CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net: fec: fixed the potential memory leak in fecenetinit. If the memory allocated for cbdbase fails, it should free the memory allocated for the queues; otherwise, a memory leak will occur. And if the memory allocated for the...

5.5CVSS6.2AI score0.00009EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: broadcom: bcm4908enet: update TX stats after actual transmission Queueing packets doesn't guarantee their transmission. Update TX stats after hardware confirms consuming submitted data. This also fixes a possible race and NU...

5.6AI score0.0002EPSS

SUSE CVE•added 2026/04/23 1:25 a.m.•1 views

SUSE CVE-2026-31509

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix circular locking dependency in nciclosedevice nciclosedevice flushes rxwq and txwq while holding reqlock. This causes a circular locking dependency because ncirxwork running on rxwq can end up taking reqlock too:...

5.5CVSS5.6AI score0.00014EPSS

Exploits0References3

RedhatCVE•added 2026/03/04 7:37 a.m.•2 views

CVE-2026-1874

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allo...

8.7CVSS5.4AI score0.00146EPSS

RedhatCVE•added 2026/03/04 7:37 a.m.•3 views

CVE-2026-1876

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP all versions allows a remote attacker to cause a denial-of-service DoS condition on the products by continuously sending UDP packets to the products. A...

NVD•added 2026/03/03 8:16 a.m.•3 views

CVE-2026-1876

8.7CVSS0.00149EPSS

Exploits0References3

CVE•added 2026/03/03 7:3 a.m.•14 views

CVE-2026-1876

The CVE-2026-1876 affects Mitsubishi Electric MELSEC iQ-F Series FX5-ENET/IP Ethernet Module (FX5-ENET/IP) across all versions. The issue is an Improper Resource Shutdown or Release vulnerability that allows a remote attacker to trigger a DoS by continuously sending UDP packets to the device, wit...

Exploits0References3Affected Software1

EUVD•added 2026/03/03 7:3 a.m.•4 views

EUVD-2026-9282

ATTACKERKB•added 2026/03/03 7:3 a.m.•2 views

Exploits0References2

CVE-2026-1876

CVE•added 2026/03/03 6:46 a.m.•8 views

Exploits0References4

CVE-2026-1874

CVE-2026-1874 concerns a denial-of-service vulnerability in Mitsubishi Electric MELSEC iQ-F Series Ethernet modules. The affected components are FX5-ENET/IP (versions 1.106 and earlier) and FX5-EIP Ethernet module (all versions). The issue is described as an Always-Incorrect Control Flow Implemen...

8.7CVSS5.4AI score0.00146EPSS

Exploits0References3Affected Software1

CNNVD•added 2026/03/03 12:0 a.m.•2 views

Mitsubishi Electric MELSEC iQ-F Series 安全漏洞

Mitsubishi Electric MELSEC iQ-F Series are a series of simple motion controllers produced by Mitsubishi Electric, a Japanese company. The Mitsubishi Electric MELSEC iQ-F Series contain security vulnerabilities. These vulnerabilities stem from incorrect implementation of control flows in the...

8.7CVSS5.8AI score0.00146EPSS

Exploits0References3

Packet Storm•added 2026/02/18 12:0 a.m.•118 views

📄 eNet SMART HOME 2.3.1 Privilege Escalation

The eNet Smart Home device firmware versions 2.3.1 build 46841 and 2.2.1 build 46056 exposes JSON‑RPC management methods that may allow authenticated low‑privileged users to perform unauthorized administrative actions. Improper server‑side authorization controls on the /jsonrpc/management endpoin...

5.5AI score

RedhatCVE•added 2026/02/16 7:30 p.m.•4 views

CVE-2026-26369

eNet SMART HOME server 2.2.1 and 2.3.1 contains a privilege escalation vulnerability due to insufficient authorization checks in the setUserGroup JSON-RPC method. A low-privileged user UGUSER can send a crafted POST request to /jsonrpc/management specifying their own username to elevate their...

9.8CVSS5.5AI score0.00028EPSS

Exploits2References1

Packet Storm•added 2026/02/16 12:0 a.m.•118 views

📄 eNet SMART HOME Server 2.3.1 Arbitrary User Deletion

The eNet Smart Home system contains an authorization weakness in the deleteUserAccount JSON-RPC method that permits any authenticated low-privileged user UGUSER to delete arbitrary user accounts, except for the built-in admin account. The application does not enforce proper role-based access...

5.9AI score

Packet Storm•added 2026/02/16 12:0 a.m.•99 views

📄 eNet SMART HOME Server 2.3.1 Account Takeover

The eNet Smart Home system contains an authorization flaw in the resetUserPassword functionality that allows any authenticated low-privileged user UGUSER to reset the password of arbitrary accounts, including those in the UGADMIN and UGSUPERADMIN groups, without supplying the current password or...

5.8AI score

Packet Storm•added 2026/02/16 12:0 a.m.•107 views

📄 eNet SMART HOME Server 2.3.1 Default Credentials

The eNet Smart Home system ships with default credentials that remain active after installation and commissioning without enforcing a mandatory password change. Version 2.3.1 is affected. eNet SMART HOME server 2.3.1 Use of Default Credentials Vendor: Gira Giersiepen GmbH & Co. KG | ALBRECHT JUNG...

5.5AI score