Lucene search
K

2753 matches found

Nuclei
Nuclei
added 9 hours ago92 views

CyberPower < v2.8.3 - SQL Injection

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to . id: CVE-2024-32736 info: name: CyberPower PDNU" tags: cve,cve2024,cyberpower,sqli,vkev,vuln http: - method: GET path: - "BaseURL/api/v1/confup?mode=&uid=1'%20UNION%20select%201,2,3,4,sqliteversion;--"...

7.5CVSS7AI score0.05408EPSS
Exploits0References3
Nuclei
Nuclei
added 9 hours ago118 views

CData API Server < 23.4.8844 - Path Traversal

A path traversal vulnerability exists in the Java version of CData API Server 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application. id: CVE-2024-31848 info: name: CData API Server...

9.8CVSS7.1AI score0.08151EPSS
Exploits1References5
NVD
NVD
added yesterday5 views

CVE-2026-51537

EIPStackGroup OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser...

9.1CVSS
Exploits0References2
NVD
NVD
added 4 days ago4 views

CVE-2026-57220

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing an unauthenticated remote client to declare oversized frame length...

7.5CVSS0.00429EPSS
Exploits1References6
CVE
CVE
added 5 days ago41 views

CVE-2026-59726

Affected software: Ruflo, an agent meta-harness for Claude Code and Codex. Vulnerability: unauthenticated access to the MCP bridge endpoints POST /mcp and POST /mcp/:group in the default docker-compose deployment prior to version 3.16.3. Root cause / impact: unauthenticated network attacker could...

10CVSS6AI score0.00442EPSS
Exploits0References4
NVD
NVD
added 5 days ago9 views

CVE-2026-51605

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.991 allows an unauthenticated remote attacker to cause a denial of service via a crafted TEARDOWN request...

7.5CVSS0.0041EPSS
Exploits0References1
NVD
NVD
added 5 days ago8 views

CVE-2026-60109

Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRBERROR message with error-code 25 KDCERRPREAUTHREQUIRED containing a PA-DATA element with padata-type 2, 3,...

8.7CVSS0.00502EPSS
Exploits0References3
CVE
CVE
added 5 days ago12 views

CVE-2026-60109

Zeek

8.7CVSS6AI score0.00502EPSS
Exploits0References3Affected Software1
NVD
NVD
added 5 days ago6 views

CVE-2026-60094

Vinchin Backup & Recovery through 9.0.0.86562 contains a heap buffer overflow vulnerability that allows unauthenticated remote attackers to cause process crash or memory corruption by sending a malformed TCP packet with an unchecked bodylen field to the agentlinkserver service. Attackers can craf...

6.9CVSS0.00411EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-60095 Vinchin Backup & Recovery 9.0.0.86562 Stack Buffer Overflow via ModuleHandShake

Vinchin Backup & Recovery through 9.0.0.86562 contains a stack buffer overflow vulnerability in the ModuleHandShake function of the agentlinkserver service that allows unauthenticated remote attackers to overwrite the saved return address by supplying an oversized listenuuid field that is measure...

6.9CVSS0.00463EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-60094 Vinchin Backup & Recovery 9.0.0.86562 Heap Buffer Overflow via agentlink_server

Vinchin Backup & Recovery through 9.0.0.86562 contains a heap buffer overflow vulnerability that allows unauthenticated remote attackers to cause process crash or memory corruption by sending a malformed TCP packet with an unchecked bodylen field to the agentlinkserver service. Attackers can craf...

6.9CVSS0.00411EPSS
Exploits0References3
CVE
CVE
added 5 days ago15 views

CVE-2026-60094

Vulnerability overview (CVE-2026-60094): Vinchin Backup & Recovery up to 9.0.0.86562 is affected by a heap buffer overflow in the agentlink_server. According to the records, an unauthenticated remote attacker can send a malformed TCP packet with an unchecked body_len field, passing an attacker-co...

6.9CVSS6.2AI score0.00411EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-51604

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request...

0.0041EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 6 days ago3 views

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

5.3CVSS6.2AI score0.00514EPSS
Exploits0References5
NVD
NVD
added 6 days ago9 views

CVE-2026-41122

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain a stored cross-site scripting vulnerability. An unauthenticated attacker wit...

7.1CVSS0.00202EPSS
Exploits0References1
CVE
CVE
added 6 days ago9 views

CVE-2026-53482

Dell PowerProtect Data Domain (versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) contains an Integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could exploit this to cause a denial of service . Exploitat...

7.5CVSS6AI score0.00338EPSS
Exploits0References1Affected Software1
CVE
CVE
added 6 days ago8 views

CVE-2026-41122

CVE-2026-41122 affects Dell PowerProtect Data Domain: versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70 contain a stored cross-site scripting vulnerability. An unauthenticated attacker with remote access could exploit this to cause informatio...

7.1CVSS5.9AI score0.00202EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-49365

A flaw was found in the Apache Camel Netty HTTP component. An unauthenticated remote attacker can exploit this vulnerability by sending a malformed request that triggers an exception during route processing. Due to a misconfiguration where muteException is set to false by default, the system...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References4
EUVD
EUVD
added last week5 views

EUVD-2026-42075

An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system...

6.5CVSS5.9AI score0.00277EPSS
Exploits0References1
CVE
CVE
added last week13 views

CVE-2026-44877

CVE-2026-44877 affects HPE Networking Instant On 1830, 1930, and 1960 switches. It is described as an unauthenticated remote disclosure vulnerability that could allow a remote attacker to access sensitive cryptographic secrets on a vulnerable system. CVSS‑3.1 metrics indicate Network access, Low ...

6.5CVSS5.9AI score0.00277EPSS
Exploits0References1
Rows per page
Query Builder