Lucene search
K

483 matches found

ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-9838

The ICS Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'htmltagtitle' parameter in all versions up to, and including, 12.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.2AI score0.00296EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the handling of ICReq requests and queue removal in nvmet-tcp. This...

9.8CVSS5.8AI score0.00353EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/06 7:56 p.m.10 views

CVE-2026-43170

A flaw was found in the Linux kernel's USB DWC3 gadget driver. This vulnerability occurs when the dwc3gadgetvbusdraw function is called from an atomic context, which then invokes power management integrated circuit PMIC APIs that may cause the system to sleep. An attacker could exploit this...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
CVE
CVE
added 2026/05/06 11:27 a.m.18 views

CVE-2026-43170

CVE-2026-43170 affects the Linux kernel USB DWC3 gadget driver. The vulnerability arises when dwc3_gadget_vbus_draw() is called from atomic context and may invoke PMIC APIs that sleep, risking kernel panic. The fix moves vbus_draw to a workqueue context, mitigating sleep in atomic operations. Aff...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/13 1:40 p.m.6 views

CVE-2026-31425

In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registration before IB connection is established rdsibgetmr extracts the rdsibconnection from conn-ctransportdata and passes it to rdsibregfrmr for FRWR memory registration. On a fresh outgoing connection, ic...

5.5AI score0.00114EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/04/06 3:33 p.m.29 views

CVE-2026-21382 Buffer Copy Without Checking Size of Input in Power Management IC

Memory Corruption when handling power management requests with improperly sized input/output buffers...

7.8CVSS0.00075EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 6:51 p.m.4 views

CVE-2020-36980

SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling...

8.5CVSS6.1AI score0.0013EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/27 6:51 p.m.2 views

CVE-2020-36980 SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path

SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling...

8.5CVSS6.1AI score0.0013EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.6 views

PT-2026-5003

SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling...

8.5CVSS6.1AI score0.0013EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.7 views

CVE-2023-31594

IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP channel using VLC network...

7.5CVSS6.9AI score0.00783EPSS
Exploits2References1
OSV
OSV
added 2025/11/12 7:18 p.m.3 views

MAL-2025-174066 Malicious code in divata-tugabi-ic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c074d9f8576aa0a2934473e29b60a5865912f2a0a708ce8e3670c4fc26ffb258 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.2 views

EUVD-2025-142237

Malicious code in divata-tugabi-ic npm...

6.6AI score
Exploits0
CNVD
CNVD
added 2025/11/05 12:0 a.m.6 views

Unspecified vulnerability in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-27469)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which can be exploited by an attacker to cause a...

10CVSS6.7AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.7 views

Unspecified Vulnerabilities in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from multiple devices sharing the...

10CVSS6.9AI score0.00389EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.6 views

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Denial of Service Vulnerabilities

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 suffer from a denial of service vulnerability that stems from vulnerability to...

10CVSS6.7AI score0.00305EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.5 views

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Denial of Service Vulnerabilities (CNVD-2025-29073)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A denial of service vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which stems from a lack of graceful err...

10CVSS6.8AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.7 views

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Denial of Service Vulnerabilities (CNVD-2025-29074)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A denial of service vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which originates from an internal syste...

10CVSS6.6AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.4 views

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Cross-Site Request Forgery Vulnerabilities

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 suffer from a cross-site request forgery vulnerability that is caused by imprope...

10CVSS6.7AI score0.00155EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.5 views

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Information Disclosure Vulnerabilities

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. An information disclosure vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which is caused by incorrect...

10CVSS6.1AI score0.00317EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.6 views

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Information Disclosure Vulnerabilities (CNVD-2025-29078)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from a lack of authentication. An...

10CVSS6.5AI score0.00312EPSS
Exploits0References1
Rows per page
Query Builder