Lucene search
K

178 matches found

NVD
NVD
added 6 days ago14 views

CVE-2026-33799

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS0.00368EPSS
Exploits0References1
Mageia
Mageia
added 2026/05/29 5:12 a.m.19 views

Updated perl-HTTP-Daemon package fixes a security vulnerability

The updated package fixes a security vulnerability: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. CVE-2026-8450...

9.1CVSS5.8AI score0.01452EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 4:22 a.m.44 views

CVE-2026-8450 HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file()

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...

0.01452EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

HTTP::Daemon 安全漏洞

HTTP::Daemon is a simple HTTP class developed under the open-source license of libwww-perl. Versions of HTTP::Daemon prior to version 6.17 contained security vulnerabilities. These vulnerabilities stemmed from the use of the Perl’s 2-arg open method to open string parameters, which could lead to ...

9.1CVSS5.8AI score0.01452EPSS
Exploits0References4
CVE
CVE
added 2026/05/11 1:0 a.m.35 views

CVE-2026-8259

CVE-2026-8259 affects Tenda AC6 firmware version 2.0/15.03.06.23, where an unknown function in the HTTPD component’s /goform/telnet endpoint mishandles the lan.ip parameter, leading to an OS command injection. This allows remote exploitation with high impact on confidentiality, integrity, and ava...

7.2CVSS5.5AI score0.04447EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/04/20 12:0 a.m.5 views

The vulnerability of the cupsd server daemon in the CUPS printing system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the cupsd server daemon in the CUPS printing system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.6CVSS6AI score0.00317EPSS
Exploits1References6Affected Software5
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.7 views

Fedora 44 : nix (2026-8c7366e046)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8c7366e046 advisory. - update to 2.34 - https://nix.dev/manual/nix/2.34/release-notes/rl-2.33.html - https://nix.dev/manual/nix/2.34/release-notes/rl-2.34.html - includes fix for...

9CVSS5.8AI score0.00193EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.11 views

Red Hat System Security Services Daemon 安全漏洞

The Red Hat System Security Services Daemon is a daemon process component in Linux developed by Red Hat Inc. There is a security vulnerability associated with the Red Hat System Security Services Daemon. This vulnerability stems from the improper handling of raw pipe bytes by the...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/10 7:21 p.m.6 views

EUVD-2026-20872

LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf...

9.1CVSS5.8AI score0.00363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Juniper Junos OS Vulnerability (JSA107810)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107810 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon chassisd of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300...

6.8CVSS5.9AI score0.00095EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/27 2:26 p.m.7 views

CVE-2021-27146

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / CUadmin credentials for an ISP...

9.8CVSS7.2AI score0.2049EPSS
Exploits1References1
Rosalinux
Rosalinux
added 2026/02/16 12:24 p.m.14 views

Advisory ROSA-SA-2026-3199

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 unaffected versions = rsync-3.1.3-23.rv3 affected versions rsync-3.1.3-23.rv3 CVE-ID: CVE-2024-12087 BDU-ID: 2025-00377 CVE-Crit: HIGH CVE-DESC.: A configuration vulnerability in the --inc-recursive configuration of the rsyncd daemon of the Rsync...

9.8CVSS6.5AI score0.04575EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.7 views

MiracleLinux 9 : gpsd-minimal-3.26.1-1.el9_7.1 (AXSA:2026-055:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-055:01 advisory. gpsd: gpsd: Denial of Service due to malformed NAVCOM packet parsing CVE-2025-67269 gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds...

9.8CVSS6.2AI score0.00674EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : dbus-1.10.24-14.el7 (AXSA:2020-220:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-220:01 advisory. dbus: denial of service via file descriptor leak CVE-2020-12049 Tenable has extracted the preceding description block directly from the MiracleLinux security...

5.5CVSS7.4AI score0.00569EPSS
Exploits1References2
OSV
OSV
added 2026/01/19 12:0 a.m.6 views

ALSA-2026:0770 Important: gpsd security update

gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...

9.8CVSS6.2AI score0.00674EPSS
Exploits3References6
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.10 views

CVE-2021-27161

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 1234 credentials for an ISP...

9.8CVSS7.2AI score0.17138EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.8 views

CVE-2021-27158

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded L1vt1m4eng / 888888 credentials for an ISP...

9.8CVSS7.2AI score0.23633EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:1 a.m.9 views

CVE-2023-25152

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...

8.8CVSS6.8AI score0.00682EPSS
Exploits0References1
OSV
OSV
added 2026/01/08 2:34 p.m.11 views

USN-7948-1 gpsd vulnerabilities

It was discovered that GPSd incorrectly handled processing NMEA2000 packets. An attacker could use this issue to cause GPSd to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-67268 It was discovered that GPSd incorrectly handled processing NAVCOM packets. An...

9.8CVSS6AI score0.00674EPSS
Exploits3References3
NVD
NVD
added 2026/01/02 4:17 p.m.9 views

CVE-2025-67268

gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the skyview...

9.8CVSS0.00674EPSS
Exploits2References9
Rows per page
Query Builder