Lucene search
K

809 matches found

Nuclei
Nuclei
added 8 hours ago17 views

Images to WebP < 1.9 - Authenticated Local File Inclusion

The Images to WebP WordPress plugin before version 1.9 did not validate or sanitize the tab parameter before using it in the include function. id: CVE-2021-24644 info: name: Images to WebP 1.9 - Authenticated Local File Inclusion author: Sourabh-Sahu severity: high description: | The Images to We...

7.5CVSS7AI score0.05028EPSS
Exploits2References2
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-33802 Junos OS: EX Series: Unauthorized users can execute service-impacting CLI command

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service DoS. On EX2300, EX4000, EX4100, EX4300-MP Multigigabit and EX4400 switches, an authenticated, local attacker with no specific permissions ...

6.8CVSS0.00123EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5523 Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks in github.com/basekick-labs/arc

Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks in github.com/basekick-labs/arc...

5.9AI score0.00029EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Cisco Umbrella Virtual Appliance < 3.8.5 Privilege Escalation (cisco-sa-umbrella-priv-esc-F4wJB7AU)

According to its self-reported version, Cisco Umbrella Insights Virtual Appliance is affected by a vulnerability. - A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability i...

6CVSS6AI score0.00104EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Intel Microcode

The removal or modification of security-critical code in certain Intel processors may allow an authenticated user to potentially enable information disclosure through local access...

5.5CVSS6.5AI score0.00347EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

The sequence of processor instructions may lead to unexpected behavior on some Intel processors. This could potentially allow an authenticated user to enable privilege escalation, information disclosure, or denial of service through local access...

8.8CVSS7AI score0.01728EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

Observable timing discrepancies in some Intel processors may allow an authenticated user to potentially enable information disclosure through local access...

3.3CVSS6.4AI score0.00383EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Intel Microcode

The sequence of processor instructions in IntelR CoreTM Ultra Processors may lead to unexpected behaviors. This could potentially allow an authenticated user to enable denial of service through local access...

4.7CVSS6.3AI score0.00279EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 5:16 p.m.15 views

CVE-2026-20246

A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this...

6CVSS0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 4:17 p.m.9 views

EUVD-2026-37751

A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this...

6CVSS5.3AI score0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 1:52 p.m.30 views

CVE-2026-10847 Local Privilege Escalation vulnerability in Check Point Identity Agent Full for Windows OS

A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS. An authenticated local user may be able to execute arbitrary code with SYSTEM privileges due to improper handling of executable resolution during the log collection process. Successful exploitatio...

7.8CVSS0.00124EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.17 views

EUVD-2026-35464

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.4AI score0.00229EPSS
Exploits0References14
NVD
NVD
added 2026/06/09 5:17 p.m.10 views

CVE-2026-9210

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

7.1CVSS0.00216EPSS
Exploits0References32
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.34 views

CVE-2026-0415 Insufficient input validation vulnerability in certain Orbi routers

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS0.00229EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.9 views

CVE-2026-0413 Buffer overflow vulnerability in certain NETGEAR Nighthawk routers

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References15
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.34 views

CVE-2026-0413 Buffer overflow vulnerability in certain NETGEAR Nighthawk routers

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS0.00323EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.11 views

CVE-2026-0417 Insufficient input validation in certain NETGEAR routers

Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity...

6.8CVSS5.4AI score0.00229EPSS
Exploits0References28
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.32 views

CVE-2026-0416 Improper input validation in certain NETGEAR routers allows unauthorized modification of protected router functionality

An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...

6.8CVSS0.0018EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

NETGEAR Routers 输入验证错误漏洞

NETGEAR Routers are a series of routers produced by NETGEAR, a company in the United States. NETGEAR Routers have a vulnerability related to input validation. This vulnerability stems from insufficient input validation, which may allow administrators who are connected to the local network and hav...

6.8CVSS5.3AI score0.00229EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/09 12:0 a.m.7 views

Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system...

7.8CVSS6.2AI score0.25323EPSS
In wildExploits2
Rows per page
Query Builder