Lucene search
+L

24 matches found

NVD
NVD
added 5 days ago4 views

CVE-2026-22095

The network diagnosis endpoint on the web server at port 8090 is vulnerable to command injection...

9.3CVSS0.00976EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-22103

The NPC start endpoint on the web server at port 8090 is vulnerable to command injection...

9.3CVSS0.0131EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-22096

The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints...

9.3CVSS0.00422EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-22103 Command injection in NPC start web endpoint

The NPC start endpoint on the web server at port 8090 is vulnerable to command injection...

9.3CVSS0.0131EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-22103

CVE-2026-22103 : The NPC start endpoint on the web server listening at port 8090 is vulnerable to command injection. The public CVSS v4.0 metrics indicate a base score of 9.3 (CRITICAL) with network attack vector, low attack complexity, no privileges required, and no user interaction. Impacts are...

9.3CVSS6.1AI score0.0131EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 5 days ago5 views

CVE-2026-22103 Command injection in NPC start web endpoint

The NPC start endpoint on the web server at port 8090 is vulnerable to command injection...

9.3CVSS6.1AI score0.0131EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 5 days ago4 views

CVE-2026-22096 Missing authentication for webserver endpoints

The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints...

9.3CVSS6.1AI score0.00422EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-22096 Missing authentication for webserver endpoints

The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints...

9.3CVSS0.00422EPSS
Exploits0References1
CVE
CVE
added 5 days ago9 views

CVE-2026-22096

CVE-2026-22096 concerns a webserver running on port 8090 that does not require authentication, enabling sensitive information leakage (e.g., configured passwords) and file uploads via multiple endpoints. The Connected documents provide the same description across NVD and CVE records, with no vend...

9.3CVSS6.1AI score0.00422EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 5 days ago5 views

CVE-2026-22095 Command injection in diagnosis web endpoint

The network diagnosis endpoint on the web server at port 8090 is vulnerable to command injection...

9.3CVSS6.1AI score0.00976EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-22095 Command injection in diagnosis web endpoint

The network diagnosis endpoint on the web server at port 8090 is vulnerable to command injection...

9.3CVSS0.00976EPSS
Exploits0References1
CVE
CVE
added 5 days ago9 views

CVE-2026-22095

The CVE-2026-22095 entry describes a command injection vulnerability in the network diagnosis endpoint of a web server listening on port 8090. Details from connected sources confirm the affected component is the diagnosis endpoint (web server) and that exploitation would allow command execution w...

9.3CVSS6.1AI score0.00976EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago7 views

PT-2026-57672

Name of the Vulnerable Software and Affected Versions EVbee DC-80 affected versions not specified Description The built-in web server running on port 8090 lacks authentication. This flaw allows unauthorized access to sensitive information, including configured passwords and stored credentials, an...

9.3CVSS6.1AI score0.00422EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/29 9:40 a.m.128 views

Exploit for Improper Input Validation in Alibaba Fastjson

Lab 6-CVE-2017-18349 I. SYSTEM ANALYSIS Attack S...

10CVSS7.5AI score0.3897EPSS
Exploits2
GithubExploit
GithubExploit
added 2022/07/23 2:38 p.m.347 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 A remote attacker can construct OGNL expressi...

9.8CVSS7.5AI score0.99999EPSS
Exploits76
Veracode
Veracode
added 2020/08/06 4:43 a.m.20 views

Denial Of Service (DoS)

github.com/projectcontour/contour is vulnerable to denial of service DoS. The vulnerability exists as there is a lack of authentication to perform GET requests to the unsafe /shutdown endpoint on port 8090, allowing an attacke rto remove Envoy from the routing pool...

7.5CVSS3.9AI score0.01375EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2020/08/05 8:15 p.m.4 views

CVE-2020-15127

In Contour Ingress controller for Kubernetes before version 1.7.0, a bad actor can shut down all instances of Envoy, essentially killing the entire ingress data plane. GET requests to /shutdown on port 8090 of the Envoy pod initiate Envoy's shutdown procedure. The shutdown procedure includes...

7.5CVSS7.5AI score0.01375EPSS
Exploits0References2
OSV
OSV
added 2019/12/12 7:15 p.m.5 views

CVE-2019-18333

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. An attacker with network access to the Application Server could gain access to filenames on the server by sending specifically crafted packets to 8090/tcp. Please note that an attacker needs t...

5.3CVSS6AI score0.01025EPSS
Exploits0References1
OSV
OSV
added 2019/12/12 7:15 p.m.7 views

CVE-2019-18334

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. An attacker with network access to the Application Server could be able to enumerate valid user names by sending specifically crafted packets to 8090/tcp. Please note that an attacker needs to...

5.3CVSS6AI score0.01025EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/11 12:0 a.m.6 views

Siemens SPPA-T3000 Information Disclosure Vulnerability (CNVD-2019-44784)

The SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. An information disclosure vulnerability exists in the Siemens SPPA-T3000. An attacker with network access to the application server could enumerate valid user names by sendi...

5.3CVSS6.3AI score0.01025EPSS
Exploits0References1
Rows per page
Query Builder