Lucene search
+L

2778 matches found

Github Security Blog
Github Security Blog
added 2026/06/05 4:42 p.m.19 views

Klever-Go KVM: Unauthenticated remote node crash (nil-pointer DoS) in klever-go P2P transaction interceptor (txVersionChecker nil RawData) - potential chain halt

Summary Every transaction gossiped on the klever-go P2P network is decoded and validated synchronously inside the libp2p pubsub topic-validator callback. The validator txVersionChecker.CheckTxVersion dereferences tx.RawData.Version with no nil check. A protobuf Transaction whose embedded RawData...

5.5AI score0.00058EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/05 1:36 a.m.8 views

CVE-2026-7762

A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio range to cause a Denial of Service kernel panic or potentially achieve Remote Code Execution via a...

6AI score0.00567EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.24 views

PT-2026-47062

🚨 Multiple Critical Vulnerabilities Disclosed in DbGate Several severe vulnerabilities in DbGate can allow attackers to achieve remote code execution: • CVE-2026-47668 - Unauthenticated RCE via JSON Script Runner dbgate-serve • CVE-2026-47669 - Zip Slip arbitrary file write leading to RCE •...

6AI score0.00336EPSS
Exploits2References1
EUVD
EUVD
added 2026/06/04 12:58 p.m.13 views

EUVD-2025-210066

Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service DoS...

7.5CVSS5.8AI score0.00327EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:58 p.m.11 views

CVE-2025-46638

Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service DoS...

7.5CVSS5.8AI score0.00327EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 12:58 p.m.43 views

CVE-2025-46638

Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service DoS...

7.5CVSS0.00327EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:58 p.m.13 views

CVE-2025-46638

Dell BSAFE SSL-J contains a vulnerability where resources are allocated without limits or throttling, enabling an unauthenticated remote attacker to cause a Denial of Service. Affected software is Dell BSAFE SSL-J; root cause is unbounded resource allocation. Impact is DoS with high severity (CVS...

7.5CVSS5.8AI score0.00327EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Dell BSAFE 安全漏洞

Dell BSAFE is a security software product developed by the American company Dell. It supports encryption algorithms, certificate chain verification, and Transport Layer Security TLS encryption suites, helping users achieve various security objectives for their applications. Dell BSAFE has a...

7.5CVSS5.5AI score0.00327EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 4:9 p.m.15 views

EUVD-2026-34137

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS5.8AI score0.41694EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-44545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayloadSize to Autobahn's WebSocketServerFactory. Because Autobahn defaults both values to 0...

7.5CVSS6.1AI score0.00328EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/02 3:39 p.m.10 views

CVE-2026-0611

Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an unauthenticated remote code execution vulnerability through a deprecated .NET Remoting HTTP channel exposed on port 8989 that allows attackers to perform arbitrary file read and write operations by...

9.8CVSS6.5AI score0.00664EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/02 3:39 p.m.10 views

CVE-2026-0611 Spacelabs Healthcare Sentinel 10.5.x < 11.6.0 Unauthenticated RCE via .NET Remoting

Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an unauthenticated remote code execution vulnerability through a deprecated .NET Remoting HTTP channel exposed on port 8989 that allows attackers to perform arbitrary file read and write operations by...

9.8CVSS6.5AI score0.00664EPSS
Exploits0References3
CVE
CVE
added 2026/06/02 3:39 p.m.31 views

CVE-2026-0611

Summary: CVE-2026-0611 affects Spacelabs Healthcare Sentinel 10.5.x and higher and Sentinel 11.x.x prior to 11.6.0. A deprecated .NET Remoting HTTP channel exposed on port 8989 allows unauthenticated remote code execution by supplying valid .NET URI endpoints, enabling arbitrary file read/write a...

9.8CVSS6.5AI score0.00664EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/01 5:9 p.m.37 views

CVE-2026-49121 AI Tensor Engine for ROCm (AITER) 0.1.14 Unauthenticated RCE via MessageQueue.recv() Pickle Deserialization

AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shmbroadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...

9.2CVSS0.01104EPSS
Exploits1References3
NVD
NVD
added 2026/06/01 9:16 a.m.14 views

CVE-2026-7858

A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lead to an unauthenticated remote code execution...

9.8CVSS0.00543EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 7:45 a.m.35 views

CVE-2026-7858

CVE-2026-7858 involves a Deserialization of Untrusted Data flaw affecting Teamwork Cloud (No Magic Release 2022x–2026x) and Magic Collaboration Studio (CATIA Magic Release 2022x–2026x). The root cause is deserialization of untrusted data enabling unauthenticated remote code execution. The entry h...

9.8CVSS6.2AI score0.00543EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/31 5:27 p.m.104 views

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744 — MCPJam Inspector Unauthenticated RCE !Pytho...

9.8CVSS6AI score0.43671EPSS
Exploits35
ATTACKERKB
ATTACKERKB
added 2026/05/29 6:4 p.m.10 views

CVE-2026-9051

There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure. Successful exploitation requires an attacker to send...

9.3CVSS5.8AI score0.00623EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 10:57 a.m.24 views

CVE-2025-41277

CVE-2025-41277 affects Waterfall WF-500 TX and RX Hosts (Console WebUI) running version 7.9.1.0 R2502171040. The issue is CWE-78 OS Command Injection in the Console WebUI that allows remote unauthenticated attackers to execute arbitrary operating system commands on the device. Root cause: imprope...

9.8CVSS6.1AI score0.0138EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/28 1:5 p.m.8 views

CVE-2026-8979 Authentication Bypass

The Mennekes Amtron series firmware versions ≤ 5.22.3 is vulnerable to an authentication bypass. An unauthenticated remote attacker can change the password of the user account via a crafted POST request to the /operator/operator endpoint...

10CVSS5.8AI score0.00612EPSS
Exploits1References1
Rows per page
Query Builder