Lucene search
+L

1413 matches found

vulnrichment
vulnrichment
added 2026/05/25 9:19 a.m.14 views

CVE-2026-9274 Information Exposure Vulnerability in CP-Plus Wi-Fi Camera

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...

5.2CVSS5.8AI score0.00125EPSS
Exploits0References1
euvd
euvd
added 2026/05/25 9:19 a.m.21 views

EUVD-2026-31661

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...

5.2CVSS5.8AI score0.00125EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/25 9:19 a.m.48 views

CVE-2026-9274 Information Exposure Vulnerability in CP-Plus Wi-Fi Camera

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...

5.2CVSS0.00125EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/25 12:0 a.m.9 views

CP Plus Wi-Fi Camera 安全漏洞

CP Plus Wi-Fi Camera is a wireless security camera from CP Plus. A security vulnerability exists in the CP Plus Wi-Fi Camera that stems from improper protection of sensitive information in runtime memory, which could allow an attacker with physical access to obtain sensitive information including...

5.2CVSS5.8AI score0.00125EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Class: A possible memory leak in classregister has been fixed. If classaddgroups returns an error, the cp-subsys needs to be unregistered, and the cp needs to be freed. We cannot call ksetunregister here, because the cls will be...

5.8AI score0.00221EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in binutils

There is a heap-based buffer overflow issue in the function dexpression1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. A crafted input can cause segmentation faults, leading to denial-of-service attacks, as demonstrated by c++filt...

6.5CVSS7.1AI score0.02685EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid a use-after-free condition related to cached IPU bio. The xfstest generic/019 report a bug: Kernel BUG: At mm/filemap.c:1619! RIP: 0010:folioendwriteback+0x8a/0x90 Call Trace:...

7.8CVSS5.4AI score0.00149EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in cp-demangle.c within GNU libiberty, as part of the GNU Binutils 2.31 package. This vulnerability stems from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could exploit this vulnerability to cause a...

5.5CVSS6.7AI score0.01686EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in binutils

A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after multiple recursive calls...

5.5CVSS6.7AI score0.01813EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap, and it is not reassigned. The...

5.5CVSS6.3AI score0.00221EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in cp-demangle.c of GNU libiberty, as part of GNU Binutils 2.31. There is a stack consumption vulnerability caused by infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could exploit this vulnerability to caus...

5.5CVSS6.8AI score0.01686EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed a kernel-infoleak in nilfsioctlwrapcopy The ioctl helper function nilfsioctlwrapcopy, which exchanges a metadata array to/from user space, may copy uninitialized buffer regions to user space memory for read-only ioc...

7.1CVSS6.4AI score0.00191EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in binutils

A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in dexpression1 in cp-demangle.c after many recursive calls...

7.8CVSS7AI score0.01802EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in binutils

A issue was discovered in cp-demangle.c within GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many ‘P’ characters...

5.5CVSS6.3AI score0.01291EPSS
Exploits0References2
nvd
nvd
added 2026/05/19 3:16 p.m.18 views

CVE-2026-43634

HestiaCP versions 1.2.0 through 1.9.4 contain an IP spoofing vulnerability that allows unauthenticated remote attackers to bypass authentication security controls by supplying an arbitrary IP address in the CF-Connecting-IP HTTP header without verifying the request originated from Cloudflare's...

8.7CVSS0.00241EPSS
Exploits0References5
osv
osv
added 2026/05/19 1:33 p.m.3 views

CVE-2026-43634 HestiaCP 1.2.0-1.9.4 IP Spoofing via CF-Connecting-IP Header

HestiaCP versions 1.2.0 through 1.9.4 contain an IP spoofing vulnerability that allows unauthenticated remote attackers to bypass authentication security controls by supplying an arbitrary IP address in the CF-Connecting-IP HTTP header without verifying the request originated from Cloudflare's...

8.7CVSS6.1AI score0.01072EPSS
Exploits0References8
cve
cve
added 2026/05/19 1:29 p.m.22 views

CVE-2026-43633

CVE-2026-43633 affects HestiaCP versions 1.9.0–1.9.4, where a deserialization vulnerability in the web terminal component is caused by a session format mismatch between PHP and Node.js. Unauthenticated remote attackers can trigger root‑level code execution by injecting crafted data into HTTP head...

10CVSS6.2AI score0.01072EPSS
Exploits0References5
snyk
snyk
added 2026/05/18 5:53 p.m.10 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

7.2CVSS5.9AI score0.00104EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 5:53 p.m.9 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

7.2CVSS5.9AI score0.00104EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 5:52 p.m.10 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...

6.1CVSS5.9AI score0.00108EPSS
Exploits0References2
Rows per page
Query Builder