Lucene search
K

136 matches found

ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-40141

A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters. Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to acces...

9.9CVSS6AI score0.00407EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-40140 High-Severity Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting...

8.7CVSS0.0063EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2 days ago6 views

CVE-2026-40140 High-Severity Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting...

8.7CVSS6AI score0.0063EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41888

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting...

8.7CVSS6AI score0.0063EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-40140

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting...

8.7CVSS6AI score0.0063EPSS
Exploits0References2
CVE
CVE
added 2 days ago22 views

CVE-2026-40140

BeyondTrust Remote Support and Privileged Remote Access are affected by CVE-2026-40140, a pre-authentication vulnerability in the network communication subsystem. The issue stems from insufficient validation of client-supplied input, enabling an unauthenticated remote attacker to trigger a denial...

8.7CVSS6AI score0.0063EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2 days ago37 views

CVE-2026-40138 Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance...

9.2CVSS0.0042EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-55950

Name of the Vulnerable Software and Affected Versions BeyondTrust Remote Support and Privileged Remote Access versions prior to 26.2.1 BeyondTrust Remote Support and Privileged Remote Access versions prior to 25.3.3 Description A critical pre-authentication flaw exists in the authentication...

9.2CVSS6.2AI score0.0042EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-55952

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting...

8.7CVSS6AI score0.0063EPSS
Exploits0References4
NVD
NVD
added 2026/06/12 10:16 a.m.14 views

CVE-2026-11844

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...

6.9CVSS0.00407EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:27 a.m.32 views

CVE-2026-11845 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - OS Command Injection

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device...

8.6CVSS0.00951EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:12 a.m.36 views

CVE-2026-11844 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Read

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...

6.9CVSS0.00407EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 9:12 a.m.10 views

EUVD-2026-36404

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...

6.9CVSS5.4AI score0.00407EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-48840

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device...

8.6CVSS5.8AI score0.00951EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48839

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Arbitrary File Read vulnerability, allowing privileged remote attackers to access files outside the intended directory scope...

6.9CVSS5.3AI score0.00407EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.10 views

CVE-2026-10057

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.5AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.9 views

CVE-2026-10058

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.5AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.9 views

CVE-2026-40838

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDeviceScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 9:16 a.m.13 views

CVE-2026-10057

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS0.00176EPSS
Exploits0References2
NVD
NVD
added 2026/05/29 9:16 a.m.14 views

CVE-2026-10058

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS0.00176EPSS
Exploits0References2
Rows per page
Query Builder