CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

140 matches found

CVE-2023-45795 Pilz: XSS vulnerability in Pilz PASvisu and PMI v8xx

A cross-site scripting vulnerability in the Builder Component of Pilz PASvisu before 1.14.1 allows a local unauthenticated attacker to inject malicious javascript and gain full control over the device...

7.8CVSS0.00146EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fixed a race condition between the release of rpmsgctrldev and cdev The struct rpmsgctrldev contains a struct cdev. The current code releases the rpmsgctrldev struct in rpmsgctrldevreleasedevice, but the cdev is a...

7CVSS6AI score0.00172EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vduse: Fixed NULL pointer dereferencing during sysfs access. The control device does not have a drvdata field. Therefore, a NULL pointer dereferencing will occur when accessing the msgtimeout attribute of the control device via...

5.5CVSS5.7AI score0.00239EPSS

Exploits0References1

NVD•added 2026/02/20 5:25 p.m.•5 views

CVE-2026-24790

The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...

8.2CVSS0.00449EPSS

Exploits0References3

OSV•added 2026/02/16 4:19 p.m.•4 views

CVE-2026-2563

A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the function setstcreenendeabledstatus/getstatus of the file /f/service/controlDevice of the component jdcapprpc. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the...

8.8CVSS5.4AI score0.00425EPSS

Exploits0References5

Positive Technologies•added 2026/02/16 12:0 a.m.•10 views

PT-2026-8357

A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the function set stcreenen deabled status/get status of the file /f/service/controlDevice of the component jdcapp rpc. The manipulation leads to Remote Privilege Escalation. It is possible to initiate th...

6.5CVSS5.3AI score0.00425EPSS

Exploits0References6

CNNVD•added 2026/02/16 12:0 a.m.•5 views

JD Cloud AX6600 安全漏洞

JD Cloud AX6600 is an edge computing router developed by JD.com, a Chinese company. Versions of JD Cloud AX6600 such as 4.5.1.r4533 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the functions setstcreenendeabledstatus and getstatus in the...

8.8CVSS6.7AI score0.00425EPSS

Exploits0References6

Tenable Nessus•added 2026/01/16 12:0 a.m.•6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000637 advisory. The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the userctlcount...

4.9CVSS6.7AI score0.00494EPSS

Exploits0References18

Tenable Nessus•added 2026/01/15 12:0 a.m.•2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001951)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001951 advisory. sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users t...

4.6CVSS6.5AI score0.00498EPSS

Exploits0References17

Tenable Nessus•added 2026/01/15 12:0 a.m.•1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001844)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001844 advisory. The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for...

4.6CVSS6.7AI score0.00498EPSS

Exploits0References17

RedhatCVE•added 2026/01/09 9:56 a.m.•6 views

CVE-2020-12729

MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors...

4.6CVSS7AI score0.00255EPSS

Exploits0References1

CNNVD•added 2025/12/09 12:0 a.m.•2 views

Mercury MR816v2 安全漏洞

Mercury MR816v2 is an access control device from Mercury China. A security vulnerability exists in the Mercury MR816v2 that originates from a buffer overflow and could result in a crash or remote code execution...

6.5CVSS8.3AI score0.0035EPSS

Exploits1References2

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986302 advisory. In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsgctrldev and cdev struct rpmsgctrldev contains a...

7CVSS6AI score0.00172EPSS

Exploits0References4