Lucene search
+L

67 matches found

NVD
NVD
added 2026/06/26 11:17 p.m.15 views

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.8CVSS0.00459EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 10:52 p.m.40 views

CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS0.00569EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:52 p.m.7 views

CVE-2026-31928

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS5.8AI score0.00569EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 10:52 p.m.19 views

CVE-2026-31928

The CVE-2026-31928 entry concerns DMP-5000 devices shipped with a default administrative web account and weak authentication controls that are not required to be changed during initial configuration or operation, enabling full system access if exploited. The issue is tied to hard-coded/default cr...

9.8CVSS5.8AI score0.00569EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:48 p.m.8 views

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS5.9AI score0.00459EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 10:48 p.m.17 views

CVE-2026-33560

The CVE-2026-33560 issue affects the DMP-5000 file service, where an authenticated user can upload files of any type without validation, because there is no file-extension filtering or content inspection, allowing executable binaries/scripts to be written to the server. The vulnerability stems fr...

8.8CVSS5.9AI score0.00459EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/26 10:48 p.m.59 views

CVE-2026-33560 Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS0.00459EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move the cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 using LOGTRACEEVENT, the following hard lockup occurred, causing the system to hang. Call Trace: rawspinlockirqsave+0x32/0x40...

5.5CVSS6.2AI score0.00188EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-6651

Malware in sbrugna...

7.5CVSS7.6AI score0.02697EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-19152

Malware in sbrugna...

7.5CVSS7.4AI score0.01712EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-31696

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00893EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in dmp-web (npm)

The package dmp-web was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-18540 Malicious code in dmp-web (npm)

The package dmp-web was found to contain malicious code...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/25 9:2 a.m.40 views

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent...

6.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/04/26 3:59 p.m.6 views

Malicious code in dmp-suite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 519dd07a618b2ba0671d86ef8fa2155f33aeaacdeed9a41d7f2e5257fb737aac The OpenSSF Package Analysis project identified 'dmp-suite' @ 11.11.3 pypi as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSV
OSV
added 2023/04/26 3:59 p.m.13 views

MAL-2023-1363 Malicious code in dmp-suite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 519dd07a618b2ba0671d86ef8fa2155f33aeaacdeed9a41d7f2e5257fb737aac The OpenSSF Package Analysis project identified 'dmp-suite' @ 11.11.3 pypi as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.4 views

SUSE CVE-2013-2483

The acnadddmpdata function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service divide-by-zero error and application crash via an invalid count value in ACNDMPADTDRE DMP data...

3.3CVSS7.4AI score0.01081EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.3 views

SUSE CVE-2017-15191

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...

7.5CVSS6.8AI score0.02697EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.4 views

SUSE CVE-2018-7421

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification...

5.3CVSS6.8AI score0.01712EPSS
Exploits1References5
Openbugbounty
Openbugbounty
added 2022/06/28 3:59 a.m.15 views

dmp-bayern.de Cross Site Scripting vulnerability OBB-2689482

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Rows per page
Query Builder