Lucene search
K

14782 matches found

NVD
NVD
added 2026/04/02 8:16 p.m.5 views

CVE-2023-7343

Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...

8.5CVSS0.00142EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/02 7:56 p.m.15 views

CVE-2023-7343 Belden Industrial HiVision Arbitrary Code Execution via Malicious Project File

Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...

8.5CVSS0.00142EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 7:56 p.m.1 views

CVE-2023-7343

Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...

8.5CVSS6.4AI score0.00142EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/02 7:56 p.m.2 views

CVE-2023-7343 Belden Industrial HiVision Arbitrary Code Execution via Malicious Project File

Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...

8.5CVSS6.4AI score0.00142EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 7:16 p.m.3 views

CVE-2023-7342

HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this fla...

8.8CVSS0.00265EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 6:27 p.m.1 views

CVE-2023-7342

HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this fla...

8.8CVSS5.9AI score0.00265EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/02 6:27 p.m.10 views

CVE-2023-7342

HiSecOS web server has a privilege-escalation flaw that allows authenticated users with operator or auditor roles to elevate to administrator by sending specially crafted packets to the web server, potentially granting full administrative control of the device. The available documents provide det...

8.8CVSS5.9AI score0.00265EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/02 8:37 a.m.2 views

SUSE CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.4 views

Belden HiSecOS 安全漏洞

Belden HiSecOS is an operating system for industrial security routers developed by the American company Belden. There were security vulnerabilities in versions of the Belden HiSecOS web server prior to 08.3.02. These vulnerabilities stemmed from a permission escalation issue when specially crafte...

8.5CVSS5.8AI score0.00142EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29867

Name of the Vulnerable Software and Affected Versions HiSecOS web server versions 03.4.00 through 04.0.99 Description HiSecOS web server versions 03.4.00 through 04.0.99 contain a privilege escalation flaw. Authenticated users with operator or auditor roles can escalate their privileges to the...

8.8CVSS5.9AI score0.00265EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-35092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References2
OSV
OSV
added 2026/04/01 2:16 p.m.3 views

UBUNTU-CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.8AI score0.00994EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/01 1:18 p.m.4 views

CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.8AI score0.00994EPSS
Exploits1References18
RedhatCVE
RedhatCVE
added 2026/04/01 1:18 p.m.4 views

CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/31 11:57 a.m.4 views

CVE-2026-24028 Out-of-bounds read when parsing DNS packets via Lua

An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential...

5.3CVSS5.9AI score0.01028EPSS
Exploits0References1
CVE
CVE
added 2026/03/31 11:57 a.m.16 views

CVE-2026-24028

CVE-2026-24028 affects dnsdist, a DNS load balancer. The issue arises when custom Lua code parses DNS packets with newDNSPacketOverlay, causing an out-of-bounds read that can crash the process and potentially disclose memory. Connected advisories confirm the vulnerability and list it among multip...

8.2CVSS5.9AI score0.01028EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/30 8:48 p.m.2 views

CVE-2025-49010

A flaw was found in OpenSC, an open source smart card tools and middleware. An attacker with physical access to the computer, at the time a user or administrator uses a token, can exploit this vulnerability. By presenting specially crafted responses to Application Protocol Data Units APDUs from a...

6.8CVSS5.8AI score0.0013EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/30 5:26 p.m.4 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...

6.3CVSS5.9AI score0.00287EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/30 5:26 p.m.3 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...

6.3CVSS5.9AI score0.00287EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/30 5:26 p.m.1 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...

6.3CVSS5.9AI score0.00287EPSS
Exploits0References3
Rows per page
Query Builder