Lucene search
K

94 matches found

NVD
NVD
added 2026/07/02 3:17 p.m.10 views

CVE-2026-54408

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming...

9.8CVSS0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:49 p.m.31 views

CVE-2026-54408

The CVE-2026-54408 entry concerns UniFi Protect Application with an Improper Access Control flaw that could allow a network-connected attacker to bypass authentication for data streaming. Connected advisories note multiple UniFi products (including UniFi Protect) with related vulnerabilities (e.g...

9.8CVSS5.8AI score0.0028EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.35 views

CVE-2026-54408

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming...

8.6CVSS0.0028EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.6 views

CVE-2026-54408

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming...

8.6CVSS5.8AI score0.0028EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 2:49 p.m.11 views

EUVD-2026-41383

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming...

8.6CVSS5.8AI score0.0028EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.16 views

PT-2026-55244

Name of the Vulnerable Software and Affected Versions UniFi Protect Application affected versions not specified Description An Improper Access Control issue allows a network-based actor to bypass authentication for data streaming. Improper Access Control occurs when an application fails to proper...

9.8CVSS6.1AI score0.0028EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 2:50 p.m.4 views

SUSE-SU-2026:22340-1 Security update for mutt

This update for mutt fixes the following issues - CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. - CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. - CVE-2026-43861: missing check for \0 in urlpctdecode...

3.7CVSS5.8AI score0.00201EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2026/05/06 9:50 a.m.19 views

CVE-2026-43064

A flaw was found in the Linux kernel's dmaengine IDXD driver. The workqueue associated with a Data Streaming Accelerator DSA or In-Memory Analytics Accelerator IAA device is not properly released when the object is freed. This resource leak may lead to a denial of service...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.10 views

SUSE CVE-2026-43064

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release The workqueue associated with an DSA/IAA device is not released when the object is freed...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References3
Fedora
Fedora
added 2026/05/02 2:12 a.m.9 views

[SECURITY] Fedora 44 Update: GitPython-3.1.49-1.fc44

GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. It provides abstractions of git objects for easy access of repository data, a nd additionally allows you to access the git repository more directly using eith er a...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/04/25 1:58 a.m.7 views

[SECURITY] Fedora 44 Update: libmicrohttpd-1.0.5-1.fc44

GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: C library: fast and small API is simple, expressive and fully reentrant Implementation is http 1.1...

8.7CVSS7.3AI score0.00422EPSS
Exploits0
CNVD
CNVD
added 2025/08/20 12:0 a.m.4 views

Intel DSA Search Path Uncontrolled Vulnerability

Intel DSA is a hardware gas pedal built into Intel® Xeon® Scalable processors that accelerates storage, networking, and data analytics workloads by offloading data transfer tasks to dedicated hardware, freeing up CPU resources for other tasks. Intel DSA suffers from an uncontrolled search path...

6.7CVSS6.9AI score0.00136EPSS
Exploits0References1
NVD
NVD
added 2025/08/12 5:15 p.m.9 views

CVE-2025-26404

Uncontrolled search path for some IntelR DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS0.00136EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 4:59 p.m.3 views

CVE-2025-26404

Uncontrolled search path for some IntelR DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.4AI score0.00136EPSS
Exploits0References1
CVE
CVE
added 2025/08/12 4:59 p.m.23 views

CVE-2025-26404

CVE-2025-26404 concerns Intel® DSA (Driver & Support Assistant) software prior to version 25.2.15.9. The issue is an uncontrolled search path that may allow an authenticated user to escalate privileges via local access. Impact is described as privilege escalation with high secrecy/impact on confi...

6.7CVSS7.4AI score0.00136EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.6 views

Intel DSA 代码问题漏洞

Intel DSA is a hardware gas pedal built into Intel® Xeon® Scalable processors that accelerates storage, networking, and data analytics workloads by offloading data transfer tasks to dedicated hardware, freeing up CPU resources for other tasks. Intel DSA suffers from an uncontrolled search path...

6.7CVSS6.8AI score0.00136EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:29 a.m.10 views

CVE-2023-36648

Missing authentication in the internal data streaming system in ProLion CryptoSpike 3.0.15P2 allows remote unauthenticated users to read potentially sensitive information and deny service to users by directly reading and writing data in Apache Kafka as consumer and producer...

8.2CVSS6.9AI score0.0098EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2025/03/28 1:56 p.m.2 views

Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html CVE-2024-31068: Improper Finite State Machines FSMs i...

8.8CVSS7.9AI score0.00256EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2025/03/26 2:22 p.m.8 views

Security update for microcode_ctl

This update for microcodectl fixes the following issues: CVE-2024-31068: Improper Finite State Machines FSMs in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. bsc1237096 CVE-2024-36293: A potential security vulnerabilit...

8.8CVSS8.3AI score0.03882EPSS
Exploits1References74
SUSE Linux
SUSE Linux
added 2025/03/24 12:15 p.m.5 views

Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html CVE-2024-31068: Improper Finite State Machines FSMs i...

6.8CVSS7.3AI score0.00244EPSS
Exploits0References10
Rows per page
Query Builder