Lucene search
K

3760 matches found

Vulnrichment
Vulnrichment
added 2026/05/11 1:0 a.m.16 views

CVE-2026-8259 Tenda AC6 httpd telnet os command injection

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.5AI score0.04447EPSS
Exploits1References5
CVE
CVE
added 2026/05/11 1:0 a.m.29 views

CVE-2026-8259

CVE-2026-8259 affects Tenda AC6 firmware version 2.0/15.03.06.23, where an unknown function in the HTTPD component’s /goform/telnet endpoint mishandles the lan.ip parameter, leading to an OS command injection. This allows remote exploitation with high impact on confidentiality, integrity, and ava...

7.2CVSS5.5AI score0.04447EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39552

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.5AI score0.04447EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Tenda AC6 命令注入漏洞

Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version Tenda AC6 2.0/15.03.06.23 contains a command injection vulnerability. This vulnerability stems from an unknown function in the httpd component’s file/goform/telnet, which manipulates the parameter lan.ip, potentiall...

7.2CVSS5.8AI score0.04447EPSS
Exploits1References1
NVD
NVD
added 2026/05/08 5:16 p.m.20 views

CVE-2026-42072

Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag and NORNICDBADDRESS / server.host config key is plumbed through to the HTTP server correctly but never reaches the Bo...

9.8CVSS0.0044EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 3:59 p.m.34 views

CVE-2026-42072 Nornicdb: Improper Network Binding in NornicDB Bolt Server allows unauthorized remote access

Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag and NORNICDBADDRESS / server.host config key is plumbed through to the HTTP server correctly but never reaches the Bo...

9.8CVSS0.0044EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/08 3:59 p.m.10 views

EUVD-2026-28808

Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag and NORNICDBADDRESS / server.host config key is plumbed through to the HTTP server correctly but never reaches the Bo...

9.8CVSS5.8AI score0.0044EPSS
Exploits0References3
CVE
CVE
added 2026/05/08 3:59 p.m.23 views

CVE-2026-42072

NornicDB suffers an improper network binding in the Bolt server: the Bolt listener binds to all interfaces because Bolt’s config lacked a host field, so using --address defaults to an empty host. This causes exposure of the Bolt port (default admin:password) on the LAN, enabling unauthorized remo...

9.8CVSS5.8AI score0.0044EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39201

Name of the Vulnerable Software and Affected Versions SolidCAM-GPPL-IDE versions 1.0.0 through 1.0.1 Description The GpplDocumentLinkHandler resolves the filename directive in GPPL postprocessor files into clickable links. The handler accepts arbitrary absolute, relative, UNC, and subfolder paths...

5.1CVSS5.9AI score0.00454EPSS
Exploits0References5
CVE
CVE
added 2026/05/06 7:40 a.m.19 views

CVE-2026-43100

CVE-2026-43100 covers a Linux kernel bridge issue where, if CONFIG_BRIDGE_VLAN_FILTERING is not set, br_vlan_group() and nbp_vlan_group() may return NULL and the code path in br_fdb_delete_locals_per_vlan_port() / br_fdb_insert_locals_per_vlan_port() dereferences a NULL vlan group pointer. Connec...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37410

In the Linux kernel, the following vulnerability has been resolved: bridge: guard local VLAN-0 FDB helpers against NULL vlan group When CONFIG BRIDGE VLAN FILTERING is not set, br vlan group and nbp vlan group return NULL br private.h stub definitions. The BR BOOLOPT FDB LOCAL VLAN 0 toggle code ...

5.8AI score0.00121EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2026/05/05 12:0 a.m.18 views

VulnCheck KEV: CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

6.9CVSS5.4AI score0.00836EPSS
In wildExploits1References4
Arista
Arista
added 2026/05/05 12:0 a.m.33 views

Security Advisory 0137

Security Advisory 0137 PDF Date: May 5, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 5, 2026 | Initial release 1.1 | May 7, 2026 | Clarified 7280R3, 7500R3 and 7800R3 exposure is limited 1.2 | May 13, 2026 | Updated Mitigation section with a note of caution 1.3 | May 20, 2026 | Updated...

6.9CVSS5.7AI score0.00836EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.19 views

PT-2026-46983

Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description On platforms running Arista EOS with tunnel decapsulation configurations—such as VXLAN Virtual Extensible LAN, decap-groups, or GRE Generic Routing Encapsulation tunnel interfaces—the swit...

6.9CVSS6AI score0.00836EPSS
Exploits1References33
Cvelist
Cvelist
added 2026/05/04 4:43 p.m.35 views

CVE-2025-47403 Buffer Over-read in WLAN Firmware

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming...

6.5CVSS0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.15 views

PT-2026-36676

Name of the Vulnerable Software and Affected Versions Shenzhen Libituo Technology LBT-T300-HW1 versions prior to 1.2.8 Description A remote buffer overflow can occur due to the manipulation of the Channel/ApCliSsid argument in the start lan function within the '/apply.cgi' endpoint. A buffer...

9CVSS7.7AI score0.00702EPSS
Exploits0References15
GithubExploit
GithubExploit
added 2026/04/30 4:31 a.m.140 views

Exploit for Improper Authentication in Microsoft

CVE-2026-24294 - Local NTLM Reflection LPE via SMB Arbitrary P...

7.8CVSS5.6AI score0.02762EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/29 1:50 p.m.6 views

CVE-2026-32952

A flaw was found in the go-ntlmssp package. A remote attacker could exploit this vulnerability by sending a specially crafted NTLM NT LAN Manager challenge message. This malicious message can trigger a slice out of bounds panic, leading to a Denial of Service DoS by crashing any Go process that...

7.5CVSS5.4AI score0.01027EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.5 views

Juniper Junos OS Vulnerability (JSA75734)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75734 advisory. - An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows a network-based,...

7.5CVSS5.5AI score0.00538EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/26 1:52 a.m.9 views

SUSE CVE-2026-31684

In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...

6.5CVSS5.5AI score0.00117EPSS
Exploits0References19
Rows per page
Query Builder