Lucene search
+L

301 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-12588

An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger decompression of a large file that consumes an excessive amount of system resources thus causing a Denial of Service...

6CVSS0.00185EPSS
Exploits0References1
CVE
CVE
added 3 days ago9 views

CVE-2026-12588

The CVE-2026-12588 entry describes a DoS condition in HX devices where an attacker with access to HX 10.0.0 and earlier can send specially crafted data to the HX console. The malicious detection triggers decompression of a large file, consuming excessive system resources and causing denial of ser...

6CVSS6.1AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 2026/07/09 12:51 p.m.1 views

OESA-2026-2923 activemq security update

The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger...

8.1CVSS6.2AI score0.00844EPSS
Exploits0References8
OSV
OSV
added 2026/07/09 12:51 p.m.1 views

OESA-2026-2922 activemq security update

The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger...

8.1CVSS6.2AI score0.00844EPSS
Exploits0References8
NVD
NVD
added 2026/06/17 5:16 p.m.13 views

CVE-2026-32652

Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earli...

7.8CVSS0.00098EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 3:29 p.m.23 views

CVE-2026-32652

Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earli...

7.8CVSS0.00098EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.12 views

CVE-2025-71211

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

9.8CVSS8.3AI score0.03754EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.21 views

CVE-2026-8652

An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...

8.5CVSS6AI score0.00722EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 4:16 a.m.33 views

CVE-2026-8652

An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...

8.5CVSS0.00722EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/25 2:23 a.m.17 views

EUVD-2026-31620

An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...

8.5CVSS6AI score0.00722EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 1:2 p.m.14 views

CVE-2025-71211

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

9.8CVSS7.6AI score0.03754EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/21 1:2 p.m.19 views

EUVD-2025-209911

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

9.8CVSS7.7AI score0.03811EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 1:2 p.m.8 views

CVE-2025-71211

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

9.8CVSS7.7AI score0.03811EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/13 8:29 p.m.150 views

Rcon-Bruteforce

RCON Scanner & Exploitation Toolkit ⚠️ EDUCATIONAL PURPOSE...

10CVSS7.9AI score0.99999EPSS
Exploits354
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40291

PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILL CLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the admin users...

4.3CVSS5.8AI score0.00287EPSS
Exploits0References3
NVD
NVD
added 2026/05/09 1:16 a.m.20 views

CVE-2026-6667

PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the adminusers...

4.3CVSS0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/09 12:43 a.m.43 views

CVE-2026-6667 PgBouncer missing authorization check in KILL_CLIENT admin command

PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the adminusers...

4.3CVSS0.00287EPSS
Exploits0References1
CVE
CVE
added 2026/05/09 12:43 a.m.29 views

CVE-2026-6667

PgBouncer (pre-1.25.2) contains an authorization flaw in the KILL_CLIENT admin command: any user with access to the administration console could execute the command, instead of restricting it to admins listed in admin_users. This could allow unauthorized clients to be killed. Remediation: upgrade...

4.3CVSS5.8AI score0.00287EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.17 views

PT-2026-39229

Name of the Vulnerable Software and Affected Versions PgBouncer versions prior to 1.25.2 Description An improper authorization check exists for the 'KILL CLIENT' admin command. Any user with access to the administration console can execute this command, whereas it should be restricted exclusively...

4.3CVSS5.8AI score0.00287EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/05 11:24 a.m.49 views

CVE-2023-54344 Eclipse Equinox OSGi 3.7.2 Remote Code Execution via Console

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...

9.8CVSS0.0055EPSS
Exploits0References2
Rows per page
Query Builder