Lucene search
+L

2028 matches found

Talos
Talos
added 2026/07/01 12:0 a.m.10 views

GeoVision GeoWebPlayer Websocket Server lack of authentication vulnerability

Summary A lack of authentication vulnerability exists in the Websocket Server functionality of GeoWebPlayer versions: 1.1.1.0. A specially crafted websocket connection can lead to execute priviledged operation. An attacker can stage a malicious webpage to trigger this vulnerability. Confirmed...

8.8CVSS5.9AI score0.00227EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.12 views

PT-2026-54744

Name of the Vulnerable Software and Affected Versions Guardian language-system affected versions not specified Description An unauthenticated remote attacker can execute arbitrary operating system commands on the server. This occurs because the application passes the id parameter from a GET reque...

9.8CVSS6.2AI score0.00549EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 11:39 p.m.5 views

BIT-ENVOY-2026-47775 Envoy OAuth2 Filter: Padding Oracle via AES-256-CBC Cookie Decryption

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt/decrypt functions use AES-256-CBC without an authentication tag no HMAC, no AEAD. The /callback endpoint returns HTTP 302 on...

6.8CVSS5.8AI score0.00219EPSS
Exploits1References2
CVE
CVE
added 2026/06/30 8:54 p.m.31 views

CVE-2026-44628

CVE-2026-44628 corresponds to an OFFIS DCMTK Toolkit Type Confusion issue. An unauthenticated attacker can crash the worklist server by sending a single crafted query when the server has a valid Called AE Title/storage directory, the expected lockfile, and at least one matching worklist record. T...

8.7CVSS5.8AI score0.00395EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-53901

Name of the Vulnerable Software and Affected Versions ColdFusion versions 2025.9 and earlier ColdFusion versions 2023.20 and earlier Description Improper input validation allows for arbitrary code execution in the context of the current user. This issue can be exploited without requiring any user...

10CVSS6.6AI score0.00855EPSS
Exploits0References18
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-543 Hugging Face smolagents: Unsafe deserialization in Remote Python Executor leads to RCE

Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face smolagents. Authentication is not required to exploit this...

10CVSS7.9AI score0.0083EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/27 6:50 a.m.7 views

CVE-2026-9242

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data Authenticity in all versions up to and including 6.0.8.6. This is due to the PayPal IPN callback handler...

5.3CVSS5.8AI score0.00232EPSS
Exploits0References15
EUVD
EUVD
added 2026/06/26 10:0 p.m.17 views

EUVD-2026-31694

Hackney has unbounded buffer accumulation in WebSocket...

8.7CVSS5.9AI score0.00825EPSS
Exploits1References5
OSV
OSV
added 2026/06/26 9:50 p.m.4 views

GHSA-4HF8-5MJM-RFGQ Streamable HTTP mode exposes LINE Desktop read/send tools without MCP authentication

Streamable HTTP mode exposes LINE Desktop read/send tools without MCP authentication Summary line-desktop-mcp supports a --http-mode Streamable HTTP transport for use with clients such as n8n. In this mode the server binds to 0.0.0.0 and exposes the MCP /mcp endpoint without an MCP-layer...

8.8CVSS5.8AI score0.00323EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/26 10:41 a.m.46 views

CVE-2026-13325 Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

8.5CVSS0.00175EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 9:38 p.m.24 views

CVE-2026-55454

Appsmith (prior to 2.1) exposes the bundled Caddy admin API without authentication inside the container, bound to 0.0.0.0:2019. Although not exposed to the host via docker-compose, it is reachable from the Appsmith server process and can be targeted via SSRF to issue admin-API calls (e.g., POST /...

9.9CVSS5.9AI score0.00328EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 9:36 p.m.5 views

CVE-2026-9776

ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ATEN Unizon. Authentication is not required to exploit this vulnerability. The specific fl...

7.5CVSS5.8AI score0.0158EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/24 9:36 p.m.29 views

CVE-2026-9776

ATEN Unizon contains a directory traversal flaw in writeFileToHttpServletResponse that allows remote disclosure of sensitive information without authentication. The issue stems from improper validation of a user-supplied path used in file operations, enabling an attacker to access data in the SYS...

7.5CVSS7AI score0.0158EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/24 9:16 p.m.13 views

CVE-2026-1840

The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without...

8.7CVSS0.00726EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-52123

Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description A directory traversal flaw exists in the writeFileToHttpServletResponse function. The issue is caused by insufficient validation of a user-supplied path before it is used in file...

7.5CVSS7AI score0.0158EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:17 p.m.6 views

CVE-2026-53753

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT...

9.8CVSS6.2AI score0.0045EPSS
Exploits2References2Affected Software1
EUVD
EUVD
added 2026/06/23 6:17 p.m.11 views

EUVD-2026-38569

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT...

9.8CVSS6.2AI score0.0045EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.10 views

PT-2026-51634

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description The Jupyter Notebook ipynb sanitizer endpoint at 'POST /-/api/sanitize ipynb' allows arbitrary data: URIs without proper restrictions, which can lead to Cross-Site Scripting XSS. The endpoint utilizes...

6.4CVSS6AI score0.00677EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/22 4:31 p.m.8 views

EUVD-2026-38309

The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion. No valid dashboard access tok...

7.5CVSS5.9AI score0.00432EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 3:25 p.m.36 views

CVE-2026-41047 Information leak via “diff” methods in qSnapper

Lack of authentication when using the "snapshot diff" functions in qSnapper before version 1.3.3 allowed a local attacker to see otherwise read protected information...

6.9CVSS0.0015EPSS
Exploits0References3
Rows per page
Query Builder