12694 matches found
EUVD-2026-45330
IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...
MAL-2026-10769 Malicious code in easyway2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ece63ecb6a3067db91e95d2ae9ac5281e78bd204b775fd9d2a04437d7a009545 Source: ossf-package-analysis b70fe150bb8d389d4b3f437dff96763448359cafed12db8139236f3d40b88565 The OpenSSF Package Analysis project identified 'easyway2'...
Fujian Kelixin Communication - Command Injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. id: CVE-2024-2621 info: name: Fujian Kelixin Communication - Command...
CVE-2023-49899
An unauthenticated remote attacker can execute any command on the affected device due to not correctly verifying the origin of a communication channel...
CVE-2026-6423 Local privilege escalation via unauthenticated ALPC in ESET Inspect Connector
A local privilege escalation vulnerability in ESET Inspect Connector. The vulnerability was caused by improper authentication in an IPC channel...
EUVD-2026-44895
A local privilege escalation vulnerability in ESET Inspect Connector. The vulnerability was caused by improper authentication in an IPC channel...
CVE-2026-6423
CVE-2026-6423 concerns a local privilege escalation in the ESET Inspect Connector caused by improper authentication on an ALPC IPC channel. The CVSS 4.0 vector (AV:L/AC:L/PR:L/UI:N/ATT:N/VC:H/VI:H/SA:N/SI:N/VA:H) yields a base score of 8.5 (HIGH). Reported impact indicates elevated confidentialit...
Vulnerability of the WebRTC technology implementation: The networking capabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of WebRTC technology implementation: The networking of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relies on copying buffers without checking the size of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and...
CVE-2026-47472
NVIDIA TensorRT-LLM contains a vulnerability in its inter-process communication layer where an attacker with local same-user access could cause deserialization. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, and denial of service...
CVE-2026-47472
NVIDIA TensorRT-LLM contains a vulnerability in its inter-process communication layer (CVE-2026-47472). A local, same-user attacker could trigger deserialization, with potential impacts including code execution, information disclosure, data tampering, and denial of service. The NVIDIA security up...
Security Bulletin: NVIDIA TensorRT-LLM - July 2026
NVIDIA has released a software update for NVIDIA® TensorRT-LLM. To protect your system, clone or update this software from the NVIDIA/TensorRT-LLM GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses a...
Chromium: CVE-2026-13887 Insufficient policy enforcement in NFC
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
FTP Fetch, Windows shellcode stage, Reverse HTTP Stager Proxy
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Tunnel communication over HTTP Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
CVE-2026-57028
CVE-2026-57028 affects Juniper Networks Junos OS Evolved. An incorrectly initialized process meant to communicate only internally can be reached over the network via an open port, enabling an unauthenticated, network-based attacker to gain unauthorized access to license management. Affected scope...
CVE-2026-33803
CVE-2026-33803 (Junos OS Evolved) : A wrong initialization allows a process that should be internal to be reachable over the network via an open port, exposing the device and increasing CPU usage from ingress processing. Affects Junos OS Evolved releases prior to the following: 23.2R2-S7-EVO, 23....
CVE-2026-33803 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process whi...
CVE-2026-54799
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install...
CVE-2026-54801
This CVE affects CPCI85 Central Processing/Communication (all versions < V26.20) and SICORE Base system (all versions < V26.20.0). The vulnerability stems from insufficient validation of authentication credentials when processing administrative account modifications via the web API, enablin...
EUVD-2026-42596
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the we...
CVE-2026-54800
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application ships with a default configuration that disables all OPC UA security mechanisms. This could allow an attacker to gain unauthorized...