Lucene search
K

21 matches found

Cvelist
Cvelist
added 2026/04/15 12:0 a.m.25 views

CVE-2026-30617

LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and arguments. When...

0.00472EPSS
Exploits0References1
OSV
OSV
added 2026/03/03 2:15 p.m.3 views

CVE-2026-3342

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4Update1, 12.0 up to and...

7.2CVSS6AI score
Exploits0References1
EUVD
EUVD
added 2026/03/03 1:17 p.m.8 views

EUVD-2026-9288

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4Update1, 12.0 up to and...

8.6CVSS6.2AI score0.00765EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.14 views

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software operated by the American company WatchGuard, running on Firebox devices. Vulnerabilities exist in versions 11.9 to 11.12.4Update1, 12.0 to 12.11.7, and 2025.1 to 2026.1.1 of WatchGuard Fireware OS. These vulnerabilities stem from out-of-bound writing, allowing...

8.6CVSS6.2AI score0.00765EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/02/21 2:49 p.m.23 views

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence AI services to compromise over 600 FortiGate devices located in 55 countries. That's according to new findings from Amazon Threat Intelligence, which said it...

9.8CVSS9.1AI score0.88193EPSS
Exploits7
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.5 views

Ubiquiti UniFi Access Application 安全漏洞

Ubiquiti UniFi Access Application is an access control system from Ubiquiti, Inc. A security vulnerability exists in the Ubiquiti UniFi Access Application versions 3.3.22 through 3.4.31, which stems from an exposed management API and lack of proper authentication, which could lead to unauthorized...

10CVSS9.1AI score0.40972EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-53180

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01461EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:18 p.m.5 views

CVE-2022-43999

An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management services, arbitrary system commands can be executed on the server...

9.8CVSS7.2AI score0.00949EPSS
Exploits1References1
Qualys Blog
Qualys Blog
added 2023/06/26 8:14 a.m.21 views

Supporting Our U.S. Federal Customers for BOD 23–02 by Mitigating the Risk From Internet-Exposed Management Interfaces

On June 13, 2023, the U.S. Cybersecurity & Infrastructure Security Agency CISA released Binding Operational Directive BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces. The directive requires federal civilian executive-branch agencies to adhere to two primary actions:...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/22 2:0 a.m.42 views

Reducing your attack surface is more effective than playing patch-a-mole

On June 13, 2023 the Cybersecurity and Infrastructure Security Agency CISA issued Binding Operational Directive BOD 23-02. BOD 23-02 is titled Mitigating the Risk from Internet-Exposed Management Interfaces, and requires federal civilian agencies to remove specific networked management interfaces...

7.5CVSS8.5AI score0.98243EPSS
Exploits7
CISA
CISA
added 2023/06/13 12:0 p.m.4 views

CISA Issues BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces

Today, CISA issued Binding Operational Directive BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces, requiring Federal Civilian Executive Branch FCEB agencies to reduce risks posed by internet-exposed networked management interfaces on federal information systems. This...

6.8AI score
Exploits0References3
OSV
OSV
added 2022/09/06 7:15 p.m.3 views

CVE-2022-31792

A stored cross-site scripting XSS vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fix...

5.4CVSS6AI score0.00484EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/19 3:15 p.m.3 views

CVE-2022-24082

If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running o...

9.8CVSS5.3AI score0.09477EPSS
Exploits5References3Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2022/03/17 12:0 a.m.4 views

VulnCheck KEV: CVE-2022-23176

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access...

9CVSS7.5AI score0.13318EPSS
Exploits1References1
NVD
NVD
added 2022/02/24 3:15 p.m.21 views

CVE-2022-23176

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...

9CVSS0.13318EPSS
Exploits1References6
OSV
OSV
added 2022/02/24 3:15 p.m.5 views

CVE-2022-23176

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...

8.8CVSS7.6AI score0.13318EPSS
Exploits1References6
Prion
Prion
added 2022/02/24 3:15 p.m.25 views

Design/Logic Flaw

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...

9CVSS8.5AI score0.13318EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/24 12:52 a.m.13 views

CVE-2022-23176

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...

8.6AI score0.13318EPSS
Exploits1References5
Citrix
Citrix
added 2020/11/09 12:0 a.m.8 views

CVE-2019-19781 - Verification Tool

Objective The Check-CVE-2019-19781 tool will enable customers to identify AAA and Gateway endpoints on Citrix ADC and Citrix Gateway devices in their deployment that are vulnerable to CVE-2019-19781. Customers are also encouraged to run the tool upon application of the mitigation steps to ensure...

9.8CVSS7.4AI score0.99999EPSS
Exploits48
OSV
OSV
added 2019/07/03 7:15 p.m.3 views

UBUNTU-CVE-2019-10104

In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration for Tomcat, Jetty, Resin, or CloudBees with the default setting allowed a remote attacker to execute code when the configuration is running, because a JMX server listened on all interfaces instead of...

9.8CVSS7.4AI score0.03814EPSS
Exploits0References2
Rows per page
Query Builder