Lucene search
K

162399 matches found

CVE
CVE
added 2026/06/09 3:50 p.m.20 views

CVE-2026-9210

CVE-2026-9210 involves an insufficient input validation vulnerability in NETGEAR routers where listed NETGEAR models allow authenticated administrators on the local network to make unauthorized modifications to router software and functionality. The underlying issue is improper input handling tha...

7.1CVSS5.5AI score0.00216EPSS
Exploits0References32Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.7 views

CVE-2026-9210 Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

7.1CVSS5.4AI score0.00216EPSS
Exploits0References32
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.32 views

CVE-2026-9213 Insufficient input validation in certain NETGEAR routers

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device...

9.1CVSS0.00397EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.29 views

CVE-2026-0419 Insufficient input validation vulnerability in NETGEAR JR6150

Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...

7.3CVSS0.00289EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.8 views

CVE-2026-0419 Insufficient input validation vulnerability in NETGEAR JR6150

Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...

7.3CVSS5.6AI score0.00289EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 3:50 p.m.18 views

CVE-2026-0419

CVE-2026-0419 describes insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router, 802.11ac, dual-band; released 2014) that allows users on the local Wi‑Fi to execute operating system commands. The device is End-of-Support since 2018 with no planned security updates. The advisory notes t...

8CVSS5.6AI score0.00289EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/09 3:50 p.m.21 views

CVE-2026-9213

CVE-2026-9213 affects NETGEAR gaming routers. The issue stems from insufficient input validation, enabling an attacker who can intercept traffic between the router and the Internet to execute code on the device. Documented impact includes high confidentiality and integrity impact with network-exp...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.29 views

CVE-2026-0412 Insufficient input validation vulnerability in NETGEAR JR6150 Web UI

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

6.8CVSS0.00153EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.5 views

CVE-2026-0412 Insufficient input validation vulnerability in NETGEAR JR6150 Web UI

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

6.8CVSS5.4AI score0.00153EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 3:50 p.m.27 views

CVE-2026-0412

CVE-2026-0412 relates to the NETGEAR JR6150 Web UI and is described as an insufficient input validation vulnerability. The affected device is the NETGEAR JR6150 (AC750 WiFi Router, 2014 release) and the description states that administrators connected to the local network can make unauthorized mo...

6.8CVSS5.4AI score0.00153EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 3:41 p.m.7 views

CVE-2026-0410 Insufficient input validation in certain NETGEAR routers

Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality...

5.7CVSS5.4AI score0.00219EPSS
Exploits0References20
Cvelist
Cvelist
added 2026/06/09 3:41 p.m.28 views

CVE-2026-0410 Insufficient input validation in certain NETGEAR routers

Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality...

5.7CVSS0.00219EPSS
Exploits0References20
RedHat Linux
RedHat Linux
added 2026/06/09 3:36 p.m.9 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS8AI score0.01545EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 3:16 p.m.13 views

USN-8411-1 node-lodash vulnerabilities

It was discovered that Lodash was vulnerable to a prototype pollution issue in the zipObjectDeep function. An attacker could possibly use this issue to modify application behavior. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-8203 Liyuan Chen discovered that Lodash was...

9.8CVSS7AI score0.2241EPSS
Exploits4References7
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.12 views

CVE-2026-8833

Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site scripting when another...

8.5CVSS5.2AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.10 views

CVE-2026-11500

A vulnerability was identified in Weaviate up to 1.37.7. This vulnerability affects the function validateConfig of the file usecases/auth/authentication/apikey/client.go of the component Static API Key Handler. The manipulation of the argument StaticApiKey leads to authorization bypass. It is...

5CVSS4.6AI score0.00281EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 2:50 p.m.7 views

CVE-2026-24065 Local Privilege Escalation via Insecure XPC Client Validation in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

6.1AI score0.00323EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/09 2:50 p.m.32 views

CVE-2026-24065 Local Privilege Escalation via Insecure XPC Client Validation in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

0.00323EPSS
Exploits1References1
CVE
CVE
added 2026/06/09 2:50 p.m.29 views

CVE-2026-24065

Waves Central for macOS (versions 13.0.9–16.5.5) contains a local privilege escalation in the privileged helper service. The helper validates connecting XPC clients by examining the client PID to verify code-signing identity. Since PIDs can be reused, an attacker can race between connection and v...

8.1CVSS6.1AI score0.00323EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/09 2:27 p.m.10 views

EUVD-2026-31440

shell-quote quote does not escape newlines in object .op values...

9.2CVSS5.4AI score0.00848EPSS
Exploits1References6
Rows per page
Query Builder