Lucene search
K

2852 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

4.6CVSS5.5AI score0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.14 views

CVE-2025-59601

Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration...

6.5CVSS5.4AI score0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.10 views

CVE-2026-32965

Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial factory-default configuration, the device can be configured with the null string password...

8.7CVSS7.1AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.8 views

CVE-2026-50211

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

9.8CVSS5.5AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-5804

An improper authentication vulnerability was discovered in the Motorola Factory Test component com.motorola.motocit. The application contained a reference to a writable file descriptor in external storage which could be used by third party apps running on the device to open a TCP server, exposing...

8.4CVSS5.5AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 3:25 p.m.8 views

GHSA-C66C-VQ6W-FVH5 Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic

Summary managementServer.CreateSchematic internal/backend/grpc/schematics.go passes the caller-controlled TalosVersion field directly to imageFactoryClient.OverlaysVersions, which embeds it verbatim into a fmt.Sprintf"/version/%s/overlays/official", talosVersion path template. url.URL.JoinPath...

2.7CVSS5.7AI score0.00043EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/05 3:25 p.m.15 views

Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic

Summary managementServer.CreateSchematic internal/backend/grpc/schematics.go passes the caller-controlled TalosVersion field directly to imageFactoryClient.OverlaysVersions, which embeds it verbatim into a fmt.Sprintf"/version/%s/overlays/official", talosVersion path template. url.URL.JoinPath...

5.7AI score0.00043EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.14 views

PT-2026-46988

Name of the Vulnerable Software and Affected Versions Omni affected versions not specified Description An authenticated Operator can perform a same-host path traversal by exploiting the managementServer.CreateSchematic internal/backend/grpc/schematics.go function. The issue occurs because the...

2.7CVSS5.9AI score0.00043EPSS
Exploits0References6
NVD
NVD
added 2026/06/04 3:16 p.m.13 views

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

4.6CVSS0.00145EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 9:16 a.m.14 views

CVE-2026-50211

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

9.8CVSS0.0029EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 7:28 a.m.9 views

CVE-2026-50211

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

8.8CVSS5.8AI score0.0029EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 7:28 a.m.11 views

EUVD-2026-34223

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

9.8CVSS5.8AI score0.0029EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 7:28 a.m.42 views

CVE-2026-50211 Exposed Factory Testing App Boundaries

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

8.8CVSS0.0029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 7:28 a.m.9 views

CVE-2026-50211 Exposed Factory Testing App Boundaries

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

8.8CVSS5.8AI score0.0029EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 7:28 a.m.22 views

CVE-2026-50211

Technical details about CVE-2026-50211 are not publicly provided in the supplied documents. Monitor for updates as additional data may reveal affected products, root cause, and mitigations.

9.8CVSS5.8AI score0.0029EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46163

Name of the Vulnerable Software and Affected Versions Acer Connect M6E 5G Portable WiFi Router affected versions not specified Description Engineering diagnostics and factory-level diagnostic software are exposed on retail builds. This allows malicious applications to obtain write privileges to...

9.8CVSS5.5AI score0.0029EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability arises from the fact that the “Reset to Factory Settings” function fails to remove sensitive encrypted data from the JFFS2 configuration...

4.6CVSS5.3AI score0.00145EPSS
Exploits0References3
CVE
CVE
added 2026/06/04 12:0 a.m.27 views

CVE-2026-36178

GNCC GP5 v7.1.76 is affected: the factory reset does not clear sensitive cryptographic material in the JFFS2 configuration partition, potentially enabling recovery of sensitive user data. Available documents provide the issue and impact but do not specify a patch or mitigation.

4.6CVSS5.8AI score0.00145EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46246

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

5.8AI score0.00145EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.12 views

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

5.8AI score0.00145EPSS
Exploits0References3
Rows per page
Query Builder