Lucene search
K

153 matches found

Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-57028 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internall...

7.3CVSS0.00301EPSS
Exploits0References1
CVE
CVE
added 4 days ago12 views

CVE-2026-57028

CVE-2026-57028 affects Juniper Networks Junos OS Evolved. An incorrectly initialized process meant to communicate only internally can be reached over the network via an open port, enabling an unauthenticated, network-based attacker to gain unauthorized access to license management. Affected scope...

7.3CVSS5.9AI score0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-33803 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process whi...

6.9CVSS0.00354EPSS
Exploits0References1
CVE
CVE
added 4 days ago15 views

CVE-2026-33803

CVE-2026-33803 (Junos OS Evolved) : A wrong initialization allows a process that should be internal to be reachable over the network via an open port, exposing the device and increasing CPU usage from ingress processing. Affects Junos OS Evolved releases prior to the following: 23.2R2-S7-EVO, 23....

6.9CVSS5.9AI score0.00354EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-33803

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process whi...

6.9CVSS5.9AI score0.00354EPSS
Exploits0References2Affected Software1
Imperva Blog
Imperva Blog
added 2026/05/06 6:28 p.m.8 views

Your Redis Server Looks Fine. That’s the Problem.

Introduction There’s an automated attack circulating right now that breaks into unprotected Redis servers, takes over the underlying machine, and then carefully puts everything back the way it found it. It restores the database filename. It deletes the tools it used. It detaches from the...

10CVSS7.5AI score0.9967EPSS
Exploits9
NVD
NVD
added 2026/04/21 3:16 p.m.7 views

CVE-2025-31981

HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...

5.3CVSS0.00087EPSS
Exploits0References1
CVE
CVE
added 2026/04/21 2:26 p.m.14 views

CVE-2025-31981

HCL BigFix Service Management (SM) Discovery is affected by unenforced encryption caused by HTTP port 80 being open. An attacker with network access can sniff unencrypted traffic, potentially exposing data (Confidentiality impact: LOW per CVSS). The provided documents do not specify a remediation...

5.3CVSS5.8AI score0.00087EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 2:26 p.m.5 views

CVE-2025-31981

HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...

5.3CVSS5.8AI score0.00087EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/21 2:26 p.m.32 views

CVE-2025-31981 HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption

HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...

5.3CVSS0.00087EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.12 views

HCL BigFix Service Management Discovery 安全漏洞

HCL BigFix Service Management Discovery is an IT asset and service dependency discovery tool developed by the Indian company HCL. HCL BigFix Service Management Discovery has a security vulnerability; this vulnerability arises from the open port 80, which allows encrypted data to be transmitted...

5.3CVSS5.8AI score0.00087EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.7 views

PT-2026-29264

Nhost is an open source Firebase alternative with GraphQL. Prior to version 1.41.0, The Nhost CLI MCP server, when explicitly configured to listen on a network port, applies no inbound authentication and does not enforce strict CORS. This allows a malicious website visited on the same machine to...

7.7CVSS5.7AI score0.00361EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/25 4:6 a.m.7 views

CVE-2025-9120

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

8.6CVSS5.5AI score0.00158EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 1:16 a.m.13 views

CVE-2025-9120

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

8.6CVSS0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/24 12:3 a.m.6 views

EUVD-2025-207564

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

8.6CVSS5.4AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2026/02/24 12:3 a.m.27 views

CVE-2025-9120

CVE-2025-9120 : OpenText Carbonite Safe Server Backup is affected up to version 6.8.3 by an improper generation of code vulnerability (code injection). The issue can be exploited via an open port to potentially gain unauthorized access, with a CVSSv4.0 base score of 8.6 (HIGH) and local attack Ve...

8.6CVSS5.5AI score0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.13 views

PT-2026-21583

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

8.6CVSS5.4AI score0.00158EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.5 views

CVE-2020-10612

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicates with SoftPACMonitor over network Port 22000. However, this port is open without any restrictions. This allows an attacker with network access to control the SoftPACAgent service including updating SoftPAC firmware, starting ...

9.1CVSS6.9AI score0.01074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:56 a.m.6 views

CVE-2023-40308

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information...

7.5CVSS7AI score0.00622EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-19227

Malware in sbrugna...

10CVSS9.5AI score0.05809EPSS
Exploits1References3
Rows per page
Query Builder