Lucene search
K

883 matches found

Cvelist
Cvelist
added 2026/06/28 10:15 p.m.30 views

CVE-2026-13510 SimStudioAI sim Password Protection deployment.ts weak hash

A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible...

6.3CVSS0.00216EPSS
Exploits0References7
OSV
OSV
added 2026/06/26 6:0 p.m.3 views

RLSA-2023:2870 Moderate: freeradius:3.0 security update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on...

7.5CVSS5.7AI score0.01171EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2026/06/26 6:0 p.m.5 views

freeradius:3.0 security update

An update is available for module.freeradius, freeradius. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRADIUS is a high-performance and highly configurabl...

7.5CVSS6.9AI score0.01171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.7 views

RockyLinux 8 : freeradius:3.0 (RLSA-2023:2870)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2870 advisory. freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on unknown option in EAP-SIM CVE-2022-41860 freeradius: Crash on invalid...

7.5CVSS6.9AI score0.01171EPSS
Exploits0References7
OSV
OSV
added 2026/06/18 4:40 p.m.4 views

SUSE-SU-2026:2459-1 Security update for strongswan

This update for strongswan fixes the following issues - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

5.8AI score
Exploits6References17
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49291

Name of the Vulnerable Software and Affected Versions Tenda 5G03 version V05.03.02.04 Version 1.0 Description Command injection is possible in the action unlock sim function through the pin parameter. Recommendations At the moment, there is no information about a newer version that contains a fix...

9.8CVSS5.9AI score0.01046EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.31 views

CVE-2026-38060

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionunlocksim via the pin parameter...

0.01046EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/14 6:53 a.m.96 views

wannacry-soc-lab

WannaCry SOC Investigation Lab Overview This project simu...

5.4AI score
Exploits0
SUSE Linux
SUSE Linux
added 2026/06/11 12:22 p.m.7 views

Security update for strongswan

This update for strongswan fixes the following issues CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attribut...

9.2CVSS5.4AI score
Exploits6References32
Packet Storm News
Packet Storm News
added 2026/06/06 12:0 a.m.22 views

Closing the Sim-To-Real Gap: An Evaluation Framework for Autonomous Cyber Defense Configuration of Commercial EDR

Leading commercial endpoint detection and response EDR products have shifted from operator-configured rule sets to multi-component systems where autonomous AI components operate alongside, and increasingly in place of, operator-deployed policies. Autonomous defense agents using commercial EDR as...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-49203

Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted...

8.3CVSS5.4AI score0.00168EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 6:25 a.m.7 views

CVE-2026-49203

Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted...

7.2CVSS5.8AI score0.00168EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 6:25 a.m.9 views

CVE-2026-49203 Unauthenticated eSIM Configuration Manipulation

Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted...

7.2CVSS5.8AI score0.00168EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the lack of authorization verification for the key management API endpoints involved in cellular eSIM allocation. As a result,...

8.3CVSS5.3AI score0.00168EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/06/01 7:45 a.m.11 views

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

9.2CVSS5.8AI score
Exploits6References24
OSV
OSV
added 2026/06/01 7:45 a.m.5 views

SUSE-SU-2026:2197-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

5.8AI score
Exploits6References13
NVD
NVD
added 2026/05/30 4:17 p.m.18 views

CVE-2018-25410

SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to /admin/media.php with module=pengurus and act=editpengurus parameters containing SQ...

7.1CVSS0.00221EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/30 2:55 p.m.10 views

CVE-2018-25410 SIM-PKH 2.4.1 SQL Injection via media.php id Parameter

SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to /admin/media.php with module=pengurus and act=editpengurus parameters containing SQ...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/30 2:55 p.m.10 views

CVE-2018-25410

SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to /admin/media.php with module=pengurus and act=editpengurus parameters containing SQ...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/30 2:55 p.m.33 views

CVE-2018-25410 SIM-PKH 2.4.1 SQL Injection via media.php id Parameter

SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to /admin/media.php with module=pengurus and act=editpengurus parameters containing SQ...

7.1CVSS0.00221EPSS
Exploits0References4
Rows per page
Query Builder