Lucene search
K

11 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-57028

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internall...

7.3CVSS0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-57028 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internall...

7.3CVSS0.00301EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-33803

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process whi...

6.9CVSS5.9AI score0.00354EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/18 2:31 p.m.4 views

Insufficiently Protected Credentials

Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Insufficiently Protected Credentials in the backup process. An attacker can obtain sensitive account credentials and configuration secrets by...

6.9CVSS5.8AI score0.00174EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/28 2:45 p.m.37 views

CVE-2026-44594 esm.sh: Path Traversal via package.json browser field allows reading arbitrary server files

esm.sh is a no-build content delivery network CDN for web development. In 137 and earlier, a Local File Inclusion LFI vulnerability exists in the esbuild plugin's handling of the browser field in package.json. An attacker can publish an npm package that causes the server to read and return...

7.5CVSS0.00321EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 9:3 a.m.7 views

MAL-2026-2407 Malicious code in @ceeferenderer/itg-renderer-sdk (npm)

Malicious package due to code obfuscation, dynamic module loading, process exposure, suspicious install script, and untrustworthy author email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b9fa22264e38705c3a7ba319515ee66036e72ab14c32d08b01a5695aa191b8 This...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 9:3 a.m.10 views

Malicious code in @ceeferenderer/itg-renderer-sdk (npm)

Malicious package due to code obfuscation, dynamic module loading, process exposure, suspicious install script, and untrustworthy author email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b9fa22264e38705c3a7ba319515ee66036e72ab14c32d08b01a5695aa191b8 This...

5.9AI score
Exploits0References2
Amazon
Amazon
added 2025/10/27 12:0 a.m.5 views

Important: firefox

Issue Overview: Use-after-free in MediaTrackGraphImpl::GetInstance This vulnerability affects Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4. CVE-2025-11708 A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using...

9.8CVSS6.8AI score0.00475EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2019-17706

Malware in sbrugna...

8.2CVSS8.1AI score0.00466EPSS
Exploits0References8
OSV
OSV
added 2024/01/29 3:15 p.m.2 views

CVE-2023-7204

The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...

7.5CVSS7.3AI score0.00644EPSS
Exploits2References1
CVE
CVE
added 2001/01/22 5:0 a.m.57 views

CVE-2000-1140

The CVE-2000-1140 entry concerns Recourse ManTrap 1.6, where the process-hiding mechanism fails to conceal processes from attackers. This could allow an attacker with local access to verify honeypot status by comparing the results of kill commands with the /proc process listing, indicating honeyp...

2.1CVSS7.1AI score0.01159EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder