Lucene search
K

3431 matches found

RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-47692

A flaw was found in Envoy. The PROXY Protocol v2 header generator can emit data beyond the maximum allowed length, leading to a mismatch between the actual bytes sent and the length specified in the header. An attacker on an adjacent network could exploit this to smuggle bytes into upstream...

4.8CVSS5.6AI score0.00218EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40379

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...

6.5CVSS5.8AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 11:52 p.m.5 views

CVE-2026-53257

A flaw was found in the Linux kernel. An issue within the mac80211 Wi-Fi subsystem, specifically related to the enforcement of High Efficiency HE and Extremely High Throughput EHT capabilities and operations, could lead to a system crash. This vulnerability arises when HE/EHT capabilities are set...

5.5CVSS5.8AI score0.00151EPSS
Exploits0References4
NVD
NVD
added 2026/06/22 2:17 p.m.10 views

CVE-2026-54100

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key. An adjacent-network attacker who can intercept or redirect WMCO's SSH session can capture...

8.3CVSS0.00182EPSS
Exploits0References3
CVE
CVE
added 2026/06/22 12:46 p.m.14 views

CVE-2026-54100

CVE-2026-54100 affects the Windows Machine Config Operator (WMCO) used with Red Hat OpenShift Container Platform. The flaw is that WMCO establishes SSH connections to Windows worker nodes without verifying the remote host key, enabling an adjacent-network attacker who can intercept or redirect WM...

8.3CVSS5.9AI score0.00182EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/22 12:46 p.m.8 views

CVE-2026-54100

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key. An adjacent-network attacker who can intercept or redirect WMCO's SSH session can capture...

8.3CVSS5.9AI score0.00182EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux, BlueZ

Improper access control in BlueZ may allow a authenticated user to potentially enable information disclosure through adjacent access...

5.7CVSS6.7AI score0.00827EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Bluetooth BR/EDR Core Specification v5.2 and earlier, legacy pairing and secure-connection pairing authentication mechanisms may allow an unauthenticated user to complete the authentication process without using pairing credentials through adjacent access. An unauthenticated, adjacent...

5.4CVSS6.7AI score0.02386EPSS
Exploits2References1
EUVD
EUVD
added 2026/06/17 6:35 p.m.9 views

EUVD-2025-210215

In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8CVSS5.7AI score0.00094EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 3:16 p.m.8 views

CVE-2026-32804

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access...

8.1CVSS0.00216EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 3:16 p.m.10 views

CVE-2026-35065

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure,...

8.8CVSS0.00334EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 3:10 p.m.14 views

CVE-2026-35069

Dell PowerFlex Manager is affected by an SQL Injection due to improper neutralization of special elements. The issue affects Dell PowerFlex Manager versions unspecified in the document; an attacker with adjacent network access and low privileges could potentially trigger script injection. Documen...

8CVSS5.9AI score0.00229EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/17 3:10 p.m.8 views

CVE-2026-35069

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection...

5.7CVSS5.9AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 3:10 p.m.9 views

EUVD-2026-37743

Dell PowerFlex Manager, versions Versions, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection...

5.7CVSS5.7AI score0.00229EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 3:10 p.m.18 views

CVE-2026-35069

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection...

5.7CVSS0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 3:5 p.m.8 views

EUVD-2026-37742

Dell PowerFlex Manager, versions Versions, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure...

3.5CVSS5.6AI score0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 3:5 p.m.19 views

CVE-2026-35068

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure...

3.5CVSS0.00192EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 3:5 p.m.25 views

CVE-2026-35068

The CVE-2026-35068 entry affects Dell PowerFlex Manager and describes an SQL Injection vulnerability caused by improper neutralization of special elements in SQL commands. A low-privileged attacker with adjacent network access could potentially exploit this to achieve an information disclosure. P...

5.7CVSS5.9AI score0.00192EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/17 3:5 p.m.10 views

CVE-2026-35068

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure...

3.5CVSS5.9AI score0.00192EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 2:53 p.m.9 views

EUVD-2026-37735

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

5.7CVSS5.3AI score0.0015EPSS
Exploits0References1
Rows per page
Query Builder