CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

97 matches found

EUVD•added 2026/04/10 12:30 a.m.•3 views

EUVD-2026-21195

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the configured firewall filter and access the control-plane of the device. On MX platform...

6.9CVSS5.9AI score0.00039EPSS

Exploits0References2

Positive Technologies•added 2026/04/10 12:0 a.m.•1 views

PT-2026-31905

Name of the Vulnerable Software and Affected Versions Synology SSL VPN Client versions prior to 1.4.5-0684 Description A flaw exists in Synology SSL VPN Client that allows remote attackers to access files within the installation directory. This is achieved by leveraging a local HTTP server bound ...

6.5CVSS5.8AI score0.00033EPSS

Exploits0References5

NVD•added 2026/04/09 10:16 p.m.•1 views

CVE-2026-33774

6.9CVSS0.00039EPSS

Exploits0References1

CVE•added 2026/04/09 9:34 p.m.•13 views

CVE-2026-33774

CVE-2026-33774 affects Junos OS on Juniper MX Series (MPC10/11, LC4800/LC9600 line cards and MX304). An improper check allows an unauthenticated, network-based attacker to bypass firewall filters applied to loopback interfaces lo0.n (n != 0) that are in the default routing instance, enabling pote...

6.9CVSS5.9AI score0.00039EPSS

Exploits0References1

ATTACKERKB•added 2026/04/09 9:34 p.m.•2 views

CVE-2026-33774

6.9CVSS5.9AI score0.00039EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/04/09 9:34 p.m.•18 views

CVE-2026-33774 Junos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are not in effect

6.9CVSS0.00039EPSS

Exploits0References1

Positive Technologies•added 2026/04/09 12:0 a.m.•2 views

PT-2026-31798

6.9CVSS5.9AI score0.00039EPSS

Exploits0References3

Vulnrichment•added 2026/03/21 12:42 a.m.•1 views

CVE-2026-32064 OpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC Observer

OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attackers on the host loopback interface can connect to the exposed noVNC port to observe or interact wi...

8.5CVSS5.8AI score0.00031EPSS

Exploits0References4

CVE•added 2026/03/18 1:34 a.m.•4 views

CVE-2026-22174

OpenClaw: Affected software is OpenClaw versions prior to 2026.2.22. The root cause is that the x-OpenClaw-relay-token header is injected into Chrome CDP probe traffic on loopback interfaces, enabling local processes to capture the Gateway authentication token. An attacker controlling a loopback ...

6.8CVSS5.8AI score0.00028EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/03/18 1:34 a.m.•2 views

CVE-2026-22174 OpenClaw < 2026.2.22 - Gateway Token Disclosure via Chrome CDP Probe

OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token. An attacker controlling a loopback port can intercept CDP reachability probes to the...

6.8CVSS5.8AI score0.00028EPSS

Exploits0References3

ATTACKERKB•added 2026/03/18 1:34 a.m.•1 views

CVE-2026-22174

5.9CVSS5.8AI score0.00028EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 12:25 p.m.•4 views

CVE-2018-12301

Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost...

7.5CVSS6.9AI score0.00316EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28588

Malware in sbrugna...

5.5CVSS5.5AI score0.00051EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-15844

Malware in sbrugna...

7.7CVSS8.4AI score0.00175EPSS

Exploits0References3