Lucene search
+L

1605 matches found

euvd
euvd
added 2026/07/02 2:50 p.m.6 views

EUVD-2026-41395

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...

8.6CVSS5.8AI score0.00382EPSS
Exploits0References1
nuclei
nuclei
added 2026/07/01 3:36 a.m.33 views

EyesOfNetwork - Hardcoded API Key

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token. id: CVE-2020-8657 info: name:...

9.8CVSS7.3AI score0.91874EPSS
Exploits4References2
cve
cve
added 2026/06/30 10:39 p.m.44 views

CVE-2026-14079

CVE-2026-14079 affects Google Chrome (Chromium) due to insufficient policy enforcement in Network handling, allowing a crafted HTML page to bypass the same-origin policy before version 150.0.7871.47. Affected: Chrome/Chromium network policy enforcement; Root cause: insufficient policy enforcement...

4.3CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2026/06/30 10:38 p.m.5 views

CVE-2026-14001

Inappropriate implementation in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS6AI score0.00171EPSS
Exploits0
cve
cve
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13876

CVE-2026-13876 involves an inappropriate implementation in the Network stack of Google Chrome before version 150.0.7871.47 . The issue allows an attacker with a privileged network position to bypass the page content Security Policy (CSP) through malicious network traffic. The connected documents ...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References2Affected Software1
redhat
redhat
added 2026/06/29 6:26 p.m.12 views

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.6CVSS6.8AI score0.00478EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2026/06/28 1:32 a.m.14 views

CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

6.9CVSS5.9AI score0.00278EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/24 6:10 p.m.33 views

CVE-2026-12760 Denial-of-Service Vulnerability via Malformed IPv4 Fragmentation Handling in TP-Link Tapo C200

A denial-of-service DoS vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets. An unauthenticated adjacent attacker can send crafted packets to cause excessive resource consumption, leading to instability of the...

7.1CVSS0.00222EPSS
Exploits0References3
osv
osv
added 2026/06/24 9:59 a.m.4 views

SUSE-SU-2026:22411-1 Security update for the Linux Kernel RT (Live Patch 20 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-42.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-3150...

9.8CVSS6.7AI score0.03663EPSS
Exploits25References18
euvd
euvd
added 2026/06/24 3:34 a.m.9 views

EUVD-2026-38647

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS6.2AI score0.00427EPSS
Exploits0References2
osv
osv
added 2026/06/22 5:39 a.m.3 views

BIT-DOTNET-2026-45591 ASP.NET Core Denial of Service Vulnerability

Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References22
nvd
nvd
added 2026/06/17 10:54 a.m.10 views

CVE-2026-46885

Vulnerability in the Siebel CRM Integration product of Oracle Siebel CRM component: EAI. Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel CRM Integration. Successful attacks of thi...

8.8CVSS0.00403EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/16 12:0 a.m.24 views

PT-2026-50000

Name of the Vulnerable Software and Affected Versions Oracle JD Edwards EnterpriseOne General Ledger version 9.2 Description A flaw in the E1 Foundation component allows a low-privileged attacker with network access via SMB Server Message Block, a network file sharing protocol to compromise the...

9.9CVSS5.8AI score0.00301EPSS
Exploits0References4
nvd
nvd
added 2026/06/15 8:16 p.m.9 views

CVE-2026-38063

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionradioonwithiaapn via the ia parameter...

9.8CVSS0.01046EPSS
Exploits0References1
debiancve
debiancve
added 2026/06/12 2:39 p.m.14 views

CVE-2026-48043

Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the DelegatingDecompressorFrameListener class orchestrates HTTP/2 decompression by embedding a per-stream EmbeddedChannel that runs the...

7.5CVSS5.3AI score0.00594EPSS
Exploits0
osv
osv
added 2026/06/11 10:16 p.m.5 views

DEBIAN-CVE-2026-12012

Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

8.1CVSS5.4AI score0.00225EPSS
Exploits0References1
nessus
nessus
added 2026/06/10 12:0 a.m.19 views

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2293)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...

9.8CVSS6.7AI score0.96267EPSS
Exploits232References84
mscve
mscve
added 2026/06/09 2:0 p.m.12 views

Remote Desktop Client Remote Code Execution Vulnerability

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS7.2AI score0.00461EPSS
Exploits0
euvd
euvd
added 2026/06/09 12:33 a.m.18 views

EUVD-2026-35251

Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

9.6CVSS6AI score0.00337EPSS
Exploits0References3
amazon
amazon
added 2026/06/08 12:0 a.m.11 views

Important: dotnet9.0

Issue Overview: Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. CVE-2026-32177 Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2026-42899 Affected Packages:...

7.5CVSS5.7AI score0.0243EPSS
Exploits0
Rows per page
Query Builder