Lucene search
K

1078 matches found

Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-41879 Weak password hashing in R-SOFT DMS

R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configuration file. This issue was fixed in version v3.17-2000...

8.2CVSS0.00269EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 2:10 p.m.6 views

Malicious code in rs-biginteger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 796cb1ee4c8398963dcc192d2fc9b425866f40f7a99b467cba1d160234508617 Package presents itself as a big-integer arithmetic library and ships the verbatim big.js v7.0.1 source plus its README. Injected between the P.minus...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/30 2:10 p.m.5 views

MAL-2026-6675 Malicious code in rs-biginteger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 796cb1ee4c8398963dcc192d2fc9b425866f40f7a99b467cba1d160234508617 Package presents itself as a big-integer arithmetic library and ships the verbatim big.js v7.0.1 source plus its README. Injected between the P.minus...

6.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51658

Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E affected versions not specified Description The DVRSearch service, which runs by default on UDP port 10001, processes unauthenticated discovery and configuration messages. A stack-based buffer overflow occurs because th...

10CVSS6.7AI score0.00427EPSS
Exploits0References8
OSV
OSV
added 2026/06/16 11:55 p.m.9 views

GO-2026-5042 Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs in github.com/kata-containers/kata-containers

Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs in github.com/kata-containers/kata-containers...

5.3AI score0.00067EPSS
Exploits0References3
NVD
NVD
added 2026/06/15 12:16 p.m.14 views

CVE-2026-34021

The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...

8.6CVSS0.00196EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.11 views

CVE-2026-34069

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

5.3CVSS5.4AI score0.00297EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 10:16 p.m.15 views

CVE-2025-15653

Dräger Zeus Infinity Empowered Zeus IE and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to...

7CVSS0.00169EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 9:27 p.m.26 views

CVE-2025-15653

The affected products are Dräger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations. The vulnerability is a local privilege escalation via unprotected USB interfaces that attackers with physical access can exploit to compromise software integrity. Reported impact includes ...

7CVSS5.8AI score0.00169EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.28 views

PT-2026-45864

Name of the Vulnerable Software and Affected Versions Dräger Zeus Infinity Empowered Zeus IE affected versions not specified Dräger Zeus RS C500 affected versions not specified Description A local security issue exists in anesthesia workstations that allows unauthorized individuals with physical...

7CVSS5.4AI score0.00169EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.15 views

PT-2026-42534

Name of the Vulnerable Software and Affected Versions Kata Containers runtime-rs versions prior to 3.31.0 Description A symlink escape exists when virtiofsd is run as root with the flags --sandbox none and --seccomp none. A raw FUSE SYMLINK request allows a guest root user to create symlinks owne...

9.3CVSS5.8AI score0.00067EPSS
Exploits0References12
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ath9khtc: fixed potential out-of-bounds access due to an invalid rxstatus-rskeyix parameter. The rxstatus-rskeyix parameter is eventually passed to testbit, so we need to ensure that it is within the allowed range of the bitmap...

7.1CVSS6.2AI score0.00264EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/07 2:59 a.m.24 views

hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

The NSEC3 closest-encloser proof validation in hickory-proto's 0.25.0-alpha.3 ... 0.25.2 and hickory-net's 0.26.0-alpha.1 .. 0.26.0 DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of th...

5.8AI score
Exploits0References4Affected Software2
vulnersOsv
vulnersOsv
added 2026/05/01 12:0 p.m.10 views

annatar (>=0.4.3 <=0.5.8), ansi2png-rs (>=0.1.0 <=0.1.1) +62 more potentially affected by unknown CVE via imageproc (>=0.10.0 <=0.22.0)

imageproc CARGO version =0.10.0, =0.4.3, =0.1.0, =0.2.0, =0.1.5, =0.1.0, =0.1.0, =1.0.0, =0.3.0, =0.1.0, =0.1.0, =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0117...

5.8AI score
Exploits0
NVD
NVD
added 2026/04/24 12:16 a.m.9 views

CVE-2026-27843

A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can...

9.2CVSS0.00518EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 11:54 p.m.2 views

CVE-2026-27843

A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can...

9.2CVSS5.7AI score0.00518EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

RS Studio Lagom WHMCS Template 安全漏洞

RS Studio Lagom WHMCS Template is a website template and front-end theme developed by the Polish company RS Studio. Versions of the RS Studio Lagom WHMCS Template prior to version 2.4.2 contained security vulnerabilities, which were caused by incorrect handling of the Datatables component. These...

5.3CVSS5.8AI score0.00276EPSS
Exploits0References1
Wolfi
Wolfi
added 2026/04/17 8:0 p.m.19 views

GHSA-XGP8-3HG3-C2MH vulnerabilities

Vulnerabilities for packages: linkerd2-proxy, wasmcloud, py3-xet-core, zizmor, wasm-pack, linkerd2, sccache, cargo-audit, pixi, samply, tealdeer, zellij, atuin, uv, zola, qdrant, xh, rustup, wasmtime, linkerd-network-validator, ntpd-rs, buck2, berg, sqlx, parseable, ztunnel, deno, rye,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/17 7:17 p.m.8 views

GHSA-XGP8-3HG3-C2MH vulnerabilities

Vulnerabilities for packages: mise, qdrant, ntpd-rs, wasm-pack, rustup, samply, kdash, lakekeeper, shadowsocks-rust, garage, rye, fnm, berg, zizmor, linkerd-network-validator, komodo, ztunnel, asciinema, tealdeer, py3-xet-core, buck2, zellij, lychee, cargo-audit, atuin, linkerd-extension-init,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/17 7:17 p.m.8 views

GHSA-965H-392X-2MH5 vulnerabilities

Vulnerabilities for packages: mise, qdrant, ntpd-rs, wasm-pack, rustup, samply, kdash, lakekeeper, shadowsocks-rust, garage, rye, fnm, berg, zizmor, linkerd-network-validator, komodo, ztunnel, asciinema, tealdeer, py3-xet-core, buck2, zellij, lychee, cargo-audit, atuin, linkerd-extension-init,...

6.1AI score
Exploits0
Rows per page
Query Builder