Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/02/14 7:22 p.m.9 views

CVE-2026-21878

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

7.5CVSS5.7AI score0.00356EPSS
Exploits1References1
NVD
NVD
added 2026/02/13 7:17 p.m.4 views

CVE-2026-21878

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

7.5CVSS0.00356EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/13 6:10 p.m.6 views

CVE-2026-21878 BACnet Stack Improperly Limits Pathnames to a Restricted Directory

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

7.5CVSS5.7AI score0.00356EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.6 views

PT-2026-8019

Name of the Vulnerable Software and Affected Versions BACnet Stack versions prior to 1.5.0.rc3 Description The BACnet Stack software contains a flaw in its file writing functionality. Specifically, there is a lack of validation for user-supplied file paths, which could allow attackers to write...

7.5CVSS5.6AI score0.00356EPSS
Exploits1References9
Snyk
Snyk
added 2025/08/11 9:31 p.m.1 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the webhook endpoints. An attacker can cause the plugin to crash by repeatedly sending invalid request bodies to the server. Remediation Upgrade...

7.5CVSS7AI score0.00295EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/11 9:31 p.m.1 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the webhook endpoints. An attacker can cause the plugin to crash by repeatedly sending invalid request bodies to the server. Remediation Upgrade...

7.5CVSS7AI score0.00295EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/11 9:31 p.m.2 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the edit subscription endpoint. An attacker can gain unauthorized access to edit subscriptions for spaces they do not have permission to access by sending crafted requests. Remediation Upgrade...

6.4CVSS7AI score0.00175EPSS
Exploits0References2
Rows per page
Query Builder