Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

339 matches found

Nuclei
Nucleiadded yesterday24 views

Seagate NAS OS 4.3.15.1 - Server Information Disclosure

Seagate NAS OS version 4.3.15.1 has insufficient access control which allows attackers to obtain information about the NAS without authentication via empty POST requests in /api/external/7.0/system.System.getinfos. id: CVE-2018-12296 info: name: Seagate NAS OS 4.3.15.1 - Server Information...

7.5CVSS7.1AI score0.73135EPSS
Exploits1References3
Nuclei
Nucleiadded yesterday11 views

Seagate NAS OS 4.3.15.1 - Open Redirect

Seagate NAS OS 4.3.15.1 contains an open redirect vulnerability in echo-server.html, which can allow an attacker to disclose information in the referer header via the state URL parameter. id: CVE-2018-12300 info: name: Seagate NAS OS 4.3.15.1 - Open Redirect author: 0xAkoko severity: medium...

6.1CVSS6.3AI score0.16221EPSS
Exploits1References2
EUVD
EUVDadded yesterday5 views

EUVD-2026-34043

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

4.6CVSS5.8AI score0.00013EPSS
Exploits0References3
NVD
NVDadded 2 days ago3 views

CVE-2026-10718

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

4.6CVSS0.00013EPSS
Exploits0References2
CVE
CVEadded 2 days ago6 views

CVE-2026-10719

CVE-2026-10719 affects Seagate’s openSeaChest/Seachest (v25.05.3). The issue is an out-of-bounds write in openSeaChest’s --showSupportedFormats, permitting writing one extra byte past allocated memory when a malicious NVMe device with a bogus FLBAS value in the namespace is processed. As describe...

1.8CVSS5.8AI score0.00013EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2 days ago3 views

CVE-2026-10719

Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte...

1.8CVSS5.8AI score0.00013EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2 days ago4 views

CVE-2026-10718

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

4.6CVSS5.8AI score0.00013EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2 days ago2 views

CVE-2026-10718 Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

4.6CVSS5.8AI score0.00013EPSS
Exploits0References2
CVE
CVEadded 2 days ago8 views

CVE-2026-10718

CVE-2026-10718 affects Seagate’s openSeaChest (v26.03.0) and is triggered by the Trim/Unmap operation. The root cause is an out-of-bounds write that allows writing extra memory describing a range of LBAs to deallocate, extending 16 bytes outside the allocated space across all supported platforms....

4.6CVSS5.8AI score0.00013EPSS
Exploits0References2
Nuclei
Nucleiadded 6 days ago173 views

Seagate BlackArmor NAS - Command Injection

Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the authname parameter to localhost/backupmgmt/preconnectcheck.php. id: CVE-2014-3206 info: name: Seagate BlackArmor NAS - Command Injection author: gy741...

10CVSS7.7AI score0.92003EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/05/18 12:28 p.m.5 views

CVE-2026-43487

A flaw was found in the Linux kernel's libata-core module. This vulnerability arises from issues with Link Power Management LPM when specific Seagate BarraCuda hard drives e.g., ST1000DM010-2EP102 are connected. This can lead to random system freezes, resulting in a denial of service for the...

5.5CVSS5.8AI score0.00023EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 12:28 p.m.4 views

CVE-2018-12302

Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal session tokens via cross-site scripting...

6.1CVSS6.8AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:27 p.m.6 views

CVE-2018-12304

Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via multiple application metadata fields: Short Description, Publisher Name, Publisher Contact, or Website URL...

6.1CVSS6.8AI score0.0024EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:26 p.m.5 views

CVE-2018-12300

Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter...

6.1CVSS6.6AI score0.16221EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:26 p.m.4 views

CVE-2018-12298

Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path...

7.5CVSS6.7AI score0.00561EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:26 p.m.1 views

CVE-2018-12295

SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands via the dirId URL parameter...

9.8CVSS8.6AI score0.00264EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:25 p.m.2 views

CVE-2018-12299

Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded file names...

5.4CVSS6.8AI score0.00206EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:25 p.m.4 views

CVE-2018-12301

Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost...

7.5CVSS6.9AI score0.00316EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:24 p.m.6 views

CVE-2018-12303

Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via directory names...

5.4CVSS6.8AI score0.00206EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:33 a.m.2 views

CVE-2017-18263

Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url...

7.5CVSS6.9AI score0.05566EPSS
Exploits1References1
Rows per page
Query Builder