Lucene search
K

25 matches found

Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.17 views

PT-2026-50821

Name of the Vulnerable Software and Affected Versions Apollo Pharmacy Blood Glucose Monitoring System APG-01 affected versions not specified Description An attacker within Bluetooth Low Energy BLE communication range can passively intercept wireless traffic to obtain sensitive health-related...

7.1CVSS5.9AI score0.00145EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.9 views

CVE-2026-8602

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

9.1CVSS5.6AI score0.00448EPSS
Exploits0References1
ICS
ICS
added 2026/05/28 6:0 a.m.23 views

Fourth Frontier Frontier X Mobile Application, Frontier X2

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to read and write arbitrary handle values and change clinical readings, which could result in taking control of the device and lead to patient harm. 2. RECOMMENDED PRACTICES CISA recommends users take...

8.8CVSS5.9AI score0.0028EPSS
Exploits0References11
NVD
NVD
added 2026/05/19 6:16 p.m.27 views

CVE-2026-8602

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

9.1CVSS0.00448EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 5:0 p.m.45 views

CVE-2026-8602 Missing authentication for critical function in ScadaBR

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

8.8CVSS0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 5:0 p.m.13 views

CVE-2026-8602 Missing authentication for critical function in ScadaBR

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

8.8CVSS5.9AI score0.00448EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 5:0 p.m.12 views

EUVD-2026-30960

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

8.8CVSS5.9AI score0.00448EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 5:0 p.m.35 views

CVE-2026-8602

CVE-2026-8602 affects ScadaBR 1.2.0, described as a Missing Authentication for Critical Function vulnerability that could allow an unauthenticated attacker to send HTTP GET requests to the SCADA system and inject arbitrary sensor readings. The connected documents provide concrete details: vulnera...

9.1CVSS5.9AI score0.00448EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 5:0 p.m.9 views

CVE-2026-8602

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

8.8CVSS5.9AI score0.00448EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.19 views

PT-2026-41988

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

8.8CVSS5.9AI score0.00448EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Sensorweb ScadaBR 访问控制错误漏洞

Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation for creating automated data acquisition and monitoring applications. Version 1.2.0 of Sensorweb ScadaBR contains an access control vulnerability. This vulnerability stems from the lack of authentication for...

9.1CVSS6AI score0.00448EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.8 views

The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol

Vehicle diagnostics has become essential for detecting in-vehicle errors and ensuring safety. While the Unified Diagnostic Services UDS protocol is widely adopted for diagnostic operations, it relies on the ISO 15765-2 standard as the transport protocol over the Controller Area Network CAN, which...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006694 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in traceprintkseq during ftracedump When calling ftracedumpone...

4.7CVSS5.9AI score0.0011EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992891)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992891 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registe...

5.5CVSS6.3AI score0.00254EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2025/10/28 8:22 a.m.11 views

Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware

The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, according to new findings from Kaspersky. The vulnerability in question is CVE-2025-2783 CVSS scor...

8.3CVSS9AI score0.08404EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2025/05/23 8:5 a.m.9 views

CVE-2024-51074

Incorrect access control in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to arbitrarily change odometer readings in the vehicle by targeting the instrument cluster through the unsecured CAN network. NOTE: this is disputed by the supplier because the CAN b...

6.7CVSS6.9AI score0.0026EPSS
Exploits0References1
Citrix
Citrix
added 2025/03/21 12:0 a.m.8 views

NetScaler -13.1 56.18 - Non-recoverable : potential damage: system hardware in jeopardy or damaged

The Citrix NetScaler SDX 16000 appliance may exhibit the following symptoms: The appliance reports critical voltage errors in the ns.log and system message logs, indicating potential hardware damage. Specific Log Entries: The following log entries, or similar variations, are observed: Mar 9...

7.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/02/13 9:55 p.m.8 views

CVE-2025-24836 Qardio Heart Health IOS and Android Application and QardioARM A100 Uncaught Exception

With a specially crafted Python script, an attacker could send continuous startMeasurement commands over an unencrypted Bluetooth connection to the affected device. This would prevent the device from connecting to a clinician's app to take patient readings and ostensibly flood it with requests,...

7.1CVSS7AI score0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/22 12:0 a.m.26 views

CVE-2024-51074

Incorrect access control in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to arbitrarily change odometer readings in the vehicle by targeting the instrument cluster through the unsecured CAN network. NOTE: this is disputed by the supplier because the CAN b...

0.0026EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/22 12:0 a.m.9 views

CVE-2024-51074

Incorrect access control in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to arbitrarily change odometer readings in the vehicle by targeting the instrument cluster through the unsecured CAN network. NOTE: this is disputed by the supplier because the CAN b...

6.5AI score0.0026EPSS
Exploits0References2
Rows per page
Query Builder