Lucene search
K

7112 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.14 views

SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21845-1)

The remote SUSE Linux SLES16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21845-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058:...

9.8CVSS7AI score0.0138EPSS
Exploits19References659
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47367

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description A race condition exists in the KVM x86 component between vmx sync pir to irr on a target vCPU and vmx deliver posted interru...

5.4AI score0.00457EPSS
Exploits1References62
GithubExploit
GithubExploit
added 2026/06/06 5:54 p.m.91 views

zoneminder-rce-poc

just wait and see Proof of concept for an OS command injectio...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.8 views

CVE-2026-34579

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior are vulnerable to Authorization Bypass through the private issue monitoring feature . Using a crafted POST request to bugmonitoradd.php, a user with project-level access can add themselves as a monitor for a...

5.3CVSS5.4AI score0.00363EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.8 views

CVE-2026-8305

A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component bluebubbles Webhook. Performing a manipulation results in improper authentication. It is possible to...

9.8CVSS6.7AI score0.00636EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.27 views

RecurGuard: Runtime Monitoring for Reasoning-Token Consumption Attacks

Reasoning-capable large language models can be induced to spend their generation budget on injected decoy tasks rather than answering the user's question, causing denial of service when no final answer is produced and denial of wallet when excess output tokens are billed. Input-side safety...

5.6AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 1:40 a.m.8 views

CVE-2026-41860

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelpercreateasyncendpoint and sendhttpgetrequestsynchronous hard-code OpenSSL::SSL::VERIFYNONE, enabling an attacker to intercept traffic between bosh-monitor and the BOSH...

8.8CVSS5.8AI score0.00074EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.10 views

PT-2026-45983

Dräger SC Monitoring devices SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot the monitor by sending a malformed network packet. Attackers can repeatedly send such malformed packet...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: powerz Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the...

5.5CVSS6AI score0.00122EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 9:1 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by prototype pollution vulnerability due to immutable CVE-2026-29063. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability...

9.8CVSS6.8AI score0.00978EPSS
Exploits1Affected Software1
EUVD
EUVD
added 2026/06/02 12:31 a.m.11 views

EUVD-2019-20154

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

8.6CVSS5.8AI score0.00118EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 12:31 a.m.11 views

EUVD-2019-20153

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet. Attackers can repeatedly send malformed network packets to disrupt patient monitoring until the...

7.1CVSS5.8AI score0.00413EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.4 views

Dräger Infinity M300 资源管理错误漏洞

The Dräger Infinity M300 is a wearable telemetry patient monitoring device developed by the German company Dräger. The Dräger Infinity M300 patient monitoring devices, including the VG2.x version and earlier versions, have a resource management vulnerability. This vulnerability stems from a...

7.1CVSS5.4AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.4 views

Dräger SC Monitoring devices 信任管理问题漏洞

The Dräger SC Monitoring devices are a series of clinical vital signs monitoring devices produced by the German company Dräger. The Dräger SC Monitoring devices have a vulnerability related to trust management. This vulnerability stems from hard-coded plaintext credentials in the source code, alo...

7.6CVSS5.5AI score0.00193EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 11:16 p.m.12 views

CVE-2019-25718

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

8.6CVSS0.00118EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/01 9:41 p.m.8 views

CVE-2019-25718 Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

8.6CVSS5.8AI score0.00118EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:41 p.m.5 views

CVE-2019-25718

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause...

8.6CVSS5.8AI score0.00118EPSS
Exploits0References4
CVE
CVE
added 2026/06/01 9:41 p.m.16 views

CVE-2019-25718

Affected product: Dräger Infinity Explorer C700. Vulnerability: privilege escalation allowing kiosk-mode escape to reach the underlying OS via a specific dialog interaction. Impact: attacker can break out of kiosk mode, gain OS control, and cause the Delta Family patient monitor display to show i...

8.6CVSS5.8AI score0.00118EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 2:5 p.m.16 views

Nezha's authenticated agents can forge service-monitor results for other users' services

Summary Nezha accepts service-monitor TaskResult messages from an authenticated agent based only on whether the reported service ID exists. The dashboard authenticates the agent and derives the reporter server ID from the gRPC stream, but the service-monitor result worker does not verify that the...

7.1CVSS5.8AI score0.00266EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/01 2:5 p.m.12 views

GHSA-4G6J-G789-RGHM Nezha's authenticated agents can forge service-monitor results for other users' services

Summary Nezha accepts service-monitor TaskResult messages from an authenticated agent based only on whether the reported service ID exists. The dashboard authenticates the agent and derives the reporter server ID from the gRPC stream, but the service-monitor result worker does not verify that the...

7.1CVSS5.8AI score0.00266EPSS
Exploits0References4
Rows per page
Query Builder