Lucene search
K

1562 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.11 views

CVE-2026-34274

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successf...

6.1CVSS7.3AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.11 views

CVE-2026-49195

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.8CVSS5.8AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-44830

Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when APITOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS alloworigins="",...

8.7CVSS5.5AI score0.00215EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 12:17 a.m.5 views

DEBIAN-CVE-2026-11269

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Low...

7.1CVSS6AI score0.00102EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-10998

Out of bounds read in Media in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform an out of bounds memory read via malicious network traffic. Chromium security severity: Medium...

4CVSS5.5AI score0.00106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:6 p.m.8 views

CVE-2026-11269

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Low...

6AI score0.00102EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:6 p.m.8 views

CVE-2026-11269

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Low...

7.1CVSS6AI score0.00102EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/04 3:20 p.m.11 views

mysql: Information Schema unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/04 2:10 a.m.16 views

EUVD-2026-34195

Weak Randomness / Insecure Cryptographic Primitive CWE-338 in Get-RandomPassword in BOSH-Ecosystem / windows-utilities-release allows a network attacker to estimate VM boot time and reconstruct a small candidate list to recover the Administrator password. The randomizepassword job exists solely t...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 1:51 a.m.32 views

CVE-2026-41859

CVE-2026-41859 describes a man-in-the-middle between nats-sync and the BOSH director that can steal director credentials (Basic auth header or UAA client secret) and tamper with the VM list written into the NATS authorization file. Stolen credentials grant administrative director access. The issu...

7.8CVSS5.8AI score0.00098EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 12:0 a.m.30 views

CVE-2026-36602

CVE-2026-36602 affects the Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909. The issue arises in UPnP GetStatusInfo handling, which discloses kernel memory layout. An unauthenticated attacker on an adjacent network can obtain a raw MIPS KSEG0 kernel pointer, exposing kernel memory ...

4.3CVSS5.8AI score0.00166EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Siemens SENTRON PAC Out-of-bounds Read (CVE-2020-13987)

The TCP/IP stack uIP in affected devices is vulnerable to out-of-bounds read when calculating the checksum for IP packets. An attacker located in the same network could trigger a Denial-of-Service condition on the device by sending a specially crafted IP packet. This plugin only works with...

7.5CVSS6.9AI score0.03194EPSS
Exploits0References4
CVE
CVE
added 2026/06/02 9:22 p.m.17 views

CVE-2024-14036

Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 are affected by a denial-of-service vulnerability where specially crafted, unencrypted SDC discovery messages exhaust CPU resources. Network-adjacent attackers with hospital-network access can trigger high CPU load, causing subsequent SDC ...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
NVD
NVD
added 2026/05/29 1:16 p.m.23 views

CVE-2026-49324

Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...

4.6CVSS0.00174EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 12:39 p.m.14 views

CVE-2026-49316 Indian Scout Bobber 2025 WCM CAN bus-off attack silently bypasses anti-theft shutdown

Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the motorcycle's anti-theft shutdown by forcing the Wireless Control Module WCM into the CAN bus-off state. Using a well-known CAN...

4.6CVSS5.8AI score0.00181EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 12:39 p.m.10 views

CVE-2026-49316

Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the motorcycle's anti-theft shutdown by forcing the Wireless Control Module WCM into the CAN bus-off state. Using a well-known CAN...

4.6CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/29 12:32 p.m.14 views

EUVD-2026-33289

Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...

4.6CVSS5.8AI score0.00174EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 7:29 a.m.13 views

CVE-2026-49322

Weak authentication in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to recover the user-set unlock PIN by passively observing a single PIN authentication exchange. The...

4.3CVSS5.8AI score0.00103EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.14 views

CVE-2026-36539

Netis AC1200 Router NC21 V4.0.1.4296 exposes a CGI endpoint /cgi-bin/skkget.cgi that returns the entire router configuration as a JSON response with no authentication required. Any attacker on the LAN can send a single HTTP GET request and instantly retrieve administrator credentials, WiFi...

5.8AI score0.00358EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:59 p.m.17 views

CVE-2026-47672

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...

6.5CVSS5.9AI score0.00162EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder