Lucene search
K

748 matches found

CVE
CVE
added 2026/05/13 2:15 p.m.18 views

CVE-2026-6281

Technical details about CVE-2026-6281 are not publicly provided in the supplied documents. No specific product/version, root cause, impact, or fix is stated beyond the generic description; monitor for updates.

8.8CVSS6.1AI score0.00445EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 2:15 p.m.7 views

CVE-2026-6281

A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device...

8.8CVSS6.1AI score0.00445EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:15 p.m.7 views

CVE-2026-6281

A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device...

8.8CVSS6.1AI score0.00445EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.10 views

PT-2026-40698

A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device...

8.8CVSS6.1AI score0.00445EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.17 views

PT-2026-40699

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device...

8.6CVSS5.8AI score0.00391EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Lenovo Personal Cloud Storage 操作系统命令注入漏洞

Lenovo Personal Cloud Storage is a personal cloud storage service provided by Lenovo Corporation. Lenovo Personal Cloud Storage has a vulnerability related to operating system command injection. This vulnerability stems from potential vulnerabilities, which may allow remote authenticated users to...

8.8CVSS6.1AI score0.00445EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.10 views

CVE-2026-35157

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote...

9.8CVSS5.8AI score0.00317EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:43 a.m.15 views

Malicious code in dlty (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 494f5fbab24a26771e84ce06eea5303b7d1b9135b505a6d93a01c417603f1902 Importing the dlty package triggers an active data-exfiltration channel from the installer to third-party-controlled infrastructure. dlty/init.py...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/12 7:43 a.m.8 views

MAL-2026-3690 Malicious code in dlty (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 494f5fbab24a26771e84ce06eea5303b7d1b9135b505a6d93a01c417603f1902 Importing the dlty package triggers an active data-exfiltration channel from the installer to third-party-controlled infrastructure. dlty/init.py...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 4:3 p.m.48 views

CVE-2026-33359 Meari unauthenticated alert image access in cloud object storage

In Meari IoT Cloud alert image storage on Alibaba OSS latest observed; storage service version not disclosed, motion snapshots are retrievable without authentication, signed URLs, or expiry enforcement. URLs function as direct object references and remain valid beyond expected operational windows...

7.5CVSS0.00293EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 10:16 a.m.18 views

CVE-2026-35157

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote...

9.8CVSS0.00317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 9:39 a.m.8 views

CVE-2026-26946

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS5.8AI score0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 9:27 a.m.39 views

CVE-2025-43992

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...

5.6CVSS0.00235EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 8:57 a.m.6 views

CVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...

9.8CVSS5.8AI score0.00223EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/11 8:57 a.m.9 views

CVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...

9.8CVSS5.8AI score0.00223EPSS
Exploits0References1
Fedora
Fedora
added 2026/05/11 1:2 a.m.12 views

[SECURITY] Fedora 43 Update: rclone-1.74.0-2.fc43

"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Driv e, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files...

9.8CVSS5.8AI score0.34734EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39642

In Meari IoT Cloud alert image storage on Alibaba OSS latest observed; storage service version not disclosed, motion snapshots are retrievable without authentication, signed URLs, or expiry enforcement. URLs function as direct object references and remain valid beyond expected operational windows...

7.5CVSS5.8AI score0.00293EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.11 views

PT-2026-39585

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS5.8AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.13 views

PT-2026-39588

Name of the Vulnerable Software and Affected Versions Dell ECS versions 3.8.1.0 through 3.8.1.7 Dell ObjectScale versions prior to 4.3.0.0 Description An issue involving the use of hard-coded credentials allows an unauthenticated attacker with local access to potentially gain filesystem access...

9.8CVSS5.8AI score0.00223EPSS
Exploits0References14
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Dell ECS和Dell ObjectScale 信任管理问题漏洞

Dell ECS and Dell ObjectScale are both products of the American company Dell. Dell ECS is an scalable, manageable, and elastic enterprise-level object storage solution. Dell ObjectScale is an object storage platform. There were security management vulnerabilities in versions 3.8.1.0 to 3.8.1.7 of...

9.8CVSS5.8AI score0.00223EPSS
Exploits0References1
Rows per page
Query Builder