Lucene search
K

14109 matches found

Nuclei
Nuclei
added yesterday33 views

Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access

Tieline IP Audio Gateway 2.6.4.8 and below is affected by a vulnerability in the web administrative interface that could allow an unauthenticated user to access a sensitive part of the system with a high privileged account. id: CVE-2021-35336 info: name: Tieline IP Audio Gateway =2.6.4.8 -...

9.8CVSS7.3AI score0.11587EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday31 views

Trinity Audio <= 5.21.0 - Information Exposure

The Trinity Audio Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the /admin/inc/phpinfo.php file that gets created on install. This makes it possible for...

5.3CVSS5.8AI score0.00951EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57266

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
CVE
CVE
added yesterday8 views

CVE-2026-57266

GeoWebPlayer (Websocket Server component used by GV-VMS/GV-Cloud) contains multiple index-out-of-bounds vulnerabilities in its websocket command handling, allowing an attacker-supplied index to access arrays and trigger out-of-bounds reads/writes or call out-of-bounds function pointers. Documente...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-41228

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57265

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41227

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-53348

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC SoundWire Digital Audio SDCA component. The sdcadevunregisterfunctions function does not properly check for NULL function device entries during unregistration. This oversight can lead to a NULL point...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
NVD
NVD
added 2 days ago8 views

CVE-2026-34109

Guardian language-system passes the id GET parameter directly into a PHP exec call in speech.php line 18 without sanitization: exec"php jobs/speechaudio.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell metacharacters...

9.8CVSS0.00537EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41070

Guardian language-system passes the id GET parameter directly into a PHP exec call in speechmac.php line 18 without sanitization: exec"php jobs/speechaudiomac.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-34112

Guardian language-system passes the id GET parameter directly into a PHP exec call in speechmac.php line 18 without sanitization: exec"php jobs/speechaudiomac.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...

9.8CVSS6.1AI score0.00537EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-14330 Pipewire: pulse server alloca stack overflow

Multiple unbounded alloca calls in the PulseAudio protocol server...

5.5CVSS0.001EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-41006

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-53350

In the Linux kernel, the following vulnerability has been resolved: ASoC: wmadsp: Fix NULL dereference when removing firmware controls In wmadspcontrolremove check that the priv pointer is not NULL before attempting to cleanup what it points to. When csdsp creates a control it calls...

5.7AI score0.00161EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2 days ago4 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40836

Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...

6.2AI score0.00316EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40758

Side-channel information leakage in WebAudio in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00229EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2 days ago5 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
OSV
OSV
added 3 days ago3 views

DEBIAN-CVE-2026-14149

Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.00316EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-14149

Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...

8.8CVSS0.00316EPSS
Exploits0References2
Rows per page
Query Builder