2230 matches found
Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection
Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command injection. There is improper sanitization of authenticated user-controlled input by a single HTTP request via the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php. This in turn can lead to...
EUVD-2026-37802
Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK installpackages...
CVE-2026-11847 Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Path Traversal vulnerability, allowing authenticated remote attackers to exploit this vulnerability to create directories in unintended system paths...
CVE-2026-11847
The CVE-2026-11847 entry concerns the iVEC-IEI Virtualization Edge Computer from IEI Integration Corp. Affected component is the system’s path traversal vulnerability that allows authenticated remote attackers to create directories in unintended system paths. Documented impact indicates unauthori...
CVE-2026-11846 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories, resulting in data destruction or service disruption...
EUVD-2026-36406
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories, resulting in data destruction or service disruption...
CVE-2026-11846 IEI Integration Corp|iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories, resulting in data destruction or service disruption...
CVE-2026-11846
Affected product: IEI iVEC-IEI Virtualization Edge Computer by IEI Integration Corp. The CVE describes an Arbitrary File Deletion vulnerability that can be exploited by authenticated remote attackers to delete arbitrary system files or directories, potentially causing data destruction and service...
PT-2026-48841
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories, resulting in data destruction or service disruption...
CVE-2026-29115
A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...
CVE-2026-29115
A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...
EUVD-2026-35989
A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...
CVE-2026-26239
CVE-2026-26239 affects QNAP File Station 5. A buffer overflow vulnerability could be triggered when a remote attacker who has a user account gains access to the system, allowing memory modification or process crashes. The issue has been fixed in File Station 5 version 5.5.6.5208 and later. The pu...
CVE-2026-22899 File Station 5
A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...
PT-2026-48384
A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...
Exploit for Classic Buffer Overflow in Tp-Link Tl-Wr940N_Firmware
CVE-2024-54887 TypeScript PoC This repository contains a Type...
CVE-2025-40948
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...
CVE-2026-41585
ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnecting before the...
CVE-2026-22576
A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...
CVE-2026-23820
A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlyin...