Lucene search
K

936 matches found

Cvelist
Cvelist
added 2026/03/27 7:41 p.m.23 views

CVE-2026-34205 Home Assistant: Unauthenticated App (Add-on) Endpoints Exposed to Local Network via Host Network Mode

Home Assistant is open source home automation software that puts local control and privacy first. Home Assistant apps formerly add-ons configured with host network mode expose unauthenticated endpoints bound to the internal Docker bridge interface to the local network. On Linux, this configuratio...

9.6CVSS0.00256EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/27 7:41 p.m.3 views

EUVD-2026-16793

Home Assistant is open source home automation software that puts local control and privacy first. Home Assistant apps formerly add-ons configured with host network mode expose unauthenticated endpoints bound to the internal Docker bridge interface to the local network. On Linux, this configuratio...

9.6CVSS5.9AI score0.00256EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.11 views

Secure and Energy-Efficient Wireless Agentic AI Networks

In this paper, we introduce a secure wireless agentic AI network comprising one supervisor AI agent and multiple other AI agents to provision quality of service QoS for users' reasoning tasks while ensuring confidentiality of private knowledge and reasoning outcomes. Specifically, the supervisor ...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/12 12:0 a.m.11 views

When Bots Take the Bait: Exposing and Mitigating the Emerging Social Engineering Attack in Web Automation Agent

Web agents, powered by large language models LLMs, are increasingly deployed to automate complex web interactions. The rise of open-source frameworks e.g., Browser Use, Skyvern-AI has accelerated adoption, but also broadened the attack surface. While prior research has focused on model threats su...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.6 views

CVE-2022-31677

An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor before v0.19.0. A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow...

5.4CVSS6.7AI score0.00381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:19 a.m.9 views

CVE-2019-18251

In Omron CX-Supervisor, Versions 3.5 12 and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit...

8.8CVSS6.8AI score0.01735EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:43 a.m.11 views

CVE-1999-0430

Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload...

5CVSS7AI score0.01823EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.8 views

CVE-2019-12105

In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inethttpserver, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. The...

8.2CVSS6.7AI score0.02283EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-20429

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock situation can occur in the Linux kernel related to tracing and System Call Interface SBI Extended Call ECALL functionality on RISC-V systems. Specifically, if functions within...

5.5CVSS6.1AI score0.0008EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2025/12/18 1:44 p.m.3 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

9.8CVSS6.7AI score0.00268EPSS
Exploits0References1
OSV
OSV
added 2025/12/17 9:16 p.m.3 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

9.8CVSS5.8AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 2025/12/17 9:16 p.m.5 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

9.8CVSS0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.26 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.4 views

CVE-2025-67793

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role through an API call. This privilege is included by default in the...

6.4AI score0.00268EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.6 views

PT-2025-51919

Name of the Vulnerable Software and Affected Versions DriveLock versions 24.1 through 24.1. DriveLock versions 24.2 through 24.2. DriveLock versions 25.1 through 25.1.5 Description A flaw exists in DriveLock where users possessing the "Manage roles and permissions" privilege can elevate their own...

9.8CVSS6.5AI score0.00268EPSS
Exploits0References5
CVE
CVE
added 2025/12/17 12:0 a.m.11 views

CVE-2025-67793

DriveLock vulnerable to privilege escalation where users with the "Manage roles and permissions" privilege can promote themselves or other DOC users to the Supervisor role via an API call. Affected versions include 24.1 through 24.1., 24.2 through 24.2. , and 25.1 before 25.1.6. The issue is stat...

9.8CVSS6.4AI score0.00268EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.6 views

DriveLock 安全漏洞

DriveLock is an endpoint security and data protection platform from DriveLock Germany. A security vulnerability exists in DriveLock versions 24.1 and prior to 24.1.x, 24.2 and prior to 24.2.x, and 25.1.6 and prior to 25.1.6, which stems from the fact that a user with administrative role and...

9.8CVSS6.7AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/03 2:2 p.m.5 views

CVE-2025-11788

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

9.8CVSS7.3AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2025/12/02 1:15 p.m.5 views

CVE-2025-11788

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

9.8CVSS6.1AI score
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.4 views

CVE-2025-11788

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

9.8CVSS0.00284EPSS
Exploits0References1
Rows per page
Query Builder