Lucene search
K

990 matches found

Positive Technologies
Positive Technologies
added 6 days ago10 views

PT-2026-56623

Name of the Vulnerable Software and Affected Versions Generic OEM UZ801 v2.1 4G LTE Router version 3.4.3 Description A remote attacker can execute arbitrary code through the /ajax web management API endpoint located within the MifiService.apk component. Recommendations At the moment, there is no...

9.8CVSS6.4AI score0.00515EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/07 2:33 p.m.5 views

freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client

A flaw was found in FreeIPMI. Specifically, the ipmi-oem client command, which implements Intelligent Platform Management Interface IPMI OEM commands, contains exploitable buffer overflows. A remote attacker could exploit these vulnerabilities by sending specially crafted response messages to the...

7.5CVSS6.1AI score0.00405EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/01 3:13 a.m.39 views

CVE-2026-20458

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

0.00204EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:13 a.m.39 views

CVE-2026-20458

CVE-2026-20458 affects the Modem with a memory corruption via a missing bounds check. This could enable remote escalation of privilege if a UE connects to a rogue base station, with no extra execution privileges required and no user interaction. Exploitation is described as adjacent access under ...

7.5CVSS6AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 4:19 p.m.5 views

MINI-25MW-R323-WCGC

Bulletin has no description...

7.5CVSS5.8AI score0.00471EPSS
Exploits0
OSV
OSV
added 2026/06/19 2:13 p.m.2 views

SUSE-SU-2026:22243-1 Security update for freeipmi

This update for freeipmi fixes the following issue - CVE-2026-50031: denial of service via buffer overflow in ipmi-oem client bsc1267605...

7.5CVSS6AI score0.00405EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-20449

In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch I...

6.5CVSS6.1AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.9 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

9.8CVSS5.5AI score0.00547EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-27677

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...

6.5CVSS5.5AI score0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.8 views

CVE-2026-24087

Memory corruption while processing fastboot OEM commands...

7.2CVSS5.5AI score0.00097EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.8 views

CVE-2026-35906

An undocumented debug CGI endpoint in T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03 allows unauthenticated attackers to execute arbitrary system commands as root via supplying a crafted HTTP query string...

9.6CVSS6.1AI score0.00466EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

T3 Technology CPE models 安全漏洞

T3 Technology CPE models are a series of 4G/5G customer premises equipment developed by the Thai company T3 Technology. There are security vulnerabilities in the T3 Technology CPE models version 1.0.07 and the T6825G version 1.0.03. These vulnerabilities stem from unrecorded debug CGI endpoints,...

9.6CVSS5.8AI score0.00466EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.18 views

PT-2026-46240

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

5.8AI score0.00547EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

T3 Technology CPE models 安全漏洞

T3 Technology CPE models are a series of 4G/5G customer premises equipment developed by the Thai company T3 Technology. The T3 Technology CPE models, including versions v1.0.07, T6825G v1.0.03, and T7281 v1.0.03, contain security vulnerabilities. These vulnerabilities stem from the hardcoded...

9.8CVSS8.4AI score0.00421EPSS
Exploits1References4
NVD
NVD
added 2026/06/03 4:17 a.m.15 views

CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

7.5CVSS0.00405EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:7 a.m.11 views

CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

7.5CVSS6AI score0.00405EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

ABB T-MAC Plus 跨站脚本漏洞

ABB T-MAC Plus is a shipboard equipment status monitoring and predictive maintenance management system developed by the Swiss company ABB. Version 4.0-24 of ABB T-MAC Plus contains a cross-site scripting vulnerability, which stems from improper input handling and may lead to cross-site scripting...

8CVSS4.9AI score0.00181EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 12:31 a.m.15 views

EUVD-2026-33844

Memory corruption while processing fastboot OEM commands...

7.2CVSS5.8AI score0.00097EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 11:16 p.m.14 views

CVE-2026-24087

Memory corruption while processing fastboot OEM commands...

7.2CVSS0.00097EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 10:5 p.m.12 views

CVE-2026-24087

Memory corruption while processing fastboot OEM commands...

7.2CVSS5.8AI score0.00097EPSS
Exploits0References2
Rows per page
Query Builder