Lucene search
K

7926 matches found

Tenable Nessus
Tenable Nessus
โ€ขadded 2026/03/18 12:0 a.m.โ€ข5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this...

5.5CVSS6.1AI score0.00114EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
โ€ขadded 2026/03/18 12:0 a.m.โ€ข12 views

Linux Distros Unpatched Vulnerability : CVE-2026-23254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption i...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References3
CNNVD
CNNVD
โ€ขadded 2026/03/18 12:0 a.m.โ€ข7 views

Linux kernel ๅฎ‰ๅ…จๆผๆดž

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a mistake in the cleanup loop of the setupnicdevices function in the liquidio driver. This mistak...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
โ€ขadded 2026/03/18 12:0 a.m.โ€ข2 views

Linux Distros Unpatched Vulnerability : CVE-2026-23256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: liquidio: Fix off-by-one error in VF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References3
CNNVD
CNNVD
โ€ขadded 2026/03/18 12:0 a.m.โ€ข6 views

Linux kernel ๅฎ‰ๅ…จๆผๆดž

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a mistake in the cleanup loop of the setupnicdevices function in the liquidio driverโ€™s PF. This...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
โ€ขadded 2026/03/18 12:0 a.m.โ€ข5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23257

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: liquidio: Fix off-by-one error in PF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The...

5.5CVSS6.1AI score0.00114EPSS
Exploits0References3
GithubExploit
GithubExploit
โ€ขadded 2026/03/17 10:48 a.m.โ€ข114 views

Exploit for Classic Buffer Overflow in Freefloat Freefloat_Ftp_Server

CVE-2025-5548 Security research and reprod...

9.8CVSS6.2AI score0.10139EPSS
Exploits12
Snyk
Snyk
โ€ขadded 2026/03/16 8:40 p.m.โ€ข2 views

Improper Privilege Management

Overview openclaw is a ๐Ÿฆž OpenClaw โ€” Personal AI Assistant Affected versions of this package are vulnerable to Improper Privilege Management. An attacker can gain unauthorized privileges by replaying a valid setup code before approval, allowing escalation of pending device pairing scopes...

9.8CVSS5.9AI score0.00351EPSS
Exploits0References2
The Hacker News
The Hacker News
โ€ขadded 2026/03/16 7:37 p.m.โ€ข6 views

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python projects โ€” including Django apps, ML research code, Streamlit dashboards, and PyPI packages โ€” by...

6.3AI score
Exploits0
CVE
CVE
โ€ขadded 2026/03/16 4:55 p.m.โ€ข6 views

CVE-2026-29521

CVE-2026-29521 affects Hereta ETH-IMC408M devices with firmware 1.0.15 and earlier, where missing CSRF protections in setup.cgi allow cross-site request forgery. An attacker hosting malicious pages can submit forged requests using automatically-included HTTP Basic Authentication credentials to mo...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
โ€ขadded 2026/03/16 4:55 p.m.โ€ข2 views

CVE-2026-29521 Hereta ETH-IMC408M CSRF via Configuration Setup

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

5.1CVSS5.7AI score0.0011EPSS
Exploits0References2
NVD
NVD
โ€ขadded 2026/03/16 2:20 p.m.โ€ข3 views

CVE-2026-4192

A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and m...

6.5CVSS0.01301EPSS
Exploits0References6
NVD
NVD
โ€ขadded 2026/03/16 2:19 p.m.โ€ข3 views

CVE-2026-3556

Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this vulnerability. The...

8.8CVSS0.00514EPSS
Exploits0References1
GithubExploit
GithubExploit
โ€ขadded 2026/03/16 11:51 a.m.โ€ข165 views

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.49 Path Traversal Lab โ€” CVE-2021-41773 Clone...

9.8CVSS7.4AI score0.99992EPSS
Exploits148
CNNVD
CNNVD
โ€ขadded 2026/03/16 12:0 a.m.โ€ข7 views

Quip MCP Server ๅ‘ฝไปคๆณจๅ…ฅๆผๆดž

Quip MCP Server is a documentation-based server developed by AvinashBole. Version 1.0.0 of Quip MCP Server has a command injection vulnerability, which stems from incorrect operations on the function setupToolHandlers in the file src/index.ts, potentially leading to command injection...

6.5CVSS6.6AI score0.01301EPSS
Exploits0References6
CNNVD
CNNVD
โ€ขadded 2026/03/16 12:0 a.m.โ€ข7 views

D-Link DIR-816 ๅฎ‰ๅ…จๆผๆดž

The D-Link DIR-816 is a wireless router produced by D-Link Corporation. The D-Link DIR-816 1.10CNB05 version has a security vulnerability. This vulnerability stems from incorrect handling of the parameter pskValue in the file/goform/form2WlanBasicSetup.cgi, which may lead to a stack buffer overfl...

10CVSS7.5AI score0.01184EPSS
Exploits1References5
Cvelist
Cvelist
โ€ขadded 2026/03/15 8:32 p.m.โ€ข39 views

CVE-2026-4192 AvinashBole quip-mcp-server index.ts setupToolHandlers command injection

A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and m...

6.5CVSS0.01301EPSS
Exploits0References6
CVE
CVE
โ€ขadded 2026/03/15 8:32 p.m.โ€ข14 views

CVE-2026-4192

The CVE-2026-4192 entry concerns AvinashBole quip-mcp-server 1.0.0, where the function setupToolHandlers in src/index.ts is vulnerable to command injection. The vulnerability is described as exploitable remotely, with the exploit publicly disclosed and the project reportedly not responding to the...

6.5CVSS6.2AI score0.01301EPSS
Exploits0References6
Vulnrichment
Vulnrichment
โ€ขadded 2026/03/15 8:32 p.m.โ€ข2 views

CVE-2026-4192 AvinashBole quip-mcp-server index.ts setupToolHandlers command injection

A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and m...

6.5CVSS6.2AI score0.01301EPSS
Exploits0References6
Cvelist
Cvelist
โ€ขadded 2026/03/15 4:32 p.m.โ€ข36 views

CVE-2026-4183 D-Link DIR-816 goahead form2WlanBasicSetup.cgi stack-based overflow

A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the argument pskValue leads to stack-based buffer overflow. The attack can be executed remotely. The...

10CVSS0.01184EPSS
Exploits1References5
Rows per page
Query Builder