Lucene search
K

1888 matches found

Nuclei
Nuclei
added 8 hours ago16 views

BrightSign Digital Signage 8.2.26 - Server-Side Request Forgery

Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the BrightSign digital signage media player affecting the Diagnostic Web Server DWS. The application parses user supplied data in the 'url' GET parameter to construct a diagnostics request to the Download Speed Test service...

6.9CVSS6.1AI score0.0083EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday3 views

Malicious code in speed5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1eec0d2d56f1e9730af8b7f3a7b8897e86491d48663f7b09ae7c716f6b3c0092 [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...

6.1AI score
Exploits0References3
CVE
CVE
added 2 days ago14 views

CVE-2026-10668

Technical details are not publicly available in the provided documents. Monitor for updates.

2.4CVSS6.1AI score0.00143EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 6 days ago6 views

Important: Red Hat Security Advisory: kernel update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS6.2AI score0.00129EPSS
Exploits2References4
Fedora
Fedora
added 6 days ago5 views

[SECURITY] Fedora 43 Update: betterleaks-1.6.0-1.fc43

A Better Secrets Scanner built for configurability and speed...

7.5CVSS5.9AI score0.00939EPSS
Exploits0
Fedora
Fedora
added 6 days ago5 views

[SECURITY] Fedora 44 Update: betterleaks-1.6.0-1.fc44

A Better Secrets Scanner built for configurability and speed...

7.5CVSS5.9AI score0.00939EPSS
Exploits0
OSV
OSV
added 2026/07/06 8:57 a.m.3 views

SUSE-SU-2026:2777-1 Security update for cryptsetup, s390-tools

This update for cryptsetup, s390-tools fixes the following issue Security fixes: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270185. Changes for s390-tools: - Upgrade s390-tools to version 2.41.0 jscPED-15860 - Automatically set...

9.8CVSS6.1AI score0.00298EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 12:31 a.m.10 views

EUVD-2026-40013

A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...

9CVSS8AI score0.00466EPSS
Exploits0References7
NVD
NVD
added 2026/06/29 12:16 a.m.11 views

CVE-2026-13516

A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...

9CVSS0.00466EPSS
Exploits0References6
OSV
OSV
added 2026/06/28 8:41 a.m.2 views

OPENSUSE-SU-2026:21074-1 Security update for loupe

This update for loupe fixes the following issue - CVE-2025-58160: tracing-subscriber: untrusted input containing ANSI escape sequences can lead to terminal manipulation bsc1249009. Changes for loupe: - Update to version 48.2: - Check if the is-hidden property is available before reading it. -...

2.3CVSS5.8AI score0.00303EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 11:53 a.m.5 views

CVE-2026-56272

Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...

5.6CVSS5.8AI score0.00073EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 5:16 p.m.10 views

CVE-2026-51846

In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...

9.8CVSS0.00584EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50969

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow exists in the '/goform/AdvSetMacMtuWan' endpoint. This issue occurs when processing the wanSpeed parameter, which can lead to remote arbitrary code execution. Recommendations At...

9.8CVSS6.4AI score0.00584EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/19 12:0 a.m.30 views

CVE-2026-51846

In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...

0.00584EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/19 12:0 a.m.7 views

EUVD-2026-38052

In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...

6.5AI score0.00584EPSS
Exploits1References1
CVE
CVE
added 2026/06/19 12:0 a.m.19 views

CVE-2026-51846

CVE-2026-51846 affects Tenda AC7 v15.03.06.44. The vulnerability is a stack buffer overflow in the WAN speed parameter (wanSpeed) of the /goform/AdvSetMacMtuWan route, leading to remote arbitrary code execution. Affected component is the WAN configuration endpoint; root cause is improper handling...

9.8CVSS6.5AI score0.00584EPSS
Exploits1References1Affected Software1
HackRead
HackRead
added 2026/06/17 10:52 a.m.24 views

ESET MDR vs Sophos MDR: Compared Time to discover and respond to a threat

A detailed ESET MDR vs Sophos MDR comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose...

5.3AI score
Exploits0
Patchstack
Patchstack
added 2026/06/11 1:18 p.m.13 views

WordPress Speed Optimizer plugin < 7.7.9 - Unauthenticated Stored XSS via Minify Library vulnerability

Unauthenticated Stored XSS via Minify Library vulnerability discovered by Matthew Rollings in WordPress Plugin Speed Optimizer versions 7.7.9...

8.8CVSS5.4AI score0.0032EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.11 views

CVE-2026-49842

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's WebSocket frame loop intercepts a -prefixed speed-test protocol SPU / SPB / SP...

7.5CVSS5.4AI score0.00449EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 4:2 p.m.34 views

CVE-2026-49842 FreeSWITCH: Pre-authentication bandwidth amplification via `mod_verto` speed-test frames

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's WebSocket frame loop intercepts a -prefixed speed-test protocol SPU / SPB / SP...

7.5CVSS0.00449EPSS
Exploits0References2
Rows per page
Query Builder