Lucene search
K

1017 matches found

Nuclei
Nuclei
added last week37 views

Zoho manageengine - Cross-Site Scripting

Zoho manageengine is vulnerable to reflected cross-site scripting. This impacts Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 via the...

6.1CVSS6.1AI score0.98463EPSS
Exploits3References4
NVD
NVD
added 2026/07/01 5:16 p.m.9 views

CVE-2026-58453

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...

9.8CVSS0.0169EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 3:33 p.m.6 views

EUVD-2026-41049

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...

9.8CVSS5.8AI score0.0169EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 3:33 p.m.20 views

CVE-2026-58453

JAIOTlink C492A-W6 Wi‑Fi IP cameras (firmware 4.8.30.57701411) are affected by CVE-2026-58453 due to hard-coded credentials. An attacker on the network can authenticate to the anyka_ipc HTTP service (port 80) using the default admin username with an empty password, gaining unauthorized access to ...

9.8CVSS5.8AI score0.0169EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51658

Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E affected versions not specified Description The DVRSearch service, which runs by default on UDP port 10001, processes unauthenticated discovery and configuration messages. A stack-based buffer overflow occurs because th...

10CVSS6.7AI score0.00427EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/06/23 2:31 a.m.8 views

SUSE CVE-2025-70102

A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parseoption src/if-options.c:1886, the code performs a member access on a NULL pointer of type 'struct dhcpopt' when an unexpected/invalid option token or parsing state caus...

5.5CVSS5.9AI score0.00169EPSS
Exploits0References3
OSV
OSV
added 2026/06/15 8:16 p.m.8 views

UBUNTU-CVE-2025-70102

A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parseoption src/if-options.c:1886, the code performs a member access on a NULL pointer of type 'struct dhcpopt' when an unexpected/invalid option token or parsing state caus...

6.3CVSS5.9AI score0.00169EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 12:0 a.m.20 views

CVE-2025-70102

CVE-2025-70102 describes a NULL pointer dereference in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 during option parsing (parse_option in src/if-options.c:1886). The issue occurs when a NULL pointer of type struct dhcp_opt is accessed after an unexpected/invalid option token or parsing state y...

6.3CVSS5.4AI score0.00169EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/06/12 12:0 a.m.64 views

📄 FortiSandbox 4.4.7 Authentication Bypass / Command Injection

This Metasploit auxiliary scanner module is designed to collect system and environment information from vulnerable FortiSandbox instances by leveraging two disclosed vulnerabilities: an authentication bypass and a command injection flaw. The module supports multiple collection modes, including...

9.8CVSS5.9AI score0.48668EPSS
Exploits7
Vulnrichment
Vulnrichment
added 2026/06/10 5:10 p.m.9 views

CVE-2026-9151 Command Injection Vulnerability in OpenVPN on Multiple TP-Link Archer Routers

An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to execute arbitrary commands on the device by importing a specially crafted VPN client configuration...

8.5CVSS5.9AI score0.01069EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 5:34 p.m.15 views

Malicious code in morningstar-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18591ac1a5cb5ca3d11e07bde38f230dccc530bb4614d45f9be1f547677a2c9e On npm install, the package's preinstall lifecycle script runs wget against a hardcoded bare-IP HTTP endpoint, passing the output of id, pwd, hostnam...

5.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : NetworkManager (EulerOS-SA-2026-2196)

According to the versions of the NetworkManager packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allow...

3.3CVSS5.5AI score0.00162EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/05 4:9 a.m.28 views

[SECURITY] Fedora 43 Update: cockpit-362-1.fc43

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

8CVSS5.8AI score0.01016EPSS
Exploits0
NVD
NVD
added 2026/06/02 2:16 p.m.16 views

CVE-2019-25717

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration...

5.3CVSS0.00203EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/02 1:42 p.m.11 views

CVE-2019-25717

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration...

5.3CVSS5.8AI score0.00203EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/02 1:42 p.m.10 views

CVE-2019-25717 Dräger Infinity Delta/Kappa Patient Monitors Unauthenticated Log File Disclosure

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration...

5.3CVSS5.8AI score0.00203EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 1:42 p.m.19 views

CVE-2019-25717

CVE-2019-25717 affects Dräger Infinity Delta, Delta XL, and Kappa patient monitors. The vulnerability allows unauthenticated attackers over a network to access exposed log files, exposing device internals, location data, and wired network configuration details. No root cause or remediation detail...

5.3CVSS5.8AI score0.00203EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.13 views

PT-2026-45738

Name of the Vulnerable Software and Affected Versions Dräger Infinity Delta affected versions not specified Dräger Infinity Delta XL affected versions not specified Dräger Infinity Kappa affected versions not specified Description An information disclosure issue allows unauthenticated network...

5.3CVSS5.9AI score0.00203EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.16 views

CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS6.1AI score0.88496EPSS
Exploits4References1
GithubExploit
GithubExploit
added 2026/05/26 6:10 p.m.99 views

Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager

CVE-2026-20182 Cisco Catalyst SD-WAN Peering Authentication By...

10CVSS5.9AI score0.88496EPSS
Exploits4
Rows per page
Query Builder