Lucene search
K

78 matches found

Cvelist
Cvelist
added yesterday22 views

CVE-2026-58127 PACSgear MediaWriter 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...

9.8CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-58127

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...

9.8CVSS6.5AI score
Exploits0References4Affected Software1
EUVD
EUVD
added yesterday7 views

EUVD-2026-40845

Storage Concentrator SC & SCVM contains a command injection vulnerability in the msservice.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a...

10CVSS6.2AI score0.03081EPSS
Exploits0References4
CVE
CVE
added 2 days ago7 views

CVE-2026-56413

CVE-2026-56413 affects StoneFly Storage Concentrator (SC & SCVM). The ms_service.pl component listening on TCP port 9000 is vulnerable to command injection. An unauthenticated remote attacker can send a specially crafted network packet that is processed without proper sanitization, enabling arbit...

10CVSS6.2AI score0.03081EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-54437

Name of the Vulnerable Software and Affected Versions Storage Concentrator SC & SCVM affected versions not specified Description Command injection exists in the ms service.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An...

10CVSS6.2AI score0.03081EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-49195

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.8CVSS5.8AI score0.00215EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 8:2 a.m.12 views

CVE-2026-49195 Predator Connect W6x: unauthenticated Debug Service

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.7CVSS6.1AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 8:2 a.m.33 views

CVE-2026-49195 Predator Connect W6x: unauthenticated Debug Service

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.7CVSS0.00215EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44765

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated debug service is exposed on TCP port 9000. This allows a LAN-based attacker to execute arbitrary UCC commands via the '/sbin/mtk dut' binary...

8.8CVSS6AI score0.00215EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/19 1:28 p.m.5 views

CVE-2026-1435

Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new 'sessionId' each time a user authenticates, but does not invalidate previously issued session identifiers,...

9.8CVSS5.5AI score0.00367EPSS
Exploits0References1
OSV
OSV
added 2026/02/18 2:16 p.m.6 views

CVE-2026-1435

Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new 'sessionId' each time a user authenticates, but does not invalidate previously issued session identifiers,...

9.8CVSS5.6AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/18 1:8 p.m.5 views

CVE-2026-1435 Incorrect management of session invalidation vulnerability in Graylog Web Interface

Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new 'sessionId' each time a user authenticates, but does not invalidate previously issued session identifiers,...

9.3CVSS5.5AI score0.00367EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/18 1:8 p.m.25 views

CVE-2026-1435 Incorrect management of session invalidation vulnerability in Graylog Web Interface

Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new 'sessionId' each time a user authenticates, but does not invalidate previously issued session identifiers,...

9.3CVSS0.00367EPSS
Exploits0References1
CVE
CVE
added 2026/02/18 1:8 p.m.10 views

CVE-2026-1435

CVE-2026-1435 affects Graylog Web Interface 2.2.3. The root cause is improper session invalidation: a new sessionId is issued on authentication, but previously issued session identifiers remain valid. This allows use of an old session token to authenticate requests even after multiple logins by t...

9.8CVSS5.5AI score0.00367EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-7245

Malware in sbrugna...

9.8CVSS9.2AI score0.02719EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-27553

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01098EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-27552

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01098EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-51261

Malicious code in bioql PyPI...

9.8CVSS8.6AI score0.00462EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-48704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issu...

7.5CVSS7.5AI score0.00495EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2015-10141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. Wh...

9.3CVSS6.2AI score0.0503EPSS
Exploits1References3
Rows per page
Query Builder