Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/04/15 4:3 p.m.5 views

CVE-2026-20180 Cisco Identity Services Engine Multiple Remote Code Execution Vulnerability

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

9.9CVSS6.2AI score0.06381EPSS
Exploits1References1
OSV
OSV
added 2026/03/18 4:18 p.m.4 views

GHSA-WR4H-V87W-P3R7 h3 has a Path Traversal via Percent-Encoded Dot Segments in serveStatic Allows Arbitrary File Read

Summary serveStatic in h3 is vulnerable to path traversal via percent-encoded dot segments %2e%2e, allowing an unauthenticated attacker to read arbitrary files outside the intended static directory on Node.js deployments. Details The vulnerability exists in src/utils/static.ts at line 86:...

5.9CVSS6.1AI score
Exploits0References4
Veracode
Veracode
added 2025/05/13 4:16 a.m.8 views

Remote Code Execution (RCE)

vllm is vulnerable to Remote Code Execution RCE. The vulnerability is due to the use of Python’s pickle module on untrusted data received over a ZeroMQ SUB socket in multi-node deployments using the V0 engine, which allows an attacker to execute arbitrary code on the target machine and potentiall...

8CVSS8.1AI score0.00502EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2025/05/07 5:21 a.m.10 views

Denial Of Service (DoS)

vLLM is vulnerable to Denial Of Service DoS . The vulnerability is due to improper ZeroMQ socket binding caused by the XPUB socket being bound to all interfaces without access control in multi-node deployments, which allows an attacker to connect to the socket and either receive internal data or...

7.5CVSS7.5AI score0.00505EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder