Lucene search
K

2797 matches found

ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-57020

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on QFX10000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all QFX10000 platforms in an EVPN-VxLAN scenario, if an...

7.1CVSS6AI score0.00269EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-33802

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service DoS. On EX2300, EX4000, EX4100, EX4300-MP Multigigabit and EX4400 switches, an authenticated, local attacker with no specific permissions ...

6.8CVSS6AI score0.00123EPSS
Exploits0References2Affected Software1
NVD
NVD
added last week7 views

CVE-2026-44877

An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system...

6.5CVSS0.00277EPSS
Exploits0References1
EUVD
EUVD
added last week5 views

EUVD-2026-42075

An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system...

6.5CVSS5.9AI score0.00277EPSS
Exploits0References1
CVE
CVE
added last week13 views

CVE-2026-44877

CVE-2026-44877 affects HPE Networking Instant On 1830, 1930, and 1960 switches. It is described as an unauthenticated remote disclosure vulnerability that could allow a remote attacker to access sensitive cryptographic secrets on a vulnerable system. CVSS‑3.1 metrics indicate Network access, Low ...

6.5CVSS5.9AI score0.00277EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-44877

An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system...

6.5CVSS5.9AI score0.00277EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week32 views

CVE-2026-44877 Unauthenticated Remote Disclosure of Cryptographic Secrets

An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system...

6.5CVSS0.00277EPSS
Exploits0References1
HPE Security Bulletins
HPE Security Bulletins
added 2026/07/07 12:0 a.m.5 views

HPESBNW05038 rev.1 - HPE Networking Instant On Switch Remote Unauthenticated Disclosure of Cryptographic Secrets

Potential Security Impact: Local: Access Restriction Bypass SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba Instant On 1930 Switch Series - Please refer to the Vulnerability Summary for Affected Version Information Affected Products HPE Networking Instant On 1830, 1930, and...

6.5CVSS6.1AI score0.00277EPSS
Exploits0
NVD
NVD
added 2026/07/06 9:16 p.m.7 views

CVE-2026-57572

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browserconfig.extraargs, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command together...

10CVSS0.00523EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:16 p.m.6 views

CVE-2026-57572

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browserconfig.extraargs, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command together...

10CVSS6.1AI score0.00523EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/64s/slb: Fixed the issue where multiple hits occurred during SLB preloading. On systems that use the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 12:46 p.m.2 views

OPENSUSE-SU-2026:21038-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.4AI score0.00938EPSS
Exploits8References16
OSV
OSV
added 2026/06/23 12:43 p.m.3 views

SUSE-SU-2026:22347-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.4AI score0.00938EPSS
Exploits8References17
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.15 views

PT-2026-56003

Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.9.0 Description The Docker API server allows the browser config.extra args parameter to be passed directly into Chromium launch arguments. Because the Docker API is unauthenticated by default, an attacker can injec...

10CVSS6.1AI score0.00523EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/06/09 4:5 p.m.8 views

CVE-2026-49848 FreeSWITCH: Pre-authentication `userVariables` injection in `mod_verto`

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's checkauth userauth branch wrote request-supplied userVariables into the...

4.3CVSS5.4AI score0.00172EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.19 views

CVE-2026-20171

A vulnerability in the Border Gateway Protocol BGP enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service DoS condition...

6.8CVSS5.5AI score0.00467EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Arcadia Crafty Controller 安全漏洞

Arcadia Crafty Controller is a server management panel developed under the open-source Crafty Controller project. There is a security vulnerability in Arcadia Crafty Controller. This vulnerability stems from a lack of resilience to unexpected messages from connection switches, which may lead to...

7.1CVSS5.5AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.7 views

Arista CloudVision eXchange 安全漏洞

Arista CloudVision eXchange is a control plane exchange platform developed by Arista Technologies in the United States, aimed at data centers and enterprise networks. There is a security vulnerability in Arista CloudVision eXchange. This vulnerability stems from EOS switches’ lack of flexibility...

7.1CVSS5.3AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

Zyxel GS1200 安全漏洞

The Zyxel GS1200 is a series of switches produced by the Chinese company Zyxel. The Zyxel GS1200 has a security vulnerability that stems from the lack of authorization verification. This vulnerability allows unauthorized attackers, based on the LAN, to read system configurations from log files...

6.5CVSS5.8AI score0.00234EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 4:6 p.m.7 views

CVE-2026-20171

A vulnerability in the Border Gateway Protocol BGP enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service DoS condition...

6.8CVSS5.8AI score0.00467EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder