153 matches found
CVE-2026-57028 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internall...
CVE-2026-57028
CVE-2026-57028 affects Juniper Networks Junos OS Evolved. An incorrectly initialized process meant to communicate only internally can be reached over the network via an open port, enabling an unauthenticated, network-based attacker to gain unauthorized access to license management. Affected scope...
CVE-2026-33803 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process whi...
CVE-2026-33803
CVE-2026-33803 (Junos OS Evolved) : A wrong initialization allows a process that should be internal to be reachable over the network via an open port, exposing the device and increasing CPU usage from ingress processing. Affects Junos OS Evolved releases prior to the following: 23.2R2-S7-EVO, 23....
CVE-2026-33803
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process whi...
Your Redis Server Looks Fine. That’s the Problem.
Introduction There’s an automated attack circulating right now that breaks into unprotected Redis servers, takes over the underlying machine, and then carefully puts everything back the way it found it. It restores the database filename. It deletes the tools it used. It detaches from the...
CVE-2025-31981
HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...
CVE-2025-31981
HCL BigFix Service Management (SM) Discovery is affected by unenforced encryption caused by HTTP port 80 being open. An attacker with network access can sniff unencrypted traffic, potentially exposing data (Confidentiality impact: LOW per CVSS). The provided documents do not specify a remediation...
CVE-2025-31981
HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...
CVE-2025-31981 HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption
HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...
HCL BigFix Service Management Discovery 安全漏洞
HCL BigFix Service Management Discovery is an IT asset and service dependency discovery tool developed by the Indian company HCL. HCL BigFix Service Management Discovery has a security vulnerability; this vulnerability arises from the open port 80, which allows encrypted data to be transmitted...
PT-2026-29264
Nhost is an open source Firebase alternative with GraphQL. Prior to version 1.41.0, The Nhost CLI MCP server, when explicitly configured to listen on a network port, applies no inbound authentication and does not enforce strict CORS. This allows a malicious website visited on the same machine to...
CVE-2025-9120
Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....
CVE-2025-9120
Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....
EUVD-2025-207564
Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....
CVE-2025-9120
CVE-2025-9120 : OpenText Carbonite Safe Server Backup is affected up to version 6.8.3 by an improper generation of code vulnerability (code injection). The issue can be exploited via an open port to potentially gain unauthorized access, with a CVSSv4.0 base score of 8.6 (HIGH) and local attack Ve...
PT-2026-21583
Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....
CVE-2020-10612
Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicates with SoftPACMonitor over network Port 22000. However, this port is open without any restrictions. This allows an attacker with network access to control the SoftPACAgent service including updating SoftPAC firmware, starting ...
CVE-2023-40308
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information...
EUVD-2019-19227
Malware in sbrugna...