Lucene search
+L

921 matches found

attackerkb
attackerkb
added 2026/06/26 7:40 p.m.9 views

CVE-2026-53290

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.13 views

PT-2026-52929

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the xe eu stall stream close function. The drm dev put function is called before the stream is disabled and its resources are freed. If this call drops t...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References16
nessus
nessus
added 2026/06/18 12:0 a.m.11 views

Siemens RUGGEDCOM RST2428P Improper Resource Shutdown or Release (CVE-2025-1376)

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elfstrptr in the library /libelf/elfstrptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The...

4.7CVSS4.5AI score0.00287EPSS
Exploits1References3
nessus
nessus
added 2026/06/18 12:0 a.m.9 views

Siemens RUGGEDCOM RST2428P Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-1352)

A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function libdwthreadtail in the library libdwalloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. Th...

7.5CVSS4.9AI score0.00652EPSS
Exploits1References3
redhatcve
redhatcve
added 2026/06/05 7:48 p.m.11 views

CVE-2026-36606

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

7.1CVSS5.5AI score0.00104EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:48 p.m.12 views

CVE-2026-36611

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized buffer when receiving POST requests without SOAPAction header on UPnP port 1900, exposing internal memory to unauthenticated adjacent network attackers...

7.3CVSS5.7AI score0.00231EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:48 p.m.11 views

CVE-2026-36607

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint code=10, which lacks the rate limiting applied to the login endpoint code=7. An attacker on the adjacent network can attempt unlimited passwords without...

8.8CVSS5.5AI score0.00181EPSS
Exploits0References1
wallarmlab
wallarmlab
added 2026/06/04 1:30 p.m.18 views

Introducing the Wallarm AI Control Platform: One closed loop for AI security and API security.

TL;DR - AI deployment has outpaced AI governance. Most enterprises running AI on AWS cannot answer four basic security questions about what's running, what it's doing,how to stop it, and how to prove it's under control. - The Wallarm AI Control Platform closes this gap: one platform for Discover,...

5.8AI score
Exploits0
nvd
nvd
added 2026/06/03 6:16 p.m.16 views

CVE-2026-36604

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 does not validate the HTTP Host header, enabling DNS rebinding attacks. An external attacker can rebind a domain to the router's internal IP address, extending the CORS wildcard vulnerability Access-Control-Allow-Origin: to...

6.5CVSS0.00254EPSS
Exploits0References1
cve
cve
added 2026/06/03 12:0 a.m.20 views

CVE-2026-36606

CVE-2026-36606 affects Mercusys AC12G (EU) V1 router running firmware AC12G(EU)_V1_200909. The vulnerability stems from encrypting configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who gains a backup file can decrypt it to recover all stored credentials, inc...

7.1CVSS5.8AI score0.00104EPSS
Exploits0References1
euvd
euvd
added 2026/06/03 12:0 a.m.16 views

EUVD-2026-34144

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...

6.5CVSS5.8AI score0.00177EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36616

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

5.8AI score0.00137EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/03 12:0 a.m.8 views

CVE-2026-36613

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...

5.9AI score0.00159EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/03 12:0 a.m.9 views

CVE-2026-36616

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

5.8AI score0.00137EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/03 12:0 a.m.10 views

CVE-2026-36612

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 enables WPS 2.0 by default with a weak lockout policy 60-second lockout after 10 attempts...

5.8AI score0.00139EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36612

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 enables WPS 2.0 by default with a weak lockout policy 60-second lockout after 10 attempts...

5.8AI score0.00139EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/03 12:0 a.m.16 views

PT-2026-45992

Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 does not validate the HTTP Host header, enabling DNS rebinding attacks. An external attacker can rebind a domain to the router's internal IP address, extending the CORS wildcard vulnerability Access-Control-Allow-Origin: to...

5.8AI score0.00254EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/06/03 12:0 a.m.10 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the response to the CHAOS TXT query, and it may lead to the disclosure of the DNS resolver software...

4.3CVSS5.4AI score0.00159EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/03 12:0 a.m.12 views

PT-2026-45999

Mercusys AC12G EU V1 with firmware AC12GEU V1 200909 returns 128 bytes of uninitialized buffer when receiving POST requests without SOAPAction header on UPnP port 1900, exposing internal memory to unauthenticated adjacent network attackers...

5.9AI score0.00231EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/06/03 12:0 a.m.12 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has security vulnerabilities. These vulnerabilities stem from unvalidated HTTP header verification, which may allow external attackers to exploit the CORS wildcar...

6.5CVSS5.4AI score0.00254EPSS
Exploits0References1
Rows per page
Query Builder