Lucene search
+L

2212 matches found

CVE
CVE
added 2026/06/15 12:0 a.m.17 views

CVE-2026-38060

The CVE-2026-38060 entry concerns Tenda 5G03 V05.03.02.04 (Version 1.0) with a vulnerability in the function action_unlock_sim, exploitable via the pin parameter to enable command injection. The mapped CVSS 3.1 base score is 9.8 (CRITICAL) with Network attack vector, no privileges required, no us...

9.8CVSS5.3AI score0.01046EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.31 views

CVE-2026-38060

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionunlocksim via the pin parameter...

0.01046EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.17 views

PT-2026-49291

Name of the Vulnerable Software and Affected Versions Tenda 5G03 version V05.03.02.04 Version 1.0 Description Command injection is possible in the action unlock sim function through the pin parameter. Recommendations At the moment, there is no information about a newer version that contains a fix...

9.8CVSS5.9AI score0.01046EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.16 views

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7922-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7922-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

7.8CVSS5.8AI score0.00261EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.22 views

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7939-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7939-2 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwee...

7.8CVSS8.1AI score0.01345EPSS
Exploits8References24
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2026:2115-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2115-1 advisory. This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names...

9.8CVSS5.7AI score0.01335EPSS
Exploits1References37
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.12 views

CVE-2026-49318

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

2.4CVSS5.5AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-49317

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

2.4CVSS5.5AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.11 views

CVE-2026-4053

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce the PostEditTimeLimit on non-message post fields which allows an authenticated user to modify post file attachments, props, and pin status after the edit window has expired via the post patch and update API endpoints...

4.3CVSS5.5AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.13 views

CVE-2026-41160

EspoCRM is an open source customer relationship management application. Prior to 9.3.5, a business logic flaw Broken Access Control in EspoCRM 9.3.3 allows low-privileged users to pin arbitrary notes without having the required edit permissions for the parent object. Due to a "write first,...

4.3CVSS5.8AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.17 views

CVE-2026-45153

Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud Files app PIN. This issue has been patched in version 33.1.0...

4.6CVSS5.3AI score0.00153EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 5:17 p.m.15 views

CVE-2026-45153

Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud Files app PIN. This issue has been patched in version 33.1.0...

4.6CVSS0.00153EPSS
Exploits0References3
CVE
CVE
added 2026/06/01 4:37 p.m.22 views

CVE-2026-45153

CVE-2026-45153 describes a PIN bypass in Nextcloud on Android. After unlocking a locked device, the back button could be used to bypass the Nextcloud Files app PIN for versions 33.0.0 up to (but not including) 33.1.0. The issue is mitigated by the patch in 33.1.0. The available sources confirm th...

4.6CVSS5.7AI score0.00153EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/01 4:37 p.m.16 views

EUVD-2026-33672

Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud Files app PIN. This issue has been patched in version 33.1.0...

4.6CVSS5.7AI score0.00153EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/01 4:37 p.m.36 views

CVE-2026-45153 Nextcloud: PIN bypass in PassCodeActivity via back button

Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud Files app PIN. This issue has been patched in version 33.1.0...

4.6CVSS0.00153EPSS
Exploits0References3
OSV
OSV
added 2026/06/01 4:37 p.m.4 views

CVE-2026-45153 Nextcloud: PIN bypass in PassCodeActivity via back button

Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud Files app PIN. This issue has been patched in version 33.1.0...

4.6CVSS5.8AI score0.00153EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.35 views

YellowKey Bitlocker Bypass Mitigation

YellowKey is a zero-day physical attack vulnerability discovered in May 2026 that allows attackers with physical access to completely bypass BitLocker encryption on Windows 11 devices. This is a mitigation that modifies the Windows Recovery Environment to remove or disable the vulnerable...

6.8CVSS6.1AI score0.01249EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.25 views

PT-2026-45469

Name of the Vulnerable Software and Affected Versions Nextcloud versions 33.0.0 through 33.0.x Description An issue exists in the Nextcloud Files app for Android where the PIN can be bypassed. After unlocking a locked Android phone, the back-button can be used to circumvent the PIN requirement...

4.6CVSS6.1AI score0.00153EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Nextcloud Android app 授权问题漏洞

The Nextcloud Android app is a mobile application developed by the German company Nextcloud, designed for accessing Nextcloud servers on the Android platform. In versions 33.0.0 to 33.1.0 of the Nextcloud Android app, there was an authorization vulnerability. This vulnerability occurred when...

4.6CVSS5.3AI score0.00153EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/05/29 3:27 p.m.14 views

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding branch...

8.8CVSS5.8AI score0.01335EPSS
Exploits1References48
Rows per page
Query Builder