Lucene search
K

291 matches found

Cvelist
Cvelist
added 2026/07/01 3:14 a.m.35 views

CVE-2026-20460

In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

0.00174EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 12:32 a.m.5 views

EUVD-2026-39569

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead t...

9.4CVSS5.9AI score0.00378EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 10:17 p.m.9 views

CVE-2026-40702

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead t...

9.4CVSS0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:53 p.m.21 views

CVE-2026-44622 EVoke Systems EVoke CSMS Insufficiently Protected Credentials

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

6.9CVSS0.00248EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52596

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description Charging station authentication identifiers are publicly accessible through web-based mapping platforms. Recommendations At the moment, there is no information...

6.9CVSS5.8AI score0.00248EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52595

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description WebSocket endpoints lack proper authentication mechanisms, which allows attackers to impersonate charging stations. This flaw can be exploited to gain unauthoriz...

9.4CVSS5.8AI score0.00378EPSS
Exploits0References8
NVD
NVD
added 2026/06/24 9:16 p.m.10 views

CVE-2026-7539

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability...

7.3CVSS0.00096EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:47 p.m.6 views

CVE-2026-7539

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability...

7.3CVSS6AI score0.00096EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 7:47 p.m.7 views

EUVD-2026-39057

A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability...

7.3CVSS6AI score0.00096EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52085

Name of the Vulnerable Software and Affected Versions HP Accessory WMI Provider installer affected versions not specified Description A security issue exists in the HP Accessory WMI Provider installer used for certain HP Docking Stations. This flaw could allow an attacker to achieve escalation of...

7.3CVSS6AI score0.00096EPSS
Exploits0References5
NVD
NVD
added 2026/06/12 8:16 p.m.14 views

CVE-2026-50552

Koel is a free, open-source music streaming solution. Prior to version 9.7.1, Koel contains a Server-Side Request Forgery SSRF vulnerability in the radio station creation endpoint POST /api/radio/stations. The url field validation rules are declared without the bail keyword, so the...

6.3CVSS0.0016EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 6:51 p.m.32 views

CVE-2026-50552 Koel: Server-Side Request Forgery (SSRF) in radio station creation due to missing validation bail

Koel is a free, open-source music streaming solution. Prior to version 9.7.1, Koel contains a Server-Side Request Forgery SSRF vulnerability in the radio station creation endpoint POST /api/radio/stations. The url field validation rules are declared without the bail keyword, so the...

6.3CVSS0.0016EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 6:51 p.m.9 views

EUVD-2026-36546

Koel is a free, open-source music streaming solution. Prior to version 9.7.1, Koel contains a Server-Side Request Forgery SSRF vulnerability in the radio station creation endpoint POST /api/radio/stations. The url field validation rules are declared without the bail keyword, so the...

6.3CVSS5.5AI score0.0016EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Ella Core 安全特征问题漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.10.0 contained security feature vulnerabilities. These vulnerabilities stemmed from an unvalidated check to ensure that the UE security...

6.1CVSS5.8AI score0.00148EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.10 views

Market-Analysis-Driven Methodology for Assessing Charging Station Cybersecurity

Modern charging communication standards for electric vehicles include optional security controls such as TLS-based authentication and encryption. However, with tens of thousands of fast charging points deployed in any given country, individually testing each one for security control support is...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mac80211: Fixed an error in the ieee80211chanbwchange function for APVLAN stations. The ieee80211chanbwchange function iterates through all stations and accesses link-reserved.oper via sta-sdata-linklinkid. For stations on...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not flush non-uploaded STAs. If the STA state is pre-moved to AUTHORIZED such as in IBSS scenarios, and the insertion attempt fails, the station is freed. In this case, the driver never knew about the station;...

5.5CVSS6.2AI score0.00167EPSS
Exploits0References2
NVD
NVD
added 2026/04/07 4:17 a.m.3 views

CVE-2026-20433

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation...

8.8CVSS0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/05 10:0 p.m.2 views

CVE-2026-4272 CVE-2026-4272 - Bluetooth Remote Execution of System Commands Vulnerability

Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows Authentication Abuse.This issue affects Handheld Scanners: from C1 BaseIngenic x1000 before GK000432BAA, from D1 BaseIngenic x1600 before HE000085BAA, from A1/B1 BaseIMX25 before...

8.1CVSS6AI score0.00453EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/05 10:0 p.m.2 views

CVE-2026-4272

Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows Authentication Abuse.This issue affects Handheld Scanners: from C1 BaseIngenic x1000 before GK000432BAA, from D1 BaseIngenic x1600 before HE000085BAA, from A1/B1 BaseIMX25 before...

8.1CVSS6AI score0.00453EPSS
Exploits0References2
Rows per page
Query Builder