Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.11 views

CVE-2026-22070

ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal...

9.8CVSS5.4AI score0.00208EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/30 8:27 a.m.5 views

CVE-2026-22070 ColorOS Assistant Path Traversal Vulnerability

ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal...

7.1CVSS5.2AI score0.00208EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/30 8:27 a.m.8 views

EUVD-2026-26354

ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal...

7.1CVSS5.2AI score0.00208EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 8:27 a.m.13 views

CVE-2026-22070

ColorOS Assistant is affected by a path traversal vulnerability triggered via an unauthenticated start-download channel. The root cause is an unauthenticated download initiation that can access file paths outside the intended directory, enabling potential exposure of restricted files. Affected so...

9.8CVSS5.2AI score0.00208EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/30 8:27 a.m.37 views

CVE-2026-22070 ColorOS Assistant Path Traversal Vulnerability

ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal...

7.1CVSS0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.7 views

lerobot 代码问题漏洞

Lerobot is a robot programming library open source by Hugging Face. Versions of LeRobot prior to 0.5.1 had code vulnerabilities. These vulnerabilities stemmed from unsafe deserialization in the asynchronous inference pipeline. The pickle.loads function was used to deserialize data received throug...

9.8CVSS6.4AI score0.15547EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24171

Malicious code in bioql PyPI...

7.2CVSS6.3AI score0.00225EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:36 p.m.5 views

CVE-2021-31338

A vulnerability has been identified in SINEMA Remote Connect Client All versions V3.0 SP1. Affected devices allow to modify configuration settings over an unauthenticated channel. This could allow a local attacker to escalate privileges and execute own code on the device...

7.8CVSS7.4AI score0.00242EPSS
Exploits0References1
OSV
OSV
added 2024/03/25 10:37 p.m.5 views

CVE-2024-2873

A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication, resulting in unauthorized access...

9.1CVSS6.4AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/01/04 4:15 p.m.5 views

CVE-2021-45912

An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...

7.8CVSS5.5AI score0.00296EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/01/04 12:0 a.m.4 views

Controlup Real-Time Agent操作系统命令注入漏洞

Controlup Real-Time Agent is a real-time agent from Controlup USA. The Controlup Real-Time Agent suffers from a command injection vulnerability that originates from an unauthenticated named pipe channel in the Controlup Real-Time Agent, which can be exploited by an attacker to run operating syste...

7.8CVSS5.8AI score0.00296EPSS
Exploits0References3
NVD
NVD
added 2021/08/19 4:15 p.m.20 views

CVE-2021-31338

A vulnerability has been identified in SINEMA Remote Connect Client All versions V3.0 SP1. Affected devices allow to modify configuration settings over an unauthenticated channel. This could allow a local attacker to escalate privileges and execute own code on the device...

7.8CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/29 1:45 p.m.23 views

CVE-2020-12040

Sigma Spectrum Infusion System v's6.x model 35700BAX and Baxter Spectrum Infusion System Versions 8.x model 35700BAX2 at the application layer uses an unauthenticated clear-text communication channel to send and receive system status and operational data. This could allow an attacker that has...

9.4AI score0.0094EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2018/11/28 8:2 a.m.7 views

libssh: Authentication Bypass due to improper message callbacks implementation

A vulnerability was found in libssh's server-side state machine. A malicious client could create channels without first performing authentication, resulting in unauthorized access...

9.1CVSS7.3AI score0.91789EPSS
Exploits10References5
Rows per page
Query Builder