Lucene search
K

5564 matches found

NVD
NVD
added 2026/04/28 2:16 p.m.6 views

CVE-2026-5944

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...

8.8CVSS0.00533EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 1:6 p.m.42 views

CVE-2026-5944

Cisco Intersight Device Connector for Nutanix Prism Central exposes an unauthenticated API passthrough on TCP 7373. An unauthenticated network attacker can query the endpoint to enumerate cluster metadata (VM information and cluster configuration). The API is primarily read-only, but some cluster...

8.8CVSS5.4AI score0.00533EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/28 1:6 p.m.7 views

CVE-2026-5944

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...

8.8CVSS5.3AI score0.00533EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/28 1:6 p.m.32 views

CVE-2026-5944 Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...

8.8CVSS0.00533EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/28 1:6 p.m.1 views

CVE-2026-5944 Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...

8.8CVSS5.3AI score0.00533EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.8 views

Nutanix Prism Central 访问控制错误漏洞

Nutanix Prism Central is a centralized management console provided by the American company Nutanix. Nutanix Prism Central has an access control vulnerability, which stems from improper access controls. This vulnerability allows unauthenticated attackers to access the system via the network, send...

8.8CVSS5.9AI score0.00533EPSS
Exploits0References1
OSV
OSV
added 2026/04/27 4:16 p.m.7 views

ALPINE-CVE-2025-54505

A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality...

2CVSS5.5AI score0.00191EPSS
Exploits0References1
NVD
NVD
added 2026/04/26 10:17 p.m.6 views

CVE-2018-25296

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an...

6.8CVSS0.00128EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/26 1:19 p.m.2 views

CVE-2018-25296

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/26 1:19 p.m.6 views

CVE-2018-25296 P10 Central Management Software 1.4.13 Denial of Service

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an...

6.8CVSS5.7AI score0.00128EPSS
Exploits0References3
CVE
CVE
added 2026/04/26 1:19 p.m.11 views

CVE-2018-25296

CVE-2018-25296 affects P10 Central Management Software 1.4.13. The vulnerability is a buffer overflow in the login password field that lets a local attacker crash the application by submitting an oversized input (example: a 2000-byte payload). This results in a denial of service. The connected do...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/26 1:19 p.m.5 views

EUVD-2018-21816

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an...

6.8CVSS5.8AI score0.00128EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.8 views

PT-2026-35266

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an...

6.8CVSS5.7AI score0.00128EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/25 6:0 p.m.38 views

CVE-2026-6992 Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS0.06058EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/24 12:51 p.m.2 views

CVE-2026-21515 Azure IoT Central Elevation of Privilege Vulnerability

...

9.9CVSS5.1AI score0.00701EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 12:51 p.m.38 views

CVE-2026-21515 Azure IoT Central Elevation of Privilege Vulnerability

...

9.9CVSS0.00701EPSS
Exploits0References1
CVE
CVE
added 2026/04/24 12:51 p.m.33 views

CVE-2026-21515

Technical details of CVE-2026-21515 are not publicly available in the provided documents. Monitor for updates from MSRC/NVD; no specifics on affected components, root cause, or fixes are included.

9.9CVSS5.1AI score0.00701EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.16 views

PT-2026-34862

Name of the Vulnerable Software and Affected Versions Azure IoT Central affected versions not specified Description Exposure of sensitive information to an unauthorized actor allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information...

9.9CVSS5.1AI score0.00701EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.16 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: python3 (UTSA-2026-014319)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014319 advisory. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD...

4.3CVSS6.4AI score0.00353EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/04/23 2:0 p.m.8 views

Azure IoT Central Elevation of Privilege Vulnerability

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score0.00701EPSS
Exploits0
Rows per page
Query Builder