Lucene search
K

5931 matches found

Cvelist
Cvelist
added 2026/06/19 2:16 p.m.31 views

CVE-2016-20089 Iperius Remote 1.7.0 Unquoted Service Path Elevation of Privilege

Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When installed from directories containing spaces, attackers can place malicious executables in the path to be...

8.5CVSS0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 2:16 p.m.9 views

EUVD-2016-10901

Comodo Chromodo Browser 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevated privileges upon service restart or...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50909

Name of the Vulnerable Software and Affected Versions Windows Firewall Control version 4.8.6.0 Description An unquoted service path issue exists where the wfcs.exe service is configured with a path containing spaces that is not enclosed in quotes. This allows a local attacker to escalate privileg...

8.5CVSS5.9AI score0.00113EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50906

Name of the Vulnerable Software and Affected Versions Comodo Chromodo Browser version 52.15.25.664 Description The ChromodoUpdater service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker to place a malicious executable within the service path to...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50915

Name of the Vulnerable Software and Affected Versions TFTP Broadband version 4.3.0.1465 Description The tftpt.exe service binary contains an unquoted service path issue. This occurs when a service path contains spaces and is not enclosed in quotation marks, allowing a local attacker to place a...

8.5CVSS5.9AI score0.00119EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 5:57 p.m.51 views

Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)

Question Security Bulletin: Dirty COW Vulnerability CVE-2016-5195 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...

7.2CVSS7.1AI score0.83524EPSS
Exploits82Affected Software1
EUVD
EUVD
added 2026/06/16 9:32 p.m.11 views

EUVD-2026-37199

The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands e.g. system reboot...

8.6CVSS5.4AI score0.00232EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 8:16 p.m.14 views

CVE-2026-22312

The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands e.g. system reboot...

8.6CVSS0.00232EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:19 p.m.17 views

CVE-2026-22312

CVE-2026-22312 affects Radiflow iSAP Smart Collector. The device exposes a webserver REST API authenticated with a constant token, enabling an unauthenticated client to access system settings, modify configuration, and execute commands (e.g., system reboot). CVSS 3.1 indicates NETWORK attack vect...

8.6CVSS5.5AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 10:16 a.m.12 views

CVE-2026-10825

A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted request that causes service disruption and may result in an unexpected device reboot...

7.1CVSS0.0024EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:51 a.m.16 views

CVE-2026-10825

Technical details such as affected products, specific versions, root-cause, and exploit information are not publicly provided in the supplied documents; monitor for updates.

7.1CVSS5.2AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 8:51 a.m.10 views

EUVD-2026-37043

A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted request that causes service disruption and may result in an unexpected device reboot...

7.1CVSS5.3AI score0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:51 a.m.28 views

CVE-2026-10825 Improper JSON Input Validation in WebSocket API Leads to Denial of Service

A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted request that causes service disruption and may result in an unexpected device reboot...

7.1CVSS0.0024EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 6:7 p.m.16 views

CVE-2026-50101

CVE-2026-50101 affects Naxclow IoT Platform devices. The issue is a server-side, per-device relay credential that never rotates and is re-issued on every boot. Since the credential remains valid indefinitely and cannot be reset or revoked by the legitimate owner, an adversary who gains it can mai...

9.2CVSS5.2AI score0.00281EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-29115

A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...

6.9CVSS5.4AI score0.00362EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-29116

A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...

8.7CVSS5.4AI score0.00395EPSS
Exploits3References1
SUSE Linux
SUSE Linux
added 2026/06/11 6:54 a.m.10 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953. Special Instructions and Notes: Please reboot the system...

8.8CVSS5.4AI score0.00353EPSS
Exploits0References14
EUVD
EUVD
added 2026/06/11 12:32 a.m.12 views

EUVD-2026-36145

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama,...

6.9CVSS5.5AI score0.00192EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 8:54 p.m.34 views

CVE-2026-0269

CVE-2026-0269 describes a memory corruption vulnerability in the tunnel traffic processing path of Palo Alto Networks PAN-OS software. An authenticated user can trigger system reboots by sending a maliciously crafted packet, and repeated attempts may cause the firewall to enter maintenance mode. ...

6.9CVSS5.5AI score0.00192EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/10 8:54 p.m.72 views

CVE-2026-0269 PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama,...

6.9CVSS0.00192EPSS
Exploits0References1
Rows per page
Query Builder