Lucene search
K

953071 matches found

Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50969

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow exists in the '/goform/AdvSetMacMtuWan' endpoint. This issue occurs when processing the wanSpeed parameter, which can lead to remote arbitrary code execution. Recommendations At...

9.8CVSS6.4AI score0.00561EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.12 views

PT-2026-51102

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.9.2 Description An issue exists in components based on BaseFileComponent, including Docling DoclingInlineComponent, Docling Serve DoclingRemoteComponent, Read File FileComponent, NVIDIA Retriever Extraction...

9.6CVSS6.7AI score0.00411EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50888

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An untrusted pointer dereference exists in the sideband streaming API. This issue allows an attacker to trigger an arbitrary memory dereference, which could lead to remote code execution...

9.8CVSS6.3AI score0.00549EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-50874

Name of the Vulnerable Software and Affected Versions JetBrains GoLand versions prior to 2026.1.3 Description Remote code execution is possible through the use of untrusted project configuration. Recommendations Update JetBrains GoLand to version 2026.1.3 or later...

8.8CVSS6.3AI score0.00253EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.10 views

PT-2026-51047

Name of the Vulnerable Software and Affected Versions py7zr version 1.1.0 Description An arbitrary file write issue exists when using the extractall function to extract an archive. The software fails to properly restrict the targets of symbolic links, allowing crafted malicious symbolic link chai...

8CVSS6.3AI score0.00404EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50829

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP affected versions not specified Description An Expected Behavior Violation allows a remote attacker to cause a denial-of-service DoS condition. By continuously...

8.7CVSS5.9AI score0.00367EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-50999

Name of the Vulnerable Software and Affected Versions PhpWeasyPrint versions prior to 2.6.0 Description PhpWeasyPrint is a PHP library used for generating PDFs from HTML pages or URLs. The software uses a case-sensitive blacklist to protect output filenames against the phar:// stream wrapper...

8.1CVSS6.2AI score0.00555EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50913

Name of the Vulnerable Software and Affected Versions Matrix42 Remote Control Host version 3.20.0031 Description An unquoted service path issue exists in the FastViewerRemoteService and FastViewerRemoteProxy services. This allows local users to execute arbitrary code with SYSTEM privileges by...

8.5CVSS6.1AI score0.00119EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/19 12:0 a.m.6 views

EUVD-2026-38052

In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...

6.5AI score0.00561EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 12:0 a.m.27 views

CVE-2026-51846

In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...

0.00561EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-50926

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA Remote Direct Memory Access component during the rereg mr process. When IB MR REREG ACCESS changes from read-only RO to read-write RW, the umem user memory mu...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50907

Name of the Vulnerable Software and Affected Versions Iperius Remote version 1.7.0 Description An unquoted service path issue exists where the service installation path is not enclosed in quotes. This allows local users to execute arbitrary code with SYSTEM privileges. If the software is installe...

8.5CVSS6.1AI score0.00122EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.8 views

Python Library yt-dlp < 2026.6.9 Multiple Vulnerabilities

The detected version of the yt-dlp Python package is prior to 2026.6.9. It is, therefore, affected by multiple vulnerabilities: - A vulnerability exists in yt-dlp that allows a remote attacker to write arbitrary OS-shortcut files such as .desktop, .url, .webloc to the user's filesystem, bypassing...

9.6CVSS6.6AI score0.00555EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.6 views

Lexmark Printers Improper Access Control (CVE-2019-10058)

Various Lexmark products have Incorrect Access Control. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505497; scriptversion"1.3";...

9.1CVSS7.3AI score0.01082EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.10 views

Dell iDRAC Tools < 11.4.1.0 Improper Link Resolution (DSA-2026-239)

According to its self-reported version, the Dell iDRAC Tools installation on the remote host is affected by a link following vulnerability. Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attack...

6CVSS6AI score0.00095EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50978

Name of the Vulnerable Software and Affected Versions Tilt versions 0.19.5 through 0.37.3 Description The Tilt HUD server mounts Go's net/http/pprof handlers under the '/debug' endpoint without access control. When the HUD is network-exposed, an unauthenticated caller can read process memory via...

8.3CVSS6AI score
Exploits0References6
CVE
CVE
added 2026/06/19 12:0 a.m.13 views

CVE-2026-51846

CVE-2026-51846 affects Tenda AC7 v15.03.06.44. The vulnerability is a stack buffer overflow in the WAN speed parameter (wanSpeed) of the /goform/AdvSetMacMtuWan route, leading to remote arbitrary code execution. Affected component is the WAN configuration endpoint; root cause is improper handling...

9.8CVSS6.5AI score0.00561EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50835

Name of the Vulnerable Software and Affected Versions Canonical MicroCeph versions from the squid and tentacle track Description A path traversal issue exists in the remote-import API. Users possessing a join token or a trusted cluster mTLS certificate, such as enrolled cluster members, can...

5CVSS5.9AI score0.00208EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50846

Name of the Vulnerable Software and Affected Versions Avada Fusion Builder versions prior to 3.15.4 Description The Avada Fusion Builder plugin for WordPress allows unauthenticated attackers to delete arbitrary files on the server due to insufficient file path validation in the maybe delete files...

9.1CVSS6.7AI score0.01193EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.10 views

PT-2026-50984

Name of the Vulnerable Software and Affected Versions libaom affected versions not specified Description Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to provide crafted video frame pixels that overlap with internal encoder layer...

7.1CVSS6AI score0.00399EPSS
Exploits0References9
Rows per page
Query Builder