Lucene search
K

83 matches found

EUVD
EUVD
added 2026/05/06 9:31 p.m.7 views

EUVD-2026-27974

Inappropriate implementation in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.8AI score0.0019EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2026/04/27 12:0 a.m.99 views

📄 Vienna Assistant 1.2.542 macOS Privilege Escalation

A macOS helper service interface implemented via NSXPC was observed exposing methods that may allow privileged operations such as file writing and command execution through a remote proxy connection...

8.8CVSS5.7AI score0.00449EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/04/23 8:58 p.m.5 views

CVE-2026-6942 radare2-mcp <=1.6.0 OS Command Injection via Shell Metacharacter Bypass

radare2-mcp version 1.6.0 and earlier contains an os command injection vulnerability that allows remote attackers to execute arbitrary commands by bypassing the command filter through shell metacharacters in user-controlled input passed to r2cmdstr. Attackers can inject shell metacharacters throu...

9.8CVSS6.8AI score0.0192EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/02/17 6:54 p.m.11 views

Pterodactyl Panel Allows Cross-Node Server Configuration Disclosure via Remote API Missing Authorization

Summary A missing authorization check in multiple controllers allows any user with access to a node secret token to fetch information about any server on a Pterodactyl instance, even if that server is associated with a different node. This issue stems from missing logic to verify that the node...

9.2CVSS5.8AI score0.00316EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/17 6:54 p.m.3 views

GHSA-G7VW-F8P5-C728 Pterodactyl Panel Allows Cross-Node Server Configuration Disclosure via Remote API Missing Authorization

Summary A missing authorization check in multiple controllers allows any user with access to a node secret token to fetch information about any server on a Pterodactyl instance, even if that server is associated with a different node. This issue stems from missing logic to verify that the node...

9.2CVSS5.8AI score0.00316EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.9 views

PT-2026-20331

Name of the Vulnerable Software and Affected Versions Pterodactyl Panel versions prior to 1.12.1 Description A missing authorization check allows any user with access to a node secret token to fetch information about any server on a Pterodactyl instance, even if that server is associated with a...

9.2CVSS5.5AI score0.00316EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.4 views

CVE-2025-0980

Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials...

6.4CVSS7.1AI score0.00144EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/26 9:12 a.m.142 views

Exploit for CVE-2025-9074

CVE-2025-9074 Docker Container Command Execution Tool A power...

9.3CVSS6.1AI score0.01594EPSS
Exploits15
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.4 views

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets, which arises from a memory corruption when processing large input data from a communication interface from a remote source...

7.8CVSS7AI score0.00079EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/27 9:30 p.m.5 views

EUVD-2025-36355

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinkrmtitfaddr function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

6.5AI score0.00457EPSS
Exploits1References5
Veracode
Veracode
added 2025/10/27 8:1 a.m.6 views

Improper Access Control

com.liferay.portal, release.portal.bom is vulnerable to improper access control. The vulnerability is due to the failure to restrict API access before a user changes their initial password, which allows an attacker to remotely access and modify content via the API...

6.9CVSS6.6AI score0.00244EPSS
Exploits0References3Affected Software2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-3004

Malware in sbrugna...

10CVSS6.1AI score0.05009EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-2988

Malware in sbrugna...

10CVSS6.1AI score0.05009EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-3253

Malware in sbrugna...

10CVSS6.4AI score0.02266EPSS
Exploits0References7
NVD
NVD
added 2025/09/04 1:15 p.m.6 views

CVE-2025-7388

It was possible to perform Remote Command Execution RCE via Java RMI interface in the OpenEdge AdminServer, allowing authenticated users to inject and execute OS commands under the delegated authority of the AdminServer process. An RMI interface permitted manipulation of a configuration property...

8.4CVSS0.00949EPSS
Exploits0References1
OSV
OSV
added 2025/09/02 12:15 p.m.5 views

CVE-2025-52545

E3 Site Supervisor Control firmware version 2.31F01 RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services...

7.5CVSS5.8AI score0.00241EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/02 11:25 a.m.5 views

CVE-2025-52545 Privilege escalation in the application services

E3 Site Supervisor Control firmware version 2.31F01 RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services...

7.7CVSS6.4AI score0.00241EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-5067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page...

5.4CVSS5.6AI score0.00349EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-7153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTun...

6.1CVSS6.4AI score0.01911EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-20919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions...

5.9CVSS6.2AI score0.00792EPSS
Exploits0References2
Rows per page
Query Builder