Lucene search
K

11667 matches found

CVE
CVE
added 2026/05/12 8:21 a.m.18 views

CVE-2026-25787

CVE-2026-25787 affects Siemens devices with a web interface where the Technology Object (TO) name on the Motion Control Diagnostics page is not properly validated/sanitized. An authenticated user who is authorized to download a TIA project could inject malicious scripts into the page, and if anot...

9.3CVSS5.9AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 8:21 a.m.65 views

CVE-2026-25787

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

9.3CVSS0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 8:21 a.m.12 views

CVE-2026-25787

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

9.3CVSS5.9AI score0.0037EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.15 views

Intel QAT software drivers for Windows 缓冲区错误漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a buffer error vulnerability. This vulnerability...

8.5CVSS6AI score0.0011EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Intel QAT software drivers for Windows 输入验证错误漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a vulnerability related to input validation. This...

6.9CVSS5.8AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Intel QAT software drivers for Windows 安全漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions prior to Intel QAT software drivers for Windows 1.13 contain security vulnerabilities. These vulnerabilities stem from the...

4.8CVSS5.8AI score0.00096EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Ingeteam Ingecon Sun EMS Board 加密问题漏洞

The Ingeteam Ingecon Sun EMS Board is a control and communication expansion card developed by Ingeteam for photovoltaic power generation and energy management scenarios. The Ingeteam Ingecon Sun EMS Board has encryption-related vulnerabilities. These vulnerabilities stem from insecure credential...

9.2CVSS5.8AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/10 2:20 p.m.9 views

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

7.1CVSS5.9AI score0.00104EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2026/05/08 5:2 a.m.13 views

The Canvas Hack Is a New Kind of Ransomware Debacle

Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its Canvas platform following a breach by hackers going by the name ShinyHunters...

5.8AI score
Exploits0
hivepro
hivepro
added 2026/05/08 4:52 a.m.8 views

OT Cybersecurity Challenges for ICS in 2026

OT Cybersecurity Challenges for ICS in 2026 OT cybersecurity has become a board-level risk because industrial control systems are no longer isolated, predictable, or invisible to attackers. In 2026, security teams protecting manufacturing plants, utilities, transportation systems, energy...

5.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2026/05/08 2:58 a.m.10 views

Canvas Breach Disrupts Schools & Colleges Nationwide

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to...

5.7AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/07 1:50 p.m.95 views

CVE-Hunter-2026

CVE Hunter 2026 AI-assisted penetration testing tool that det...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.11 views

CVE-2026-43245

In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...

7.5CVSS5.7AI score0.00441EPSS
Exploits0
NVD
NVD
added 2026/05/05 4:16 p.m.47 views

CVE-2026-7412

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

8.6CVSS0.00516EPSS
Exploits0References2
hivepro
hivepro
added 2026/05/04 4:7 p.m.8 views

Why VM Programs Suck

& From the Trenches This is the conversation I have with VM leads every week. It usually starts at minute thirty of a discovery call, after the official agenda is over and the Zoom faces relax. Someone says "can I be honest with you for a second?" — and then I get the list. Same complaints...

5.6AI score
Exploits0
Cvelist
Cvelist
added 2026/05/03 1:30 a.m.51 views

CVE-2026-7674 Shenzhen Libituo Technology LBT-T300-HW1 Web Management start_single_service buffer overflow

A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function startsingleservice of the component Web Management Interface. Executing a manipulation of the argument vpnpptpserver/vpnl2tpserver can lead to buffer overflow. The attack can be executed...

9CVSS0.00481EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/03 1:30 a.m.7 views

EUVD-2026-26808

A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function startsingleservice of the component Web Management Interface. Executing a manipulation of the argument vpnpptpserver/vpnl2tpserver can lead to buffer overflow. The attack can be executed...

9CVSS7.7AI score0.00481EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-42481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files...

5.5CVSS5.5AI score0.00098EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-42476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because...

7.1CVSS5.6AI score0.00106EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-42478

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of...

7.5CVSS5.5AI score0.00219EPSS
Exploits0References3
Rows per page
Query Builder