CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/03/05 1:51 a.m.•23 views

CVE-2026-29126 World-Writable, Root Owned/Run `/etc/udhcpc/default.script` in IDC SFX2100 Satellite Receiver Leads To Potential LPE

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

8.5CVSS0.00018EPSS

Vulnrichment•added 2026/03/05 1:23 a.m.•2 views

CVE-2026-29124 Multiple SUID Root Binaries in `monitor` User Home Directory Leading to Potential Local Privilege Escalation

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting IDC SFX2100 Satellite Receiver, which may lead to local privlidge escalation from t...

8.6CVSS5.8AI score0.00018EPSS

ATTACKERKB•added 2026/03/05 1:23 a.m.•0 views

CVE-2026-29124

8.6CVSS5.8AI score0.00018EPSS

NVD•added 2026/03/04 8:16 a.m.•3 views

CVE-2026-29120

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

9.2CVSS0.00016EPSS

CVE•added 2026/03/04 8:10 a.m.•11 views

CVE-2026-29120

Technical details beyond what’s in the Initial Description are not publicly provided in the connected documents. Monitor for updates to the CVE-2026-29120 entry as new disclosures may clarify affected components, impact, or remediation.

9.2CVSS5.9AI score0.00016EPSS

Exploits1References1Affected Software1

ATTACKERKB•added 2026/03/04 7:24 a.m.•2 views

CVE-2026-28775

An unauthenticated Remote Code Execution RCE vulnerability exists in the SNMP service of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver. The deployment insecurely provisions the private SNMP community string with read/write access by default. Because the SNMP age...

10CVSS6.3AI score0.00944EPSS

ATTACKERKB•added 2026/03/04 7:12 a.m.•1 views

CVE-2026-28772

A Reflected Cross-Site Scripting XSS vulnerability in the /IDCLogging/index.cgi endpoint of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 allows a remote attacker to execute arbitrary web scripts or HTML. The vulnerability is...

5.1CVSS6.2AI score0.00066EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/03/04 7:12 a.m.•1 views

CVE-2026-28772 Reflected XSS in IDC_Logging Index endpoint

5.1CVSS6.2AI score0.00066EPSS

CVE•added 2026/03/04 7:6 a.m.•6 views

CVE-2026-28770

CVE-2026-28770 affects IDC SFX Series SuperFlex Satellite Receiver Web Management Interface version 101. The issue is improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script, where input from the file parameter is echoed unsanitized into a CDATA block, enabling an a...

8.8CVSS6AI score0.00071EPSS

Exploits1References1Affected Software1

ATTACKERKB•added 2026/03/04 7:2 a.m.•4 views

CVE-2026-28769

A path traversal vulnerability exists in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the file parameter to traverse directories and enumerate...

5.3CVSS6.1AI score0.00546EPSS

Positive Technologies•added 2026/03/04 12:0 a.m.•1 views

PT-2026-22874

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 Description A Reflected Cross-Site Scripting XSS issue exists in the /IDC Logging/index.cgi API endpoint. The issue occurs...

5.1CVSS6.2AI score0.00066EPSS

Exploits1References7

Qualys Blog•added 2025/07/07 1:0 p.m.•3 views

Qualys Named as a Major Player in the IDC MarketScape: Worldwide Cloud-Native Application Protection Platform, 2025

We’re proud to share that Qualys has been recognized as a Major Player in the IDC MarketScape: Worldwide Cloud-Native Application Protection Platform 2025 Vendor Assessment doc US53549925, June 2025. We believe this recognition reinforces our commitment to delivering game-changing innovation that...

7.2AI score

Wiz blog•added 2025/06/26 12:0 p.m.•11 views

Wiz Recognized as a Leader in the 2025 IDC MarketScape for CNAPP

We believe recognition in the IDC MarketScape for CNAPP reflects our commitment to innovation and customer success across cloud security...

7.2AI score

Akamai Blog•added 2025/01/16 5:0 p.m.•8 views

Akamai Named a Major Player in IDC MarketScape: Worldwide Public Cloud IaaS 2025 Assessment

...

7.3AI score

Akamai Blog•added 2024/12/02 1:0 p.m.•5 views

The Shift to the Edge Continues to Accelerate

The IDC MarketScape report evaluated providers in the edge delivery services category. Read why Akamai was chosen as a Leader...

7.3AI score

Imperva Blog•added 2024/11/07 11:3 p.m.•9 views

Imperva: A Leader in WAAP

Imperva – a Thales company and leading provider of Web Application and API Protection WAAP solutions, is a force to be reckoned with in the cybersecurity landscape. Our comprehensive approach to security, encompassing database security, enterprise application security, bot management, DDoS...

7.3AI score

Rapid7 Blog•added 2024/09/10 1:1 p.m.•22 views

Rapid7 Named a Leader in IDC MarketScape: Worldwide SIEM for SMB and Enterprise

Rapid7 is excited to share we have been recognized as a Leader in the IDC MarketScape: Worldwide SIEM for SMB 2024 Vendor Assessment doc US52038824, September 2024 and the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment doc US51541324, September 2024. We want to thank our...

7.2AI score