS7.8AI score0.00689EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/24 11:14 p.m.34 views

CVE-2026-9781 Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.00689EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: removed the never-working support for setting nsh fields. The validation of the setnsh... action is completely incorrect. It involves the nshkeyputfromnlattr function, which is the same function used to...

6.1AI score0.00207EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 a.m.7 views

CVE-2026-12847

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:40 a.m.36 views

CVE-2026-12850 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS0.0172EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 3:34 a.m.8 views

CVE-2026-12847

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS6.2AI score0.00427EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52149

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBULibraryPort JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from...

8.8CVSS7.7AI score0.00689EPSS
Exploits0References9
Rows per page
Query Builder