Lucene search
+L

851 matches found

Vulnrichment
Vulnrichment
added 2026/05/12 7:9 p.m.6 views

CVE-2026-44863 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS6.2AI score0.00315EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:8 p.m.9 views

CVE-2026-44862

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS6.2AI score0.00315EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/12 7:8 p.m.35 views

CVE-2026-44862 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS0.00315EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:6 p.m.12 views

CVE-2026-44861

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS6.2AI score0.00315EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 7:5 p.m.8 views

CVE-2026-44860 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS6.2AI score0.00315EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40372

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS6.2AI score0.00315EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-40371

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS6.2AI score0.00315EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40374

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS6.2AI score0.00315EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 6:30 p.m.10 views

EUVD-2026-27857

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco 350 Series Managed Switches SG350 and Cisco 350X Series Stackable Managed Switches SG350X firmware could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...

7.7CVSS5.9AI score0.00389EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 4:15 p.m.6 views

CVE-2026-20185 Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vunerability

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco 350 Series Managed Switches SG350 and Cisco 350X Series Stackable Managed Switches SG350X firmware could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...

7.7CVSS5.9AI score0.00389EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 4:15 p.m.86 views

CVE-2026-20185

Cisco SG350 and SG350X Series Managed Switches are affected by a vulnerability in the SNMP subsystem (CVE-2026-20185). The issue stems from improper error handling when parsing response data for a specific SNMP request, which could allow an authenticated, remote attacker to cause a DoS condition ...

7.7CVSS5.9AI score0.00389EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 4:15 p.m.7 views

CVE-2026-20185

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco 350 Series Managed Switches SG350 and Cisco 350X Series Stackable Managed Switches SG350X firmware could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...

7.7CVSS5.9AI score0.00389EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.16 views

PT-2026-37654

Name of the Vulnerable Software and Affected Versions Cisco 350 Series Managed Switches SG350 affected versions not specified Cisco 350X Series Stackable Managed Switches SG350X affected versions not specified Description An issue in the Simple Network Management Protocol SNMP subsystem occurs du...

7.7CVSS5.8AI score0.00389EPSS
Exploits0References12
OSV
OSV
added 2026/04/30 10:40 a.m.11 views

CLSA-2026-1777545654 cups: Fix of CVE-2026-41079

CVE-2026-41079: limit numbytes for SNMP string values to prevent out-of-bounds read in asn1decodesnmp...

5.4CVSS5.8AI score0.00409EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:1 a.m.9 views

OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users

...

5.4CVSS5.2AI score0.00409EPSS
Exploits1
EUVD
EUVD
added 2026/04/24 4:54 p.m.10 views

EUVD-2026-25574

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

4.3CVSS5.3AI score0.00409EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/24 4:54 p.m.44 views

CVE-2026-41079 OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

4.3CVSS0.00409EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:4 a.m.3 views

CVE-2026-35064

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

8.7CVSS5.8AI score0.00462EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/24 12:4 a.m.3 views

CVE-2026-35064 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

8.7CVSS5.2AI score0.00462EPSS
Exploits0References3
CVE
CVE
added 2026/04/24 12:4 a.m.19 views

CVE-2026-35064

CVE-2026-35064 concerns SenseLive X3050’s management ecosystem. The vulnerability allows unauthenticated discovery of deployed units via the vendor’s management protocol, enabling an attacker on the same network segment to identify device presence, identifiers, and management interfaces because d...

8.7CVSS5.8AI score0.00462EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder