Lucene search
K

4433 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.14 views

Unity Linux 20.1060e / 20.1070e Security Update: openvpn (UTSA-2026-017649)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017649 advisory. OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred...

7.5CVSS6.8AI score0.05107EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/10 12:30 p.m.12 views

EUVD-2026-28993

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS5.5AI score0.00403EPSS
Exploits0References5
CVE
CVE
added 2026/05/10 1:0 a.m.25 views

CVE-2026-8216

Affected software / component: Industrial Application Software IAS Canias ERP 8.03; affected function: iasServerRemoteInterface.doAction (Java RMI Session Management). Issue / impact: Improper authentication resulting from manipulation of the doAction function. The attack can be launched remotely...

7.5CVSS6.9AI score0.00391EPSS
Exploits0References4
CVE
CVE
added 2026/05/10 12:15 a.m.21 views

CVE-2026-8214

The CVE-2026-8214 entry concerns Industrial Application Software IAS Canias ERP 8.03. The vulnerability lies in the RMI Interface’s doAction function, where manipulating the sessionId argument leads to improper authentication. This can be exploited remotely, and public proof-of-concept exploit in...

6.9CVSS5.7AI score0.00403EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:15 a.m.7 views

CVE-2026-8214

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

6.9CVSS5.5AI score0.00403EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.14 views

PT-2026-39470

Name of the Vulnerable Software and Affected Versions Industrial Application Software IAS Canias ERP version 8.03 Description An issue exists in the Login RMI Interface component where manipulation of the clientVersion argument leads to improper authentication. This allows a remote attacker to...

6.9CVSS6AI score0.00403EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/05/08 12:0 a.m.8 views

CVE-2024-30167

/cgi-bin/time.cgi in Atlona AT-OME-MS42 Matrix Switcher 1.1.2 allow remote authenticated users to execute arbitrary commands as root via a POST request that carries a serverName parameter...

6.1AI score0.01143EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.9 views

PT-2026-38667

Name of the Vulnerable Software and Affected Versions Atlona AT-OME-MS42 Matrix Switcher version 1.1.2 Description Remote authenticated users can execute arbitrary commands with root privileges. This is possible via a POST request to the '/cgi-bin/time.cgi' endpoint using the serverName parameter...

6.3CVSS6AI score0.01143EPSS
Exploits2References6
EUVD
EUVD
added 2026/05/07 6:30 p.m.10 views

EUVD-2026-28393

An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote authenticated attacker to gain administrative access...

8.8CVSS5.8AI score0.00714EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 3:18 p.m.9 views

CVE-2026-5786

An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote authenticated attacker to gain administrative access...

8.8CVSS5.8AI score0.00714EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/05 2:20 a.m.8 views

CVE-2026-7722

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

6.9CVSS5.7AI score0.00453EPSS
Exploits0References1
OSV
OSV
added 2026/05/05 12:0 a.m.14 views

CLSA-2026-1777939234 libssh: Fix of CVE-2026-0966

CVE-2026-0966: fix heap buffer underflow in sshgethexa on NULL or zero-length input, remotely reachable via GSSAPI authentication logging...

8.2CVSS6.7AI score0.00582EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/05/05 12:0 a.m.69 views

📄 GNU InetUtils telnetd Remote Privilege Escalation

GNU InetUtils versions 2.0 through 2.6 telnetd remote privilege escalation proof of concept exploit. Exploit Title: GNU InetUtils telnetd - Remote Privilege Escalation Date: 2026-01-24 Exploit Author: Ali Guliyev infat0x Author GitHub: https://github.com/infat0x Vendor Homepage:...

9.8CVSS7.5AI score0.98871EPSS
Exploits62
NVD
NVD
added 2026/05/04 3:16 a.m.24 views

CVE-2026-7722

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

6.9CVSS0.00453EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/04 2:15 a.m.5 views

CVE-2026-7722

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

6.9CVSS5.7AI score0.00453EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/04 12:15 a.m.38 views

CVE-2026-7714 crocodilestick Calibre-Web-Automated Admin Endpoint cwa_functions.py missing authentication

A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwafunctions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The...

6.9CVSS0.00456EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/30 4:8 p.m.6 views

EUVD-2025-209597

Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...

9.8CVSS6.3AI score0.05727EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/04/27 7:23 p.m.8 views

CVE-2026-7042

A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function createapp of the file backend/app/init.py of the component REST API Endpoint. Executing a manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published a...

7.5CVSS7AI score0.00383EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/27 7:23 p.m.5 views

CVE-2026-7022

A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the component HTTP Header Handler. Such manipulation of the argument X-DEBUG-RUN/X-DEBUG-INJ leads to improp...

7.5CVSS7AI score0.00383EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 9:45 a.m.4 views

CVE-2026-7112 NousResearch hermes-agent API_SERVER_KEY api_server.py _check_auth improper authentication

A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function checkauth of the file gateway/platforms/apiserver.py of the component APISERVERKEY Handler. The manipulation leads to improper authentication. The attack can be initiated remotely. Th...

6.3CVSS5AI score0.0036EPSS
Exploits0References6
Rows per page
Query Builder