Lucene search
+L

1581 matches found

Cvelist
Cvelist
added yesterday7 views

CVE-2026-47184 Zeroconf: Unbounded DNS record cache allows LAN-local memory exhaustion via multicast flood

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.7, DNSCache.asyncadd inserted every response record into cache, expirations, expireheap, and servicecache without a cap, allowing unauthenticated hosts on the local link over UDP/5353 224.0.0.251 / ff02::f...

6.5CVSS0.00023EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday10 views

UniFi Network Application - Path Traversal

UniFi Network Application contains a path traversal vulnerability allowing a network attacker to access and manipulate files on the underlying system, potentially leading to account access, exploit requires network access. id: CVE-2026-22557 info: name: UniFi Network Application - Path Traversal...

10CVSS8.6AI score0.15601EPSS
Exploits3References4
NVD
NVD
added 4 days ago3 views

CVE-2026-55054

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network...

6.5CVSS0.00623EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago4 views

EUVD-2026-44278

Access of resource using incompatible type 'type confusion' in .NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS6.1AI score0.01099EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-9653

The vulnerability CVE-2026-9653 affects Rockwell Automation 1756-EN2, EN3, and ENBT communication modules. It stems from improper validation of CIP Implicit Connection packets, enabling network-remote denial-of-service when an attacker sends crafted packets; device connections recover immediately...

8.7CVSS6.1AI score0.00178EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 4 days ago6 views

Remote Desktop Client Remote Code Execution Vulnerability

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

8.8CVSS6.2AI score0.00625EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago4 views

Windows Remote Access Service Infrastructure Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows Remote Access Service Infrastructure allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.2AI score0.00851EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago4 views

Windows DHCP Server Remote Code Execution Vulnerability

Double free in Windows DHCP Server allows an authorized attacker to execute code over a network...

7.5CVSS6.2AI score0.00618EPSS
Exploits0
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43604

EIPStackGroup OpENer 2.3.0 commit 76b95cf suffers from an Incorrect Access Control vulnerability in its handling of encapsulation sessions. When the server processes critical encapsulation commands, it verifies whether the provided sessionhandle exists in the global session list, but it fails to...

9.1CVSS6.1AI score0.00379EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago4 views

PT-2026-58489

Name of the Vulnerable Software and Affected Versions Windows Remote Access Connection Manager affected versions not specified Description A use-after-free condition exists in the Windows Remote Access Connection Manager RasMan. This flaw allows an authorized attacker to elevate privileges over a...

8.8CVSS6.3AI score0.00617EPSS
Exploits0References5
CVE
CVE
added 2026/07/09 9:8 p.m.12 views

CVE-2026-57028

CVE-2026-57028 affects Juniper Networks Junos OS Evolved. An incorrectly initialized process meant to communicate only internally can be reached over the network via an open port, enabling an unauthenticated, network-based attacker to gain unauthorized access to license management. Affected scope...

7.3CVSS5.9AI score0.00301EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/09 7:1 p.m.7 views

CVE-2026-0283

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS6AI score0.00338EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/08 8:43 p.m.7 views

EUVD-2026-42401

Improper access control in Microsoft Edge Chromium-based allows an unauthorized attacker to bypass a security feature over a network...

8.2CVSS5.9AI score0.00362EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 4:12 p.m.39 views

CVE-2026-40138 Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance...

9.2CVSS0.00417EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.12 views

PT-2026-55950

Name of the Vulnerable Software and Affected Versions BeyondTrust Remote Support and Privileged Remote Access versions prior to 26.2.1 BeyondTrust Remote Support and Privileged Remote Access versions prior to 25.3.3 Description A critical pre-authentication flaw exists in the authentication...

9.2CVSS6.2AI score0.00417EPSS
Exploits0References23
NVD
NVD
added 2026/07/03 9:17 p.m.9 views

CVE-2026-58295

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to bypass a security feature over a network...

8.3CVSS0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/07/03 6:48 a.m.8 views

CVE-2026-54891

A flaw was found in Erlang's SSL Secure Sockets Layer component. A network-positioned attacker can exploit this vulnerability by injecting unauthenticated plaintext data into a client's TLS Transport Layer Security handshake. The client application may then process this injected data as if it wer...

6.3CVSS5.9AI score0.00135EPSS
Exploits0References8
NVD
NVD
added 2026/07/02 3:17 p.m.8 views

CVE-2026-56841

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device...

8.8CVSS0.00249EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.7 views

CVE-2026-55116

A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

9.8CVSS0.00229EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.9 views

CVE-2026-55112

A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device...

8.8CVSS0.00198EPSS
Exploits0References1
Rows per page
Query Builder