Lucene search
K

20 matches found

NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-58127

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...

9.8CVSS0.00985EPSS
Exploits1References3
CVE
CVE
added 2026/07/01 2:41 p.m.14 views

CVE-2026-58127

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 (PacsgearMediaServerEngine.dll) with ObjectURIs RemoteObj and UIRemoteObj and no authentication. An unauthenticated attacker can exploit MarshalByRefObject unmarshalling and implement .NET WebClient methods to read/write ...

9.8CVSS6.5AI score0.00985EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:50 p.m.24 views

CVE-2026-56413 OS Command Injection in StoneFly Storage Concentrator

Storage Concentrator SC & SCVM contains a command injection vulnerability in the msservice.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a...

10CVSS0.03081EPSS
Exploits0References3
NVD
NVD
added 2026/05/29 9:16 a.m.14 views

CVE-2026-49195

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.8CVSS0.00215EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 8:2 a.m.11 views

CVE-2026-49195

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.7CVSS6.1AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 8:2 a.m.19 views

EUVD-2026-33261

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.7CVSS6.1AI score0.00215EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 8:2 a.m.24 views

CVE-2026-49195

The CVE CVE-2026-49195 affects Predator Connect W6x devices, where the /sbin/mtk_dut binary is exposed on TCP port 9000 with no authentication. This unauthenticated debug service allows any LAN-based attacker to execute arbitrary UCC commands. The associated CVSS v4.0 metrics indicate high impact...

8.8CVSS6.1AI score0.00215EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/10 8:22 p.m.6 views

CVE-2025-35051

Newforma Project Center Server NPCS accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. According to the recommended architecture, the vulnerable NPCS...

9.8CVSS8AI score0.00789EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-47118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issu...

9.8CVSS7.9AI score0.00462EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:18 a.m.5 views

CVE-2023-23453

Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000...

9.8CVSS8.4AI score0.01098EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:58 p.m.5 views

CVE-2021-20108

Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 for incoming commands over HTTPS from Manage Engine Server. The HTTPS certificates are not verified which allows any arbitrary user on the network to send commands over port 9000. While these commands may not be executed due to...

7.5CVSS7.2AI score0.02962EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/22 12:0 a.m.5 views

ClickHouse Security Breach

ClickHouse is ClickHouse's fastest and most resource-efficient open source database for real-time applications and analytics. A security vulnerability exists in ClickHouse that originates from an attacker being able to send a specially crafted payload to the publicly available native interface on...

7.5CVSS6.6AI score0.00495EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/26 12:0 a.m.4 views

PT-2023-30912 · Unknown +1 · Gorilla Codec +2

Name of the Vulnerable Software and Affected Versions: ClickHouse versions 23.3.18.15, 23.8.8.20, 23.9.6.20, 23.10.5.20 ClickHouse Cloud version 23.9.2.47551 Description: A heap buffer overflow issue was discovered in the ClickHouse server, allowing an attacker to send a specially crafted payload...

7.5CVSS7.7AI score0.00495EPSS
Exploits0References13
ClickHouse
ClickHouse
added 2023/11/26 12:0 a.m.14 views

CVE-2023-47118

A heap buffer overflow vulnerability affecting the native interface running by default on port 9000/tcp. An attacker, by triggering a bug in the T64 compression codec, can cause the ClickHouse server process to crash. This vulnerability can be exploited without the need to authenticate. Fix has...

9.8CVSS5.8AI score0.00462EPSS
Exploits0
OSV
OSV
added 2023/02/20 11:15 p.m.5 views

CVE-2023-23452

Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000...

9.8CVSS7.9AI score0.01098EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/20 12:0 a.m.4 views

SICK FX0-GPNT 访问控制错误漏洞

The SICK FX0-GPNT00000 is a safety control module from SICK with a built-in Ethernet switch. A security vulnerability exists in the SICK FX0-GPNT v3 Firmware version V3.04, V3.05, which stems from a lack of authentication for critical functions. The vulnerability can be exploited by an attacker t...

9.8CVSS9.4AI score0.01098EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/20 12:0 a.m.5 views

SICK FX0-GENT 访问控制错误漏洞

The SICK FX0-GENT is a safety system for AGVs and AMRs from SICK Germany. A security vulnerability exists in SICK FX0-GENT v3 Firmware version V3.04, V3.05, which stems from a lack of authentication for critical functions. An attacker can exploit this vulnerability to achieve arbitrary remote cod...

9.8CVSS9.4AI score0.01098EPSS
Exploits0References2
Gitee
Gitee
added 2021/03/06 4:46 p.m.4 views

thorn-linux

This is a Debian-based research and development platform for information security called Thorn Linux. It is designed to keep users up to date with the latest cybersecurity news while providing a hardened and anonymized penetration-testing environment. The platform includes a highly customized...

6.7AI score
Exploits0
CNVD
CNVD
added 2020/03/23 12:0 a.m.1 views

Multiple Swann Product Injection Vulnerabilities

The Swann DVR04B and others are a digital video recorder from Swann USA. An injection vulnerability exists in the raysharpdvr application in several Swann products, which can be exploited by remote attackers to execute arbitrary code via TCP port 9000...

9.8CVSS8.3AI score0.02719EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.14 views

The vulnerability of the Zhuhai RaySharp video surveillance software allows a intruder to gain access to protected information.

The software of the video surveillance device Zhuhai RaySharp has a default root user password. Exploiting this vulnerability allows a malicious actor to gain access to protected information via the TCP port 23 or 9000...

10CVSS7.7AI score0.04563EPSS
Exploits1References8
Rows per page
Query Builder