Lucene search
K

190955 matches found

The Hacker News
The Hacker News
added 56 minutes ago4 views

China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box ORB network by breaking into internet-facing networking devices. According to findings from Cisco Talos, UAT-7810 is an advanced persistent threat APT actor that's responsible f...

Exploits0
EUVD
EUVD
added 9 hours ago3 views

EUVD-2026-42155

Fire-Boltt Smartwatch FB BGS001 Firmware: MOY-JS14-2.0.4 is vulnerable to Improper Authentication, The device accepts GATT Write Request commands without sufficient authentication or strong session validation. Under specific conditions, previously captured BLE packets can be replayed from a nearb...

6AI score
Exploits0References4
Amazon
Amazon
added 10 hours ago2 views

Medium: qemu

Issue Overview: A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request...

6.7CVSS5.9AI score0.00121EPSS
Exploits0
NVD
NVD
added yesterday4 views

CVE-2026-37271

Fire-Boltt Smartwatch FB BGS001 Firmware: MOY-JS14-2.0.4 is vulnerable to Improper Authentication, The device accepts GATT Write Request commands without sufficient authentication or strong session validation. Under specific conditions, previously captured BLE packets can be replayed from a nearb...

Exploits0References3
NVD
NVD
added yesterday5 views

CVE-2026-58583

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-58583

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score
Exploits0References4
CVE
CVE
added yesterday9 views

CVE-2026-58583

CVE-2026-58583 affects FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, enabling local privilege escalation for a standard user via arbitrary physical memory mapping at \Device\PhysicalMemory. Root cause: memory mapping vulnerability in the driver. Impact: potential elevation of pri...

8.4CVSS6AI score
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-42094

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score
Exploits0References4
Cvelist
Cvelist
added yesterday17 views

CVE-2026-58583 FluxInk Color Management Driver local privilege escalation

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS
Exploits0References4
OSV
OSV
added yesterday3 views

GHSA-PW9M-5JXM-XR6H Better Auth: OAuth refresh-token replay via missing client authentication on oidc-provider and mcp plugins

Am I affected? Users are affected if all of the following are true: - Their application uses better-auth and has enabled at least one of: oidcProvider imported from better-auth/plugins/oidc-provider, or mcp imported from better-auth/plugins/mcp. - Their application has at least one confidential...

9.1CVSS6.1AI score0.00013EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added yesterday3 views

Better Auth: OAuth refresh-token replay via missing client authentication on oidc-provider and mcp plugins

Am I affected? Users are affected if all of the following are true: - Their application uses better-auth and has enabled at least one of: oidcProvider imported from better-auth/plugins/oidc-provider, or mcp imported from better-auth/plugins/mcp. - Their application has at least one confidential...

6.1AI score0.00013EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.1.0 Vulnerability Details CVEID:CVE-2016-1000027 DESCRIPTION: Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution RCE issue if used for Java deserialization of untrusted data...

9.8CVSS7.5AI score0.51547EPSS
Exploits7Affected Software1
NVD
NVD
added yesterday7 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS
Exploits0References2
The Hacker News
The Hacker News
added yesterday4 views

RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service

A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill criminals take over a victim's phone, steal their banking logins, and capture the one-time codes that protect their accounts. Zimperium's zLabs, which found th...

6.1AI score
Exploits0
Nuclei
Nuclei
added yesterday85 views

AnythingLLM - Information Disclosure

AnythingLLM suffers from an information disclosure vulnerability through the /api/setup-complete API endpoint. By accessing this endpoint, a remote and unauthenticated attacker can access sensitive configuration of the target AnythingLLM instance. This detection is included in the AI and LLM...

7.5CVSS7.1AI score0.29187EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday62 views

AVTECH IP Camera - Command Injection

The endpoint /cgi-bin/supervisor/Factory.cgi is vulnerable to command injection via the action parameter, allowing remote code execution. id: CVE-2024-7029 info: name: AVTECH IP Camera - Command Injection author: DhiyaneshDK severity: high description: | The endpoint /cgi-bin/supervisor/Factory.c...

9.8CVSS7.6AI score0.38998EPSS
Exploits5References6
Nuclei
Nuclei
added yesterday28 views

D-Link DIR-605 - Information Disclosure

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version - 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page id: CVE-2021-40655 info: name: D-Link DIR-605 - Information Disclosure author: DhiyaneshDK severity: high...

7.5CVSS7.3AI score0.87039EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday58 views

Juniper Web Device Manager - Cross-Site Scripting

Juniper Web Device Manager J-Web in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal...

6.1CVSS6.5AI score0.02468EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday35 views

Intelbras TIP200/TIP200LITE/TIP300 - Cross-Site Scripting

Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 are vulnerable to reflected cross-site scripting XSS via the page parameter in /cgi-bin/cgiServer.exx, allowing attackers to execute arbitrary JavaScript in the context of the user. id: CVE-2020-12262 info: name: Intelbr...

5.4CVSS6.2AI score0.01506EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday61 views

Fujitsu IP Series - Hardcoded Credentials

Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. The credentials cannot be changed by the end-user and provide administrative...

7.5CVSS6.8AI score0.0299EPSS
Exploits0References5
Rows per page
Query Builder