Lucene search
K

131 matches found

vulnersOsv
vulnersOsv
added 2026/02/25 10:42 p.m.9 views

create-momentum-app (>=0.1.2 <=0.5.0) potentially affected by CVE-2026-27739 via @angular/ssr (=21.1.2)

@angular/ssr NPM version =21.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - create-momentum-app =0.1.2, =0.5.0 Source cves: CVE-2026-27739 Source advisory: SNYK:JS-ANGULARSSR-15357314...

9.2CVSS7.4AI score0.00497EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/25 10:42 p.m.9 views

create-momentum-app (>=0.1.2 <=0.5.0) potentially affected by CVE-2026-27739 via @angular/ssr (=21.1.2)

@angular/ssr NPM version =21.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - create-momentum-app =0.1.2, =0.5.0 Source cves: CVE-2026-27739 Source advisory: OSV:GHSA-X288-3778-4HHX...

9.2CVSS7.4AI score0.00497EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/25 10:41 p.m.7 views

create-momentum-app (>=0.1.2 <=0.5.0) potentially affected by CVE-2026-27738 +1 more via @angular/ssr (=21.1.2)

@angular/ssr NPM version =21.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - create-momentum-app =0.1.2, =0.5.0 Source cves: CVE-2026-27738, CVE-2026-33397 Source advisory: OSV:GHSA-XH43-G2FQ-WJRJ...

6.9CVSS5.8AI score0.00302EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/25 10:41 p.m.13 views

create-momentum-app (>=0.1.2 <=0.5.0) potentially affected by CVE-2026-27738 via @angular/ssr (=21.1.2)

@angular/ssr NPM version =21.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - create-momentum-app =0.1.2, =0.5.0 Source cves: CVE-2026-27738 Source advisory: SNYK:JS-ANGULARSSR-15357598...

6.9CVSS5.8AI score0.00302EPSS
Exploits0
NVD
NVD
added 2026/02/12 11:16 p.m.6 views

CVE-2019-25333

Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit the vulnerability by sending crafted GET requests with multiple '../' sequences to read sensitive...

8.7CVSS0.00641EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/12 10:48 p.m.27 views

CVE-2019-25333 Bullwark Momentum Series JAWS 1.0 - 'Momentum Series JAWS' Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit the vulnerability by sending crafted GET requests with multiple '../' sequences to read sensitive...

8.7CVSS0.00641EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/12 10:48 p.m.3 views

CVE-2019-25333

Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit the vulnerability by sending crafted GET requests with multiple '../' sequences to read sensitive...

8.7CVSS5.5AI score0.00641EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/12 10:48 p.m.3 views

CVE-2019-25333 Bullwark Momentum Series JAWS 1.0 - 'Momentum Series JAWS' Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit the vulnerability by sending crafted GET requests with multiple '../' sequences to read sensitive...

8.7CVSS5.5AI score0.00641EPSS
Exploits0References3
CVE
CVE
added 2026/02/12 10:48 p.m.10 views

CVE-2019-25333

CVE-2019-25333 affects Bullwark Momentum Series JAWS 1.0. The issue is a directory traversal vulnerability where unauthenticated attackers can read sensitive files by manipulating HTTP request paths with multiple “../” sequences, potentially reading files such as “/etc/passwd” outside the web roo...

8.7CVSS5.5AI score0.00641EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.7 views

Bullwark Momentum Series JAWS 路径遍历漏洞

Bullwark Momentum Series JAWS is a server software for network video recorders developed by Bullwark Corporation. Version 1.0 of Bullwark Momentum Series JAWS contains a path traversal vulnerability; this vulnerability stems from HTTP requests that allow directory traversal, potentially leading t...

8.7CVSS7.3AI score0.00641EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.10 views

PT-2026-7932

Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit the vulnerability by sending crafted GET requests with multiple '../' sequences to read sensitive...

8.7CVSS5.5AI score0.00641EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/01/16 12:0 a.m.5 views

Predicting Tail-Risk Escalation in IDS Alert Time Series

Network defenders face a steady stream of attacks, observed as raw Intrusion Detection System IDS alerts. The sheer volume of alerts demands prioritization, typically based on high-level risk classifications. This work expands the scope of risk measurement by examining alerts not only through the...

5.6AI score
Exploits0
HackRead
HackRead
added 2026/01/14 12:0 p.m.8 views

GitGuardian Closes 2025 with Strong Enterprise Momentum, Protecting Millions of Developers Worldwide

New York, NY, 14th January 2026, CyberNewsWire...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.9 views

CVE-2018-12258

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Custom Firmware Upgrade is possible via an SD Card. With physical access, an attacker can upgrade the firmware in under 60 seconds by inserting an SD card containing the firmware with name 'ezviz.dav' and rebooting...

7.2CVSS7AI score0.00454EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.8 views

CVE-2018-12259

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise...

7.2CVSS7AI score0.0043EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.10 views

CVE-2018-12323

An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console...

7.2CVSS7.2AI score0.0043EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.6 views

CVE-2018-12260

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices...

6.7CVSS7.2AI score0.00376EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:24 p.m.7 views

CVE-2018-12257

An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL validation by changing the nameservers in...

4.4CVSS6.9AI score0.0035EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.6 views

CVE-2021-22790

A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU part numbers BMEP and BMEH, all versions, Modicon M340 CPU part...

6.5CVSS6.8AI score0.00832EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.6 views

CVE-2021-22789

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU part numbers BM...

6.5CVSS6.8AI score0.00832EPSS
Exploits0References1
Rows per page
Query Builder