Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2026/05/06 7:49 p.m.6 views

CVE-2026-43581 OpenClaw < 2026.4.10 - Chrome DevTools Protocol Exposure via Overly Broad CDP Relay Binding

OpenClaw before 2026.4.10 contains an improper network binding vulnerability in the sandbox browser CDP relay that exposes Chrome DevTools Protocol on 0.0.0.0. Attackers can access the DevTools protocol outside intended local sandbox boundaries by exploiting the overly broad binding configuration...

9.6CVSS5.8AI score0.00214EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/24 2:2 a.m.30 views

CVE-2026-24422 phpMyFAQ: Public API endpoints expose emails and invisible questions

phpMyFAQ is an open source FAQ web application. In versions 4.0.16 and below, multiple public API endpoints improperly expose sensitive user information due to insufficient access controls. The OpenQuestionController::list endpoint calls Question::getAll with showAll=true by default, returning...

5.3CVSS0.00375EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/07 7:18 a.m.29 views

CVE-2025-31964 HCL BigFix IVR is impacted by an improper service binding configuration

Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability via exposure of administrative services bound to external network interfaces instead of the local authentication interface...

2.2CVSS0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/07 7:18 a.m.2 views

CVE-2025-31964 HCL BigFix IVR is impacted by an improper service binding configuration

Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability via exposure of administrative services bound to external network interfaces instead of the local authentication interface...

2.2CVSS6.3AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2025/12/17 8:15 p.m.4 views

CVE-2025-34442

AVideo versions prior to 20.1 disclose absolute filesystem paths via multiple public API endpoints. Returned metadata includes full server paths to media files, revealing underlying filesystem structure and facilitating more effective attack chains...

7.5CVSS0.00731EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.6 views

PT-2025-37915

Name of the Vulnerable Software and Affected Versions: ZTE T5400 affected versions not specified Description: An information disclosure issue exists due to an improper configuration of the access control mechanism. This allows attackers to obtain information through interfaces without...

3.5CVSS5.8AI score0.00218EPSS
Exploits0References4
CVE
CVE
added 2025/08/20 4:14 p.m.35 views

CVE-2025-8415

CVE-2025-8415 affects Cryostat: the Cryostat HTTP API binds to all network interfaces, which can expose the API port externally if Network Policies are disabled. The vulnerability enables an unauthenticated attacker to jeopardize the environment, with CVSS 3.1 base metrics indicating network acce...

5.9CVSS6.5AI score0.00296EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.4 views

SUSE CVE-2020-14312

A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not...

4CVSS6.3AI score0.0123EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/06/24 12:0 a.m.5 views

PT-2022-3965 · Illumina · Illumina Local Run Manager

Name of the Vulnerable Software and Affected Versions: Illumina Local Run Manager affected versions not specified Description: The issue is related to incorrect code generation management in Illumina Local Run Manager. An unauthenticated malicious actor can upload and execute code remotely at the...

10CVSS9.4AI score0.01633EPSS
Exploits0References6
Rows per page
Query Builder