Lucene search
K

4242 matches found

Cvelist
Cvelist
added 2026/06/02 1:23 p.m.34 views

CVE-2026-9844 Vulnerability in navify® Digital Pathology

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...

8.8CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 1:23 p.m.28 views

CVE-2026-9844

The vulnerability CVE-2026-9844 affects Roche Diagnostics navify Digital Pathology, specifically the RabbitMQ Management interface modules, where default credentials are used. Affected versions are navify Digital Pathology 2.0.0 up to (but not including) 2.4.1. The problem is the use of default u...

8.8CVSS5.8AI score0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 1:23 p.m.12 views

CVE-2026-9844

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...

8.8CVSS5.8AI score0.00239EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/02 1:23 p.m.10 views

CVE-2026-9844 Vulnerability in navify® Digital Pathology

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...

8.8CVSS5.8AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 1:23 p.m.13 views

EUVD-2026-33923

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...

8.8CVSS5.8AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.15 views

PT-2026-45764

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...

8.8CVSS5.8AI score0.00239EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Roche Diagnostics navify Digital Pathology 安全漏洞

Roche Diagnostics navify Digital Pathology is an enterprise-level digital pathology software platform developed by Roche Diagnostics for the management and collaboration of pathological images. Versions 2.0.0 to 2.4.1 of Roche Diagnostics navify Digital Pathology contained security vulnerabilitie...

8.8CVSS5.3AI score0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 8:2 a.m.13 views

CVE-2026-44825 Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

8.1CVSS5.8AI score0.00529EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Solr 安全漏洞

Apache Solr is a search server based on Lucene, developed by the Apache Foundation in the United States. This product supports faceted searching, vertical searching, and highlighting search results. Vulnerabilities exist in Apache Solr versions 9.4.0 through 9.10.1, as well as 10.0.0, due to...

9.8CVSS8.4AI score0.00529EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.17 views

CVE-2026-9039

A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...

8.6CVSS5.8AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 7:16 p.m.16 views

CVE-2026-42941

The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change...

8.7CVSS0.00226EPSS
Exploits0References3
Metasploit
Metasploit
added 2026/05/29 7:2 p.m.243 views

Apache ActiveMQ RCE via Jolokia addNetworkConnector

Apache ActiveMQ exposes a Jolokia JMX-over-HTTP API at /api/jolokia/. An authenticated attacker can invoke the addNetworkConnector MBean operation with a crafted URI that causes the broker to fetch a remote Spring XML configuration over HTTP. The Spring XML instantiates a ProcessBuilder bean that...

8.8CVSS7AI score0.96666EPSS
Exploits13
ATTACKERKB
ATTACKERKB
added 2026/05/29 5:27 p.m.9 views

CVE-2026-42941

The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change...

8.7CVSS5.8AI score0.00226EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/29 5:27 p.m.14 views

CVE-2026-42941 MacGregor Voyage Data Recorder (VDR) G4e Use of Default Credentials

The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change...

8.7CVSS5.8AI score0.00226EPSS
Exploits0References3
CVE
CVE
added 2026/05/29 5:27 p.m.16 views

CVE-2026-42941

The CVE-2026-42941 relates to the Danelec MacGregor Voyage Data Recorder (VDR) G4e, which ships with default credentials and no enforced password change. The confirmed issues include hard-coded/default accounts, an authenticated user being able to download device backups containing account data a...

8.7CVSS5.8AI score0.00226EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/29 5:27 p.m.38 views

CVE-2026-42941 MacGregor Voyage Data Recorder (VDR) G4e Use of Default Credentials

The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change...

8.7CVSS0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.17 views

PT-2026-44927

Name of the Vulnerable Software and Affected Versions Danelec MacGregor Voyage Data Recorder affected versions not specified Description The device contains a default username and password and does not require the user to change the password upon initial setup. Recommendations At the moment, ther...

8.7CVSS5.8AI score0.00226EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2026/05/29 12:0 a.m.76 views

📄 Apache ActiveMQ Jolokia AddNetworkConnector Remote Code Execution

Apache ActiveMQ exposes a Jolokia JMX-over-HTTP API at /api/jolokia/. An authenticated attacker can invoke the addNetworkConnector MBean operation with a crafted URI that causes the broker to fetch a remote Spring XML configuration over HTTP. The Spring XML instantiates a ProcessBuilder bean that...

8.8CVSS6.7AI score0.96666EPSS
Exploits13
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Danelec Marine Danelec MacGregor Voyage Data Recorder 安全漏洞

The Danelec Marine Danelec MacGregor Voyage Data Recorder is a series of ship navigation data recording systems developed by Danelec Marine. There is a security vulnerability present in the Danelec Marine Danelec MacGregor Voyage Data Recorder, which stems from the inclusion of a default username...

8.7CVSS5.8AI score0.00226EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/28 7:7 p.m.12 views

CVE-2026-9039 Initialization of a resource with an insecure default in XCharge C6

A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...

8.6CVSS5.8AI score0.00185EPSS
Exploits0References1
Rows per page
Query Builder