1562 matches found
CVE-2026-50747
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...
CVE-2026-54409
A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras...
CVE-2026-50746
CVE-2026-50746 describes an "Improper Access Control" vulnerability in UniFi Connect Application that could allow a malicious actor with network access to perform a Command Injection on the host device. The publicly provided descriptions indicate the issue enables remote command execution with no...
CVE-2026-50746
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device...
CVE-2026-54403
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances...
CVE-2026-54407
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints...
CVE-2026-50748
CVE-2026-50748 describes an Improp er Input Validation vulnerability in the UniFi Access Application that enables a Command Injection on the host when an attacker with network access and low privileges can exploit it. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H, indicating...
EUVD-2026-41381
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances...
CVE-2026-54403
The CVE-2026-54403 entry concerns a Path Traversal vulnerability in UniFi OS devices. The issue allows an attacker with network access to bypass authentication on affected UniFi OS devices/instances by exploiting path traversal. The provided sources describe the vulnerability but do not specify a...
CVE-2026-54403
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances...
Microsoft Azure Synapse Elevation of Privilege Vulnerability
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network...
PT-2026-55245
Name of the Vulnerable Software and Affected Versions UniFi Protect Application affected versions not specified Description An Improper Initialization issue exists in the UniFi Protect Application. A malicious actor with network access could exploit this flaw under certain conditions to bypass...
CVE-2026-14092
Insufficient policy enforcement in Privacy in Google Chrome prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via malicious network traffic. Chromium security severity: Low...
CVE-2026-13940
Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. Chromium security severity: Medium...
CVE-2026-9002 IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled
IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...
CVE-2026-56115
A flaw was found in dhcpcd. This vulnerability allows an unauthenticated attacker on the same network link to trigger a one-byte stack out-of-bounds write. By sending a specially crafted DHCPv6 ADVERTISE message with an oversized option, the attacker can corrupt adjacent stack memory. This can le...
CVE-2026-56113
A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit this vulnerability by sending a specially crafted DHCPv6 RENEW reply. This can lead to a Denial of Service DoS, causing the dhcpcd daemon to crash due to a heap use-after-free vulnerability...
CVE-2026-54100
CVE-2026-54100 affects the Windows Machine Config Operator (WMCO) used with Red Hat OpenShift Container Platform. The flaw is that WMCO establishes SSH connections to Windows worker nodes without verifying the remote host key, enabling an adjacent-network attacker who can intercept or redirect WM...
CVE-2026-54100
A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key. An adjacent-network attacker who can intercept or redirect WMCO's SSH session can capture...
CVE-2026-27868
An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat in this case, NO registration action is required who has the vulnerable software could obtain privilege information by using the command Version via the path: /upgrade/query.php?cmd=p+3&3Bversion resulting in a...