Lucene search
K

1562 matches found

Cvelist
Cvelist
added 2026/07/02 2:49 p.m.35 views

CVE-2026-50747

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...

9.9CVSS0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.33 views

CVE-2026-54409

A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras...

7.5CVSS0.00254EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:49 p.m.131 views

CVE-2026-50746

CVE-2026-50746 describes an "Improper Access Control" vulnerability in UniFi Connect Application that could allow a malicious actor with network access to perform a Command Injection on the host device. The publicly provided descriptions indicate the issue enables remote command execution with no...

10CVSS5.8AI score0.00826EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.10 views

CVE-2026-50746

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device...

10CVSS5.8AI score0.00826EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.7 views

CVE-2026-54403

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances...

8.6CVSS5.8AI score0.00457EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.7 views

CVE-2026-54407

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints...

8.6CVSS5.8AI score0.00291EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:49 p.m.13 views

CVE-2026-50748

CVE-2026-50748 describes an Improp er Input Validation vulnerability in the UniFi Access Application that enables a Command Injection on the host when an attacker with network access and low privileges can exploit it. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H, indicating...

9.9CVSS5.8AI score0.00807EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/07/02 2:49 p.m.6 views

EUVD-2026-41381

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances...

8.6CVSS5.8AI score0.00457EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:49 p.m.13 views

CVE-2026-54403

The CVE-2026-54403 entry concerns a Path Traversal vulnerability in UniFi OS devices. The issue allows an attacker with network access to bypass authentication on affected UniFi OS devices/instances by exploiting path traversal. The provided sources describe the vulnerability but do not specify a...

8.6CVSS5.8AI score0.00457EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.40 views

CVE-2026-54403

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances...

8.6CVSS0.00457EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/07/02 2:0 p.m.26 views

Microsoft Azure Synapse Elevation of Privilege Vulnerability

Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network...

9.8CVSS5.8AI score0.00359EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.8 views

PT-2026-55245

Name of the Vulnerable Software and Affected Versions UniFi Protect Application affected versions not specified Description An Improper Initialization issue exists in the UniFi Protect Application. A malicious actor with network access could exploit this flaw under certain conditions to bypass...

8.1CVSS6.1AI score0.00254EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14092

Insufficient policy enforcement in Privacy in Google Chrome prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via malicious network traffic. Chromium security severity: Low...

4.3CVSS0.00142EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13940

Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. Chromium security severity: Medium...

0.00147EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 7:8 p.m.35 views

CVE-2026-9002 IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...

6.5CVSS0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.8 views

CVE-2026-56115

A flaw was found in dhcpcd. This vulnerability allows an unauthenticated attacker on the same network link to trigger a one-byte stack out-of-bounds write. By sending a specially crafted DHCPv6 ADVERTISE message with an oversized option, the attacker can corrupt adjacent stack memory. This can le...

8.8CVSS5.8AI score0.00307EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.9 views

CVE-2026-56113

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit this vulnerability by sending a specially crafted DHCPv6 RENEW reply. This can lead to a Denial of Service DoS, causing the dhcpcd daemon to crash due to a heap use-after-free vulnerability...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References5
CVE
CVE
added 2026/06/22 12:46 p.m.16 views

CVE-2026-54100

CVE-2026-54100 affects the Windows Machine Config Operator (WMCO) used with Red Hat OpenShift Container Platform. The flaw is that WMCO establishes SSH connections to Windows worker nodes without verifying the remote host key, enabling an adjacent-network attacker who can intercept or redirect WM...

8.3CVSS5.9AI score0.00181EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2026/06/22 12:46 p.m.8 views

CVE-2026-54100

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key. An adjacent-network attacker who can intercept or redirect WMCO's SSH session can capture...

8.3CVSS5.9AI score0.00181EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 1:20 p.m.10 views

CVE-2026-27868

An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat in this case, NO registration action is required who has the vulnerable software could obtain privilege information by using the command Version via the path: /upgrade/query.php?cmd=p+3&3Bversion resulting in a...

6.9CVSS0.00394EPSS
Exploits0References5
Rows per page
Query Builder