Lucene search
K

1229 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/03 9:26 p.m.2 views

CVE-2026-1341

Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...

9.3CVSS5.3AI score0.00494EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/03 9:26 p.m.3 views

CVE-2026-1341 Missing Authentication for Critical Function in Avation Light Engine Pro

Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...

9.3CVSS5.3AI score0.00494EPSS
Exploits0References3
ICS
ICS
added 2026/02/03 7:0 a.m.5 views

*Avation Light Engine Pro *

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take full control of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

9.3CVSS5.6AI score0.00494EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Avation Light Engine Pro 访问控制错误漏洞

Avation Light Engine Pro is a high-performance search and navigation enhancement plugin developed by the Australian company Avation. Avation Light Engine Pro has a security vulnerability related to access control. This vulnerability arises from the fact that its configuration and control interfac...

9.3CVSS5.8AI score0.00494EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/29 10:13 p.m.5 views

WordPress Light Poll plugin <= 1.0.0 - Polls Deletion via CSRF vulnerability

Polls Deletion via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin Light Poll versions = 1.0.0...

6.5CVSS5.9AI score0.0027EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/01/27 10:15 a.m.5 views

AZL-76352 CVE-2026-24829 affecting package fltk 1.3.8-1

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4...

6.5CVSS5.8AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/27 9:23 a.m.22 views

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

7.2CVSS5.6AI score0.15138EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 9:15 a.m.8 views

AZL-75833 CVE-2026-24799 affecting package fltk 1.3.5-4

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in davisking dlib dlib/external/zlib modules. This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9...

5.2CVSS5.7AI score0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 9:15 a.m.4 views

AZL-75818 CVE-2026-24799 affecting package fltk 1.3.8-1

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in davisking dlib dlib/external/zlib modules. This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9...

5.2CVSS5.8AI score0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 5:16 a.m.4 views

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

7.2CVSS5.6AI score0.15138EPSS
Exploits1References5
NVD
NVD
added 2026/01/26 5:16 a.m.9 views

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

7.2CVSS0.15138EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/26 4:32 a.m.4 views

CVE-2026-1419 D-Link DCS700l Web Form setDayNightMode command injection

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

5.8CVSS5.6AI score0.15138EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.7 views

PT-2026-4722

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

5.8CVSS5.6AI score0.15138EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.8 views

D-Link DCS700l command injection vulnerability

The D-Link DCS700l is a wireless cloud network camera from D-Link Corporation. The D-Link DCS700l version 1.03.09 has a command injection vulnerability. This vulnerability stems from incorrect operations on the parameter “LightSensorControl” in the file /setDayNightMode, which may lead to command...

7.2CVSS5.8AI score0.15138EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.6 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004877)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004877 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028remove The driver use the non-managed form of th...

5.5CVSS7AI score0.00194EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: fltk (CVE-2016-10087)

The version of fltk installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2016-10087 advisory. - The pngsettext2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before...

7.5CVSS5.7AI score0.05517EPSS
Exploits0References2
CNVD
CNVD
added 2026/01/19 12:0 a.m.3 views

WordPress Gotham Block Extra Light plugin cross-site scripting vulnerability

The WordPress Gotham Block Extra Light plugin is a tool for detecting if ad blocking software such as AdBlock is enabled in a visitor's browser. The WordPress Gotham Block Extra Light plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective...

4.4CVSS6AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/15 6:21 a.m.5 views

CVE-2025-15020

The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...

6.5CVSS6AI score0.00307EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/14 1:23 p.m.6 views

WordPress Gotham Block Extra Light plugin <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' Shortcode vulnerability

Authenticated Contributor+ Arbitrary File Read via 'ghostban' Shortcode vulnerability discovered by 0x34rth in WordPress Plugin Gotham Block Extra Light versions = 1.5.0...

6.5CVSS7AI score0.00307EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/01/14 6:15 a.m.8 views

CVE-2025-15020

The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...

6.5CVSS0.00307EPSS
Exploits0References3
Rows per page
Query Builder