3824 matches found
EUVD-2026-39185
When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...
CVE-2026-52756
Ghidra before 12.2 contains an unauthenticated path traversal vulnerability in the IsfServer that accepts TCP connections and passes client-supplied namespace strings directly to filesystem operations without validation. Remote attackers can connect to port 54321 and send crafted protobuf message...
CVE-2026-52756 Ghidra < 12.2 - Unauthenticated Path Traversal in Debugger ISF Server
Ghidra before 12.2 contains an unauthenticated path traversal vulnerability in the IsfServer that accepts TCP connections and passes client-supplied namespace strings directly to filesystem operations without validation. Remote attackers can connect to port 54321 and send crafted protobuf message...
CVE-2026-50233 Lyrion Music Server 9.2.0 Arbitrary Directory Listing
Lyrion Music Server 9.2.0 contains an arbitrary directory listing vulnerability in its readdirectory query, exposed through both the CLI service TCP port 9090 and the HTTP JSON-RPC endpoint /jsonrpc.js. The query accepts a folder parameter and lists its contents with no restriction to the...
CVE-2026-50233
The CVE-2026-50233 entry concerns Lyrion Music Server 9.2.0 with an arbitrary directory listing flaw in the readdirectory function. The issue is exposed via the CLI service on TCP port 9090 and the HTTP JSON-RPC endpoint at /jsonrpc.js. The vulnerable query accepts a folder parameter and returns ...
CVE-2026-25550 Seagull Software BarTender Unauthenticated RCE via .NET Remoting Service
Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The service registers an unauthenticated singleton endpoint — BarTenderSystem for BarTender 2016 = R9, and...
CVE-2026-49195 Predator Connect W6x: unauthenticated Debug Service
Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...
CVE-2024-27686
Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...
l4ki-TooL
TCP Port Scanner A simple Python tool that scans TCP ports on...
EUVD-2026-12810
In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...
CVE-2026-23247
In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...
EUVD-2026-12158
Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...
CVE-2026-2491 Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...
Security issues in ESC/POS
Overview ESC/POS is a printer control language designed by Seiko Epson Corporation for controlling POS printers and related devices. The following security issues have been identified with ESC/POS. Products implementing ESC/POS need to be designed and operated with consideration of the following...
CVE-2026-26333
Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs including EndeavorServer.rem and RemoteFileReceiver.rem and permits the use of SOAP and binary formatters with TypeFilterLevel set to Full. An...
CVE-2026-26221 Hyland OnBase Timer Service Unauthenticated .NET Remoting RCE
Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service Hyland.Core.Workflow.NTService.exe. An attacker who can reach the service can send crafted .NET Remoting requests to default HTTP channel endpoints on TCP/8900 e.g., TimerServiceAPI.rem and...
Siemens SIMATIC and SIPLUS products Uncontrolled Resource Consumption (CVE-2025-40944)
Affected devices do not properly handle S7 protocol session disconnect requests. When receiving a valid S7 protocol Disconnect Request COTP DR TPDU on TCP port 102, the devices enter an improper session state. This could allow an attacker to cause the device to become unresponsive, leading to a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001706)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001706 advisory. A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to...
CVE-2025-12548 Github.com/che-incubator/che-code: eclipse che — unauthenticated rce and secret exfiltration via tcp/3333
A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration SSH keys, tokens, etc. from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333...
CVE-2025-69425
The CVE-2025-69425 entry affects Ruckus vRIoT IoT Controller firmware before 3.0.0.0 (GA). A command execution service on TCP port 2004 runs with root privileges, authenticated by a hardcoded TOTP secret and an embedded static token. Exploitation requires credential extraction from the appliance ...