Lucene search
K

360 matches found

Vulnrichment
Vulnrichment
added 2026/01/29 8:43 a.m.3 views

CVE-2026-23564 Transmission of Unencrypted Data in Content Distribution Service

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...

6.5CVSS5.9AI score0.00134EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.23 views

OctoPrint security vulnerabilities

OctoPrint is an open-source application developed by OctoPrint. It provides a quick web interface for controlling consumer-grade 3D printers. Versions of OctoPrint prior to 1.11.5 have security vulnerabilities. These vulnerabilities stem from the use of character-based comparisons in API key...

6CVSS5.8AI score0.00475EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/23 3:28 a.m.3 views

CVE-2026-0767 Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability

Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw...

5.3CVSS5.5AI score0.00241EPSS
Exploits1References1
OSV
OSV
added 2026/01/23 3:28 a.m.6 views

CVE-2026-0767 Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability

Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw...

5.3CVSS6.4AI score0.00241EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.8 views

PT-2026-3791

Name of the Vulnerable Software and Affected Versions TP-Link Archer C20 versions prior to V6 251031 TP-Link Archer AX53 version prior to V1 251215 Description A logic issue exists in the TDDP module of TP-Link Archer C20 v6.0 and Archer AX53 v1.0. An unauthenticated attacker on an adjacent netwo...

8CVSS5.4AI score0.00401EPSS
Exploits0References10
OSV
OSV
added 2026/01/20 10:15 p.m.9 views

AZL-74943 CVE-2026-21968 affecting package mysql for versions less than 8.0.45-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

6.5CVSS5.7AI score0.00257EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.7 views

B&R Automation Runtime security vulnerabilities

B&R Automation Runtime is an automation runtime provided by B&R Automation Inc. Versions prior to B&R Automation Runtime 6.5 and R4.93 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation or throttling in the ANSL-server component, which could allow...

8.9CVSS5.8AI score0.00313EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/17 12:23 a.m.9 views

CVE-2025-14233

Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02...

9.8CVSS7.7AI score0.00765EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

Canon’s various products have security vulnerabilities

Canon ImageRunner is a product of the Japanese company Canon. Canon ImageRunner is a series of all-in-one black-and-white printers. Canon imagePROGRAF is a large-format printer. Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunctional printer. Several Canon products have...

9.8CVSS7.5AI score0.00765EPSS
Exploits0References4
CVE
CVE
added 2026/01/15 11:38 p.m.15 views

CVE-2025-14235

Canon Small Office Multifunction Printers and Laser Printers are affected by CVE-2025-14235 due to a buffer overflow in XPS font fpgm data processing. A remote attacker on the network could trigger a crash or arbitrary code execution. Affected firmware: v06.02 and earlier across listed models (Ja...

9.8CVSS7.4AI score0.0083EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/14 4:23 p.m.6 views

CVE-2026-0408

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI...

8.6CVSS7.1AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/14 4:23 p.m.5 views

CVE-2026-0406

An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...

8.6CVSS7.3AI score0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/13 4:0 p.m.5 views

CVE-2026-0406 Insufficient input validation in NETGEAR Nighthawk router XR1000v2

An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...

8.6CVSS6.8AI score0.00221EPSS
Exploits0References2
CVE
CVE
added 2026/01/09 11:5 a.m.23 views

CVE-2026-22080

CVE-2026-22080 affects Tenda 300Mbps Wireless Router F3 and N300 Easy Setup Router. The root cause is credentials transmitted with reversible Base64 encoding via the web-based management interface. An attacker on the same network can intercept traffic to capture the Base64-encoded credentials, po...

8.7CVSS6.4AI score0.00106EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/09 11:2 a.m.29 views

CVE-2026-22079 Cleartext Transmission Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based administrative interface. An attacker on the same network cou...

8.7CVSS0.00106EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:39 a.m.4 views

CVE-2017-12736

After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...

8.8CVSS7.2AI score0.00999EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/23 11:31 a.m.3 views

CVE-2025-59886

Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...

8.8CVSS6.4AI score0.00278EPSS
Exploits1References1
CVE
CVE
added 2025/12/13 8:16 a.m.28 views

CVE-2025-36751

CVE-2025-36751 affects Growatt ShineLan-X and MIC 3300TL-X. The root cause is missing encryption on the configuration interface, enabling an attacker with network access to intercept and potentially manipulate the communication between the inverter and its cloud endpoint. The available connected ...

9.4CVSS6.4AI score0.00067EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 5:55 p.m.15 views

EUVD-2025-202237

User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

5.3CVSS6AI score0.00836EPSS
Exploits0References2
OSV
OSV
added 2025/12/09 4:17 p.m.4 views

CVE-2025-40941

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks...

4.3CVSS5.7AI score0.00246EPSS
Exploits0References1
Rows per page
Query Builder