963 matches found
CVE-2026-1952
Technical details for CVE-2026-1952 are not publicly available in the provided documents. Monitor for updates from Delta Electronics or CVE databases.
EUVD-2026-25404
Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability...
CVE-2026-1952 Denial of service via the undocumented subfunction in AS320T
Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability...
PT-2026-34860
Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability...
Kyverno apiCall automatically forwards ServiceAccount token to external endpoints (credential leak)
Summary Kyverno's apiCall service mode automatically attaches the admission controller's ServiceAccount SA token to outbound HTTP requests. This results in unintended credential exposure when requests are sent to external or attacker-controlled endpoints. The behavior is insecure-by-default and n...
EUVD-2023-44280
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability...
CVE-2023-3634
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability...
CVE-2023-3634 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability...
CVE-2023-3634 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability...
CVE-2023-3634
The CVE-2023-3634 issue affects Festo MSE6-C2M/D2M/E2M in the MSE6 product-family. A remote authenticated, low-privileged attacker could use functions in an undocumented test mode, potentially causing a complete loss of confidentiality, integrity and availability. Affected components: MSE6-C2M, M...
CVE-2026-34769 Electron: Renderer command-line switch injection via undocumented commandLineSwitches webPreference
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, an undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. Ap...
CVE-2026-34769
CVE-2026-34769 (Electron) affects Electron versions prior to 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8. An undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. When apps construct webPreferences from external or untrusted i...
curl: Internal application wrapper or script using curl
While -guid is not a standard or documented curl command, a Command Injection or Argument Injection vulnerability within a specific application that wraps curl. Security Analysis: curl -guid -url example.com 1. Status of the "-guid" FlagUndocumented/Non-existent: The official curl binary does not...
EUVD-2026-18937
Electron: Renderer command-line switch injection via undocumented commandLineSwitches webPreference...
GHSA-9WFR-W7MM-PC7F Electron: Renderer command-line switch injection via undocumented commandLineSwitches webPreference
Impact An undocumented commandLineSwitches webPreference allowed arbitrary switches to be appended to the renderer process command line. Apps that construct webPreferences by spreading untrusted configuration objects may inadvertently allow an attacker to inject switches that disable renderer...
API Security for AI Agents: Why Protection Has Never Been More Important.
For years, a lot of risky APIs survived simply because they were hard to find. They weren’t documented. Only a handful of engineers knew the endpoints. And if an attacker wanted to abuse them, they had to spend real time reverse‑engineering traffic and guessing how things worked. That “security b...
WAGO GmbH & Co. KG Industrial Managed Switches
SUMMARY A vulnerability has been found affecting the Managed Switches of WAGO. An unauthenticated attacker can fully compromise the device via an undocumented function. 2. IMPACT This could lead to a full System compromise of the affected devices. 3. REMEDIATION Please update your devices to the...
OESA-2026-1596 python-ply security update
/ply/ /ply--.egg-info/ Security Fixes: An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Becaus...
OESA-2026-1594 python-ply security update
/ply/ /ply--.egg-info/ Security Fixes: An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Becaus...
CVE-2025-41756
A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system...