Lucene search
K

106 matches found

Veracode
Veracode
added 2026/05/15 11:2 a.m.14 views

Authentication Bypass

Milvus is vulnerable to Authentication Bypass. The vulnerability is due to unauthenticated exposure of the management port 9091 and use of a weak predictable token for the /expr debug endpoint, allowing attackers to access REST API operations, execute arbitrary expressions, and perform unauthoriz...

9.8CVSS6.1AI score0.27661EPSS
Exploits1References4Affected Software1
F5 Networks
F5 Networks
added 2026/05/13 12:43 p.m.13 views

K000160972: BIG-IP and BIG-IQ privilege escalation vulnerability CVE-2026-32643

Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. CVE-2026-32643 Impact This vulnerability may allow...

8.7CVSS5.9AI score0.00156EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
added 2026/05/13 12:20 p.m.11 views

K000160981: iControl REST and tmsh vulnerability CVE-2026-40698

Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell tmsh resulting in privilege escalation...

8.7CVSS5.4AI score0.00235EPSS
Exploits0Affected Software12
EUVD
EUVD
added 2026/04/14 6:30 p.m.4 views

EUVD-2026-22310

CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port...

6.9CVSS5.8AI score0.00271EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 1:49 a.m.3 views

EUVD-2026-22203

A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client...

9.8CVSS6.4AI score0.00739EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:25 a.m.1 views

CVE-2026-33728

dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior to 1.60.2, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker with network access ...

9.3CVSS6AI score0.00622EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/03/27 12:25 a.m.23 views

CVE-2026-33728

dd-trace-java (Datadog APM for Java) versions 0.40.0 through before 1.60.2 contain an unsafe RMI instrumentation endpoint that deserializes data without serialization filters. On JDK 16 and earlier, an attacker with network access to a configured JMX/RMI port on an instrumented JVM could potentia...

9.8CVSS6AI score0.00622EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2025/10/17 12:0 a.m.3 views

F5 BIG-IP Elevation of Privilege Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. An elevation of privilege vulnerability exists in the BIG-IP's iControl REST and TMOS Shell tmsh modules. The vulnerability...

9.1CVSS7.6AI score0.00359EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.6 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. An elevation of privilege vulnerability exists in the BIG-IP's iControl REST and TMOS Shell tmsh modules. The vulnerability...

9.1CVSS7.5AI score0.00359EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-1904

Malware in sbrugna...

5CVSS6.4AI score0.01064EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0597

Malware in sbrugna...

5CVSS6.4AI score0.01855EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2003-0960

Malware in sbrugna...

5CVSS6.4AI score0.0124EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-15200

Malware in sbrugna...

7.8CVSS7.6AI score0.01637EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-13058

Malware in sbrugna...

5.7CVSS5.8AI score0.00519EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-16223

Malware in sbrugna...

7.5CVSS7.5AI score0.00872EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.7 views

PT-2025-38490

Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a proprietary protocol on TCP port 1069 for management operations, including modifying system properties. The user managemen...

8.6CVSS6.4AI score0.00184EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/12 1:48 p.m.10 views

CVE-2025-10364 Unauthenticated Arbitrary Command Injection in Evertz SDVN

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

9.3CVSS0.06325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/13 5:29 a.m.7 views

CVE-2025-8831

A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function remoteManagement of the file /goform/remoteManagement. The manipulation of the argument portNumber leads to stack-based buffer overflow. It is possible to initiate the...

9CVSS7.2AI score0.00871EPSS
Exploits1References1
OSV
OSV
added 2025/07/07 6:15 p.m.6 views

CVE-2025-20324

In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or overwrite system source type configurations by...

5.4CVSS5.8AI score0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/07 5:48 p.m.2 views

CVE-2025-20324 Improper Access Control in System Source Types Configuration in Splunk Enterprise

In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or overwrite system source type configurations by...

5.4CVSS7.1AI score0.00221EPSS
Exploits0References1
Rows per page
Query Builder