Lucene search
K

5938 matches found

NVD
NVD
added yesterday4 views

CVE-2026-22099

The charging station does not require authentication for Bluetooth commands to perform actions. The functionality exposed includes sensitive information leakage, triggering reboots, or pushing a firmware update URL...

8.7CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-22099

CVE-2026-22099 affects a charging station where Bluetooth commands do not require authentication. This leads to exposure of sensitive information, potential reboot triggering, and the ability to push a firmware update URL via Bluetooth. The issue is described with high impact on confidentiality, ...

8.7CVSS6.1AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday22 views

CVE-2026-22099 Missing authentication for Bluetooth communication

The charging station does not require authentication for Bluetooth commands to perform actions. The functionality exposed includes sensitive information leakage, triggering reboots, or pushing a firmware update URL...

8.7CVSS0.00247EPSS
Exploits0References1
Metasploit
Metasploit
added 4 days ago14 views

FTP Fetch, Linux Reboot

Fetch and execute an MIPSBE payload from an FTP server. A very small shellcode for rebooting the system. This payload is sometimes helpful for testing purposes or executing other payloads that rely on initial startup procedures. Requires CAPSYSBOOT privileges. Module Options msf use...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago15 views

FTP Fetch, Linux Reboot

Fetch and execute an MIPSLE payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/ftp/mipsle/reboot msf payloadreboot sh...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago12 views

FTP Fetch, Linux Reboot

Fetch and execute an RISC-V 64-bit payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/ftp/riscv64le/reboot msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago14 views

FTP Fetch, Linux Reboot

Fetch and execute an RISC-V 32-bit payload from an FTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/ftp/riscv32le/reboot msf...

6.2AI score
Exploits0
NVD
NVD
added 4 days ago7 views

CVE-2026-38057

The iDirect iQ200 does not validate CSRF tokens on state-changing API endpoints after authentication. The /api/reboot endpoint accepts POST requests authenticated solely by a session cookie that lacks the SameSite attribute. A remote attacker can host a malicious web page that, when visited by an...

8.1CVSS0.00308EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago9 views

EUVD-2026-42907

The iDirect iQ200 does not validate CSRF tokens on state-changing API endpoints after authentication. The /api/reboot endpoint accepts POST requests authenticated solely by a session cookie that lacks the SameSite attribute. A remote attacker can host a malicious web page that, when visited by an...

8.1CVSS6.1AI score0.00308EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-38057 ST Engineering iDirect iQ-Series Terminals Cross-Site request forgery

The iDirect iQ200 does not validate CSRF tokens on state-changing API endpoints after authentication. The /api/reboot endpoint accepts POST requests authenticated solely by a session cookie that lacks the SameSite attribute. A remote attacker can host a malicious web page that, when visited by an...

8.1CVSS0.00308EPSS
Exploits0References3
CVE
CVE
added 4 days ago11 views

CVE-2026-38057

The CVE-2026-38057 entry affects the iDirect iQ200 series. The issue is CSRF on state-changing API endpoints, specifically the /api/reboot POST endpoint, which accepts requests authenticated only by a session cookie that lacks the SameSite attribute. A remote attacker can lure an authenticated ad...

8.1CVSS6.1AI score0.00308EPSS
Exploits0References3
Amazon
Amazon
added 4 days ago4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter CVE-2026-43499 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about...

7.8CVSS6.6AI score0.00125EPSS
Exploits12
Amazon
Amazon
added 4 days ago4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter CVE-2026-43499 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about...

7.8CVSS6.6AI score0.00125EPSS
Exploits12
Amazon
Amazon
added 4 days ago5 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter CVE-2026-43499 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about...

7.8CVSS6.6AI score0.00125EPSS
Exploits12
Amazon
Amazon
added 4 days ago4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter CVE-2026-43499 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

7.8CVSS6.6AI score0.00125EPSS
Exploits12
NVD
NVD
added 5 days ago7 views

CVE-2026-33794

An Improper Check for Unusual or Exceptional Conditions vulnerability in the advanced forwarding toolkit evo-aftmand of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated network-based attacker generating continuous routing updates, resulting in unilist ECMP routes, to cras...

8.2CVSS0.00405EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-57024 Junos OS: MX with SPC3, SRX Series: Repeated VPN negotiation failures will eventually cause iked to crash continuously

A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On an MX with SPC3 and SRX devices configured for VPN service,...

6.9CVSS0.00417EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:36 p.m.18 views

CVE-2026-58454

Affected product : JAIOTlink C492A-W6 Wi‑Fi IP cameras running firmware 4.8.30.57701411. Vulnerability : remote code execution via the authenticated /Anyka/config HTTP endpoint. Root cause / vector : attackers with authentication can write to writable persistent JFFS2 storage, stage a malicious s...

7.7CVSS6.6AI score0.00523EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 3:36 p.m.9 views

EUVD-2026-41050

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...

7.7CVSS6.6AI score0.00523EPSS
Exploits0References3
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

TP-Link TL-WR841N Web interface stack buffer overflow vulnerability

The TP-Link TL-WR841N v14 is a wireless router produced by the Chinese company TP-Link. The TP-Link TL-WR841N v14 has a stack buffer overflow vulnerability in its web interface. This vulnerability arises from improper handling of specially crafted HTTP requests, leading to a buffer overflow...

6.8CVSS6.4AI score0.00554EPSS
Exploits0
Rows per page
Query Builder