Lucene search
+L

1081 matches found

EUVD
EUVD
added 2026/03/03 10:14 p.m.7 views

EUVD-2026-9330

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6...

4.5CVSS5.9AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2026/03/03 8:16 p.m.10 views

CVE-2026-0869

Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...

8.8CVSS5.8AI score0.00397EPSS
Exploits0References1
NVD
NVD
added 2026/03/03 8:16 p.m.5 views

CVE-2026-0869

Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...

8.8CVSS0.00397EPSS
Exploits0References1
CVE
CVE
added 2026/03/03 7:59 p.m.19 views

CVE-2026-0869

CVE-2026-0869 describes an authentication bypass in Brocade ASCG 3.4.0, enabling an unauthorized user to perform ASCG operations related to Brocade Support Link (BSL) and streaming configuration. The vulnerability could also disable the ASCG application or disable BSL data collection on fabric sw...

8.8CVSS5.9AI score0.00397EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/03 7:59 p.m.25 views

CVE-2026-0869 Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0

Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...

8.3CVSS0.00397EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/03 7:59 p.m.4 views

EUVD-2026-9312

Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...

8.3CVSS5.9AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.14 views

PT-2026-22838

Name of the Vulnerable Software and Affected Versions GLPI Inventory Plugin versions prior to 1.6.6 Description The GLPI Inventory Plugin manages network discovery, inventory, software deployment, and data collection for GLPI agents. A reflected cross-site scripting XSS issue exists in task jobs...

4.5CVSS5.8AI score0.00169EPSS
Exploits0References5
Broadcom
Broadcom
added 2026/03/03 12:0 a.m.20 views

Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0 (CVE-2026-0869)

Application User accounts with Brocade ASCG application privileges created by the administrator are not properly being password enforced. Any other user that learns of the assigned user name can access the custom created application manager account and gain access to the Brocade ASCG application...

8.3CVSS5.9AI score0.00397EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.7 views

PT-2026-22802

Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...

8.3CVSS5.9AI score0.00397EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.8 views

Brocade ASCG 安全漏洞

Brocade ASCG is a network feature offered by the American company Brocade. It is primarily used to simplify SAN architectures and optimize resource utilization. Version 3.4.0 of Brocade ASCG contains a security vulnerability. This vulnerability stems from an authentication bypass mechanism, which...

8.8CVSS5.8AI score0.00397EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/03/02 3:1 p.m.11 views

Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere

Samsung has settled a lawsuit with the Texas Attorney General over how its smart TVs collect and monetize viewing data using Automated Content Recognition ACR. As part of the settlement, Samsung agreed to stop collecting ACR data from Texans without explicit, informed consent and to rewrite its...

6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/02/27 12:0 a.m.6 views

The vulnerability of the Data Collection Agent service in the Cisco Catalyst SD-WAN Manager centralized network management system allows a malicious actor to gain unauthorized access to protected information and enhance their privileges.

The vulnerability of the Data Collection Agent service in the Cisco Catalyst SD-WAN Manager centralized network management system is related to the storage of passwords in a recoverable format. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...

5.5CVSS7.6AI score0.05269EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/26 10:34 p.m.10 views

CVE-2026-20128

A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An...

7.5CVSS7.5AI score0.05269EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/02/26 10:9 a.m.11 views

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the financial sector. The package, codenamed StripeApi.Net, attempts to masquerade as Stripe.net, a...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/02/25 6:31 p.m.6 views

EUVD-2026-8676

A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system. This...

7.5CVSS5.5AI score0.05269EPSS
Exploits0References2
OSV
OSV
added 2026/02/25 5:25 p.m.8 views

CVE-2026-20128

A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system. This...

7.5CVSS5.8AI score0.05269EPSS
Exploits0References1
NVD
NVD
added 2026/02/25 5:25 p.m.8 views

CVE-2026-20128

A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An...

7.5CVSS0.05269EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/25 4:14 p.m.4 views

CVE-2026-20128

A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An...

7.5CVSS7.5AI score0.05269EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/25 4:14 p.m.49 views

CVE-2026-20128

CVE-2026-20128 affects Cisco Catalyst SD-WAN Manager: Data Collection Agent stores the DCA password in a recoverable credential file on the filesystem, enabling an authenticated, local attacker with valid vManage credentials to read the file and gain DCA user privileges, potentially compromising ...

7.5CVSS7.5AI score0.05269EPSS
In wildExploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/25 4:14 p.m.47 views

CVE-2026-20128 Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerability

A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An...

7.5CVSS0.05269EPSS
Exploits0References1
Rows per page
Query Builder