106 matches found
Authentication Bypass
Milvus is vulnerable to Authentication Bypass. The vulnerability is due to unauthenticated exposure of the management port 9091 and use of a weak predictable token for the /expr debug endpoint, allowing attackers to access REST API operations, execute arbitrary expressions, and perform unauthoriz...
K000160972: BIG-IP and BIG-IQ privilege escalation vulnerability CVE-2026-32643
Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. CVE-2026-32643 Impact This vulnerability may allow...
K000160981: iControl REST and tmsh vulnerability CVE-2026-40698
Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell tmsh resulting in privilege escalation...
EUVD-2026-22310
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port...
EUVD-2026-22203
A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client...
CVE-2026-33728
dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior to 1.60.2, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker with network access ...
CVE-2026-33728
dd-trace-java (Datadog APM for Java) versions 0.40.0 through before 1.60.2 contain an unsafe RMI instrumentation endpoint that deserializes data without serialization filters. On JDK 16 and earlier, an attacker with network access to a configured JMX/RMI port on an instrumented JVM could potentia...
F5 BIG-IP Elevation of Privilege Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. An elevation of privilege vulnerability exists in the BIG-IP's iControl REST and TMOS Shell tmsh modules. The vulnerability...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. An elevation of privilege vulnerability exists in the BIG-IP's iControl REST and TMOS Shell tmsh modules. The vulnerability...
EUVD-2011-1904
Malware in sbrugna...
EUVD-2002-0597
Malware in sbrugna...
EUVD-2003-0960
Malware in sbrugna...
EUVD-2017-15200
Malware in sbrugna...
EUVD-2019-13058
Malware in sbrugna...
EUVD-2019-16223
Malware in sbrugna...
PT-2025-38490
Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a proprietary protocol on TCP port 1069 for management operations, including modifying system properties. The user managemen...
CVE-2025-10364 Unauthenticated Arbitrary Command Injection in Evertz SDVN
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...
CVE-2025-8831
A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function remoteManagement of the file /goform/remoteManagement. The manipulation of the argument portNumber leads to stack-based buffer overflow. It is possible to initiate the...
CVE-2025-20324
In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or overwrite system source type configurations by...
CVE-2025-20324 Improper Access Control in System Source Types Configuration in Splunk Enterprise
In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or overwrite system source type configurations by...