Lucene search
K

14 matches found

EUVD
EUVD
added 2026/04/20 9:30 a.m.7 views

EUVD-2026-23786

A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...

8.6CVSS6.5AI score0.00468EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/03/26 6:29 p.m.7 views

03-gs-ee-6 (=0.3.5), @albgen/capacitor-escpos-plugin (>=0.0.4 <=1.0.1) +2917 more potentially affected by CVE-2026-33750 via brace-expansion (>=4.0.0 <=5.0.2)

brace-expansion NPM version =4.0.0, =0.0.4, =1.1.7, =1.1.8 - @angranit/fantom-virma =0.1.0 - @angranit/first-step-to-get-tea =0.1.0 - @angranit/hapeipons =1.1.2 - @angranit/nearly-vm =0.1.0 - @angranit/newme-project =0.1.0 - @angranit/npmjs-for-tea-project =0.1.0 - @angranit/phantompirs =0.1.0 -...

7.5CVSS6.2AI score0.0043EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/20 12:0 a.m.38 views

Advanced BLE Scanner with RPA Resolution for Flipper Zero

This project implements a high-performance Bluetooth Low Energy BLE scanner on Flipper Zero, supporting all BLE versions from 4.0 to 5.3. It can discover nearby devices, track specific devices by MAC address, and resolve privacy-randomized Resolvable Private Addresses RPA using Identity Resolving...

5.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/02/19 7:40 p.m.22 views

CVE-2026-26278

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 4.1.3 through 5.3.5, the XML parser can be forced to do an unlimited amount of entity expansion. With a very small XML input, it’s possible ...

7.5CVSS5.9AI score0.00811EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/02/09 8:15 p.m.7 views

CVE-2026-25498

Craft is a platform for creating digital experiences. In versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, a Remote Code Execution RCE vulnerability exists in Craft CMS where the assembleLayoutFromPost function in src/services/Fields.php fails to sanitize user-supplied configuratio...

8.6CVSS0.0097EPSS
Exploits1References3
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2025/11/14 12:0 a.m.18 views

[20260101] - Core - Inadequate content filtering for data URLs

Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img tags...

8.4CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/06 5:13 p.m.5 views

CVE-2025-61733

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Kylin. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the issue...

7.5CVSS6.7AI score0.01224EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/24 12:0 a.m.5 views

Zyxel USG FLEX 安全漏洞

Zyxel USG FLEX is a firewall from China Hopkins Zyxel. Offering flexible VPN options IPsec, SSL or L2TP, it provides flexible and secure remote access for remote work and management. A security vulnerability exists in the Zyxel USG FLEX Series 4.50 to 5.35 firmware versions, USG FLEX 50W 4.30 to...

7.5CVSS7.7AI score0.01054EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/26 12:0 a.m.8 views

PT-2023-19076 · Pi-Hole · Pi-Hole

Name of the Vulnerable Software and Affected Versions: Pi-hole versions 4.0 through 5.18.2 Description: The issue concerns the improper use of the admin WEBPASSWORD hash as a "Remember me for 7 days" cookie value in Pi-hole's Web interface. This allows an attacker to "pass the hash" and login or...

8.8CVSS8.5AI score0.0097EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/03/08 12:0 a.m.4 views

PT-2022-10643 · Siemens · Ruggedcom Rs8000 +50

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM i800 RUGGEDCOM i800NC RUGGEDCOM i801 RUGGEDCOM i801NC RUGGEDCOM i802 RUGGEDCOM i802NC RUGGEDCOM i803 RUGGEDCOM i803NC RUGGEDCOM M2100 RUGGEDCOM M2100F RUGGEDCOM M2100NC RUGGEDCOM M2200 RUGGEDCOM M2200F RUGGEDCOM M2200NC RUGGEDCOM M9...

9.6CVSS8.8AI score0.00526EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/06/08 12:0 a.m.6 views

PT-2021-7762 · Rockwell Automation · Isagraf Runtime

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ISaGRAF Runtime versions 4.x through 5.x Description: The issue concerns the encryption of passwords used to execute privileged commands in the ISaGRAF Runtime. Specifically, a fixed key value is used with the tiny...

6.5CVSS6.6AI score0.01122EPSS
Exploits0References8
CNVD
CNVD
added 2020/01/19 12:0 a.m.1 views

Linux kernel information disclosure vulnerability (CNVD-2020-03543)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An information disclosure vulnerability exists in the flowdissector function in Linux kernel versions 4.3 through 5.x fixed in version 5.3.10. The vulnerability stems...

5.3CVSS6.6AI score0.02605EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2016/09/26 4:59 a.m.2 views

CVE-2016-2999

IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to obtain sensitive information via an unspecified brute-force attack...

6.5CVSS5.5AI score0.01216EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/01/14 12:0 a.m.4 views

PT-2012-2039 · Whmcs · Whmcs

Name of the Vulnerable Software and Affected Versions: WHMCS versions 4.0.x through 5.0.x Description: The issue is related to improper handling of characters in the subject field of a crafted ticket, which can trigger arbitrary code execution in the Smarty templating system. This allows remote...

7.5CVSS8.5AI score0.023EPSS
Exploits0References5
Rows per page
Query Builder