Lucene search
K

126533 matches found

Cvelist
Cvelist
added 2026/06/17 3:5 p.m.19 views

CVE-2026-35068

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure...

3.5CVSS0.00192EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 3:5 p.m.24 views

CVE-2026-35068

The CVE-2026-35068 entry affects Dell PowerFlex Manager and describes an SQL Injection vulnerability caused by improper neutralization of special elements in SQL commands. A low-privileged attacker with adjacent network access could potentially exploit this to achieve an information disclosure. P...

5.7CVSS5.9AI score0.00192EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/17 2:53 p.m.9 views

EUVD-2026-37735

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

5.7CVSS5.3AI score0.0015EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 2:53 p.m.17 views

CVE-2026-35067

Technical details (affected product/component/version, root cause, impact, fixes) are not publicly available in the provided documents. Monitor for updates from Dell and CVE trackers.

8CVSS5.9AI score0.0015EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/17 2:53 p.m.8 views

CVE-2026-35067

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

5.7CVSS5.9AI score0.0015EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/17 2:42 p.m.4 views

CVE-2026-35065

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure,...

8.8CVSS5.9AI score0.00334EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/17 2:36 p.m.20 views

CVE-2026-32804

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access...

8.1CVSS0.00216EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 2:36 p.m.17 views

CVE-2026-32804

This CVE concerns Dell PowerFlex Manager. Affected component: PowerFlex Manager (version(s) [Versions]). Vulnerability: Improper Authentication allowing an unauthenticated attacker with adjacent network access to potentially gain Unauthorized access. Evidence indicates a high-severity impact with...

8.1CVSS5.9AI score0.00216EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/17 2:36 p.m.8 views

EUVD-2026-37731

Dell PowerFlex Manager, versions Versions, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access...

8.1CVSS5.3AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 2:30 p.m.19 views

CVE-2026-49502

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access...

7.4CVSS0.0021EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 2:30 p.m.10 views

EUVD-2026-37729

Dell PowerFlex Manager, versions Versions, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access...

7.4CVSS5.3AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/17 2:30 p.m.10 views

CVE-2026-49502

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access...

7.4CVSS5.9AI score0.0021EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/17 2:8 p.m.12 views

NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint

Summary The spreadsheet-import endpoint axiosRequestMake could be used as a generic HTTP proxy. Before the fix it was reachable unauthenticated, and its URL-extension allowlist was a regex tested against the full URL string, so URLs whose query string ended in .csv for example...

6.9CVSS5.3AI score0.00295EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/17 1:24 p.m.5 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.3AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/06/17 1:24 p.m.5 views

kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...

7.8CVSS5.3AI score0.00227EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 1:20 p.m.7 views

CVE-2026-55706

sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...

5.8CVSS0.00211EPSS
Exploits0References4
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-27868

An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat in this case, NO registration action is required who has the vulnerable software could obtain privilege information by using the command Version via the path: /upgrade/query.php?cmd=p+3&3Bversion resulting in a...

6.9CVSS0.00394EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-27869

An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat in this case, NO registration action is required who has the vulnerable software could, with a Slow Loris attack, cause Denial of Service DoS on the web interface of the device. This issue affects Regesta Smart...

6.9CVSS0.00394EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 1:20 p.m.8 views

CVE-2026-27870

An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat in this case, registration action IS required who has the vulnerable software could, introduce arbitrary JavaScript by injecting a Cross-site Scripting XSS payload into the 'Hostname' field of the configuration...

4.8CVSS0.00293EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46972

Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS0.00301EPSS
Exploits0References1
Rows per page
Query Builder