Lucene search
K

3109 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-15321

A vulnerability was found in MyEMS up to 6.4.0. The affected element is the function onpost of the file myems-api/core/svg.py of the component Admin Backend. The manipulation of the argument newvalues'data' results in cross site scripting. The attack can be launched remotely. The exploit has been...

4.8CVSS0.0022EPSS
Exploits0References8
NVD
NVD
added 4 days ago9 views

CVE-2026-1365

Insertion of sensitive information into sent data vulnerability in Sayax Energy Technologies Inc. OSOS allows Authentication Bypass. This issue affects OSOS: through 09072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

6.5CVSS0.00443EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42551

Insertion of sensitive information into sent data vulnerability in Sayax Energy Technologies Inc. OSOS allows Authentication Bypass. This issue affects OSOS: through 09072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

6.5CVSS5.9AI score0.00443EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-1365

Insertion of sensitive information into sent data vulnerability in Sayax Energy Technologies Inc. OSOS allows Authentication Bypass. This issue affects OSOS: through 09072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

6.5CVSS5.9AI score0.00443EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/28 4:28 a.m.11 views

CVE-2026-10593

The Zephyr Bluetooth LE Audio Basic Audio Profile BAP unicast client mishandles peer-supplied ASE state notifications. In unicastclientepqosstate subsys/bluetooth/audio/bapunicastclient.c, the handler writes attacker-controlled QoS fields interval, framing, phy, sdu, rtn, latency, pd through the...

6.5CVSS5.8AI score0.00185EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/26 3:15 p.m.9 views

CVE-2026-53121

A flaw was found in the Linux kernel's amd-pstate driver. When the amdpstateeppcpuinit function fails to set the Energy Performance Preference EPP, it does not properly free a previously allocated data object. This oversight leads to a memory leak, which could result in resource exhaustion over...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.7 views

PT-2026-51651

Name of the Vulnerable Software and Affected Versions Hubbell Aclara Metrum affected versions not specified Description The Cellular Web Interface contains a flaw where missing authentication allows unauthenticated attackers to manipulate critical device settings and disrupt operations. This issu...

8.7CVSS5.8AI score0.00726EPSS
Exploits0References12
NVD
NVD
added 2026/06/22 10:16 a.m.14 views

CVE-2025-4994

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy BLE interface...

8.7CVSS0.00207EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 8:10 a.m.8 views

EUVD-2025-210297

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy BLE interface...

8.7CVSS5.9AI score0.00207EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 8:10 a.m.21 views

CVE-2025-4994

CVE-2025-4994 affects SafeLine SL6 and SL6+ devices used in elevator emergency intercoms. A BLE-facing authentication bypass allows an attacker within wireless range to obtain unauthorized administrative access to the device configuration. Documented impact includes high affects on confidentialit...

8.7CVSS5.9AI score0.00207EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 8:10 a.m.41 views

CVE-2025-4994 Authentication Bypass for SafeLine SL6 and SL6+

The SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems are vulnerable to an authentication bypass. This vulnerability allows attackers to bypass authentication requirements and access the device's configuration service via the Bluetooth Low Energy BLE interface...

8.7CVSS0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.14 views

PT-2026-51287

Name of the Vulnerable Software and Affected Versions SafeLine SL6 affected versions not specified SafeLine SL6+ affected versions not specified Description SafeLine SL6 and SL6+ devices integrated into elevator emergency intercom systems contain an authentication bypass. This issue allows...

8.7CVSS6.1AI score0.00207EPSS
Exploits0References10
NVD
NVD
added 2026/06/19 12:16 a.m.14 views

CVE-2026-52866

An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection...

7.1CVSS0.00222EPSS
Exploits0References4
NVD
NVD
added 2026/06/19 12:16 a.m.14 views

CVE-2026-50034

An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values...

7.1CVSS0.00145EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:47 p.m.7 views

CVE-2026-50034

An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values...

7.1CVSS5.2AI score0.00145EPSS
Exploits0References5
CVE
CVE
added 2026/06/18 11:47 p.m.64 views

CVE-2026-50034

The CVE-2026-50034 entry concerns Apollo Pharmacy’s APG-01 BT Blood Glucose Monitoring System. Affected component: the device’s BLE wireless channel, where the root cause is cleartext transmission of sensitive health data. An attacker inside BLE range can passively eavesdrop traffic, potentially ...

7.1CVSS5.2AI score0.00145EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/18 11:47 p.m.44 views

CVE-2026-50034 Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT Cleartext Transmission of Sensitive Information

An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values...

7.1CVSS0.00145EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:45 p.m.5 views

CVE-2026-52866

An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection...

7.1CVSS5.2AI score0.00222EPSS
Exploits0References5
CVE
CVE
added 2026/06/18 11:45 p.m.48 views

CVE-2026-52866

The CVE-2026-52866 entry concerns the Apollo Pharmacy Blood Glucose Monitoring System APG-01 with BT lacking authorization in BLE. The connected docs provide concrete details: an attacker in BLE range can monopolize the device’s only available BLE connection slot, blocking legitimate users/applic...

7.1CVSS5.2AI score0.00222EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.17 views

PT-2026-50821

Name of the Vulnerable Software and Affected Versions Apollo Pharmacy Blood Glucose Monitoring System APG-01 affected versions not specified Description An attacker within Bluetooth Low Energy BLE communication range can passively intercept wireless traffic to obtain sensitive health-related...

7.1CVSS5.9AI score0.00145EPSS
Exploits0References10
Rows per page
Query Builder