Lucene search
K

5579 matches found

NVD
NVD
added 11 hours ago6 views

CVE-2026-61449

Grav 2.0.1 contains a decompression-bomb size-cap bypass in ZipArchiver and GPM\Installer. The size bound introduced in 2.0.1 sums the uncompressed size declared in each entry's ZIP central-directory header ZipArchive::statIndex'size' and rejects archives exceeding...

7.1CVSS
Exploits0References2
Nuclei
Nuclei
added 19 hours ago56 views

D-Link Central WifiManager - Server-Side Request Forgery

D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an...

8.6CVSS6.8AI score0.44101EPSS
Exploits3References5
Nuclei
Nuclei
added 19 hours ago9 views

N-able N-central < 2024.2 - Authentication Bypass Detection

N-central server versions prior to 2024.2 contain an authentication bypass in the user interface, letting attackers access restricted areas without proper credentials, exploit requires no specific conditions. id: CVE-2024-28200 info: name: N-able N-central 2024.2 - Authentication Bypass Detection...

9.8CVSS6.1AI score0.01946EPSS
Exploits0References4
CVE
CVE
added yesterday29 views

CVE-2026-55944

CVE-2026-55944 affects Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises). The vulnerability is described as a deserialization of untrusted data in Dynamics NAV that could allow remote code execution over a network. Connected sources indicate this is addressed in Jul...

9.8CVSS6.2AI score
Exploits0References1
Cvelist
Cvelist
added yesterday30 views

CVE-2026-55944 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

...

9.8CVSS
Exploits0References1
Nuclei
Nuclei
added 4 days ago88 views

D-Link Central WiFi Manager CWM(100) - Remote Code Execution

/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication. id: CVE-2019-13372 info:...

9.8CVSS7.3AI score0.80682EPSS
Exploits4References4
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42960

adm-zip before 0.5.18 is vulnerable to denial of service via a crafted ZIP file with a manipulated uncompressed size header field. In zipEntry.js line 103, Buffer.alloccentralHeader.size allocates memory based on the declared uncompressed size from the ZIP central directory header without...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-57215

Name of the Vulnerable Software and Affected Versions adm-zip versions prior to 0.5.18 Description A denial-of-service issue exists when parsing crafted ZIP files with a manipulated uncompressed size header field. The library allocates memory based on the declared uncompressed size from the ZIP...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-39244

adm-zip before 0.5.18 is vulnerable to denial of service via a crafted ZIP file with a manipulated uncompressed size header field. In zipEntry.js line 103, Buffer.alloccentralHeader.size allocates memory based on the declared uncompressed size from the ZIP central directory header without...

0.00432EPSS
Exploits0References3
CVE
CVE
added 5 days ago11 views

CVE-2026-39244

The CVE-2026-39244 entry concerns adm-zip before 0.5.18 and describes a denial-of-service vulnerability triggered by a crafted ZIP file with a manipulated uncompressed size header. The root cause is that zipEntry.js allocates memory using Buffer.alloc(_centralHeader.size) based on the uncompresse...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References3
NVD
NVD
added 6 days ago7 views

CVE-2026-54799

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install...

8.4CVSS0.00127EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-54798

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt th...

7.1CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-54801

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the we...

8.6CVSS0.0034EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42596

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the we...

8.6CVSS5.9AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 6 days ago19 views

CVE-2026-54801

This CVE affects CPCI85 Central Processing/Communication (all versions &lt; V26.20) and SICORE Base system (all versions &lt; V26.20.0). The vulnerability stems from insufficient validation of authentication credentials when processing administrative account modifications via the web API, enablin...

8.6CVSS5.9AI score0.0034EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago38 views

CVE-2026-54800

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application ships with a default configuration that disables all OPC UA security mechanisms. This could allow an attacker to gain unauthorized...

6.3CVSS0.00146EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42595

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application ships with a default configuration that disables all OPC UA security mechanisms. This could allow an attacker to gain unauthorized...

6.3CVSS5.9AI score0.00146EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-54800

CVE-2026-54800 affects CPCI85 Central Processing/Communication and SICORE Base system (all versions &lt; V26.20 /

6.3CVSS5.9AI score0.00146EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42594

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install...

8.4CVSS6.3AI score0.00127EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-54799

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install...

8.4CVSS0.00127EPSS
Exploits0References1
Rows per page
Query Builder