Lucene search
+L

446 matches found

NVD
NVD
added 2026/01/22 10:16 p.m.8 views

CVE-2026-1201

An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...

9.4CVSS0.00465EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/22 9:52 p.m.11 views

CVE-2026-1201 Authorization Bypass Through User-Controlled Key in Hubitat Elevation Hubs

An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...

9.4CVSS5.6AI score0.00465EPSS
Exploits0References2
CVE
CVE
added 2026/01/22 9:52 p.m.26 views

CVE-2026-1201

CVE-2026-1201 affects Hubitat Elevation hubs (pre-2.4.2.157). Root cause: an authorization bypass via user-controlled key that enables a remote authenticated user to manipulate client-side requests and control devices outside their authorized scope. Public documents from Red Hat and PT Security c...

9.4CVSS5.6AI score0.00465EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/22 9:52 p.m.26 views

CVE-2026-1201 Authorization Bypass Through User-Controlled Key in Hubitat Elevation Hubs

An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...

9.4CVSS0.00465EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.16 views

PT-2026-4286

Name of the Vulnerable Software and Affected Versions Hubitat Elevation versions prior to 2.4.2.157 Description A flaw exists in Hubitat Elevation home automation controllers that allows a remote authenticated user to control connected devices outside of their authorized scope. This is possible...

9.4CVSS5.3AI score0.00465EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.4 views

Synology Router Manager 路径遍历漏洞

Synology Router Manager SRM is a software used to configure and manage Synology routers from China-based Synology. A path traversal vulnerability exists in Synology Router Manager SRM, which originates from a remote authenticated user being able to obtain the status of an installed package...

7.2CVSS6.5AI score0.00627EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.6 views

Synology Router Manager 路径遍历漏洞

Synology Router Manager SRM is a software used to configure and manage Synology routers from China-based Synology. A path traversal vulnerability exists in Synology Router Manager SRM, which originates from a remote authenticated user being able to read .srt files...

4.3CVSS6.5AI score0.00422EPSS
Exploits0References1
OSV
OSV
added 2025/11/17 8:15 p.m.5 views

CVE-2025-36357

IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system...

8CVSS5.9AI score0.0077EPSS
Exploits0References1
NVD
NVD
added 2025/11/17 8:15 p.m.9 views

CVE-2025-36357

IBM Planning Analytics Local 2.1.0 through 2.1.14 could allow a remote authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing absolute path sequences to view, read, or write arbitrary files on the system...

8CVSS0.0077EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

HP Integrated Lights-Out Denial of Service (CVE-2015-5435)

Unspecified vulnerability in HP Integrated Lights-Out iLO firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

4CVSS5.5AI score0.02376EPSS
Exploits0References4
OSV
OSV
added 2025/11/07 4:15 p.m.4 views

CVE-2025-47207

A NULL pointer dereference vulnerability has been reported to affect several product versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Statio...

6.5CVSS5.8AI score0.00332EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-26504

Malware in sbrugna...

9.1CVSS9.2AI score0.02345EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-0989

Malware in sbrugna...

4CVSS6.4AI score0.01857EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2011-0715

Malware in sbrugna...

3.5CVSS6AI score0.02669EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3426

Malware in sbrugna...

8.8CVSS8.8AI score0.04582EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-2480

Malware in sbrugna...

6.5CVSS6AI score0.01355EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-11883

Malware in sbrugna...

6.5CVSS6.6AI score0.01602EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2009-2073

Malware in sbrugna...

4CVSS6.4AI score0.00992EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-3759

Malware in sbrugna...

4CVSS6AI score0.02347EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2005-1494

Malware in sbrugna...

4.6CVSS6.4AI score0.00578EPSS
Exploits0References4
Rows per page
Query Builder