Lucene search
+L

556 matches found

redos
redos
added 2026/04/03 12:0 a.m.8 views

ROS-20260403-73-0024

A vulnerability in the hvnetvsc component of the Linux operating system kernel is related to a lack of synchronization. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS6.1AI score0.00159EPSS
Exploits0
nvd
nvd
added 2026/03/30 5:16 p.m.4 views

CVE-2026-26352

Smoothwall Express versions prior to 3.1 Update 13 contain a stored cross-site scripting vulnerability in the /cgi-bin/vpnmain.cgi script due to improper sanitation of the VPNIP parameter. Authenticated attackers can inject arbitrary JavaScript through VPN configuration settings that executes whe...

5.4CVSS0.00138EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/03/28 8:44 a.m.146 views

randstad-linux-azure-architect-poc

Randstad Azure Linux Architect — POC GitHub: https://gith...

5.9AI score
Exploits0
osv
osv
added 2026/03/25 11:16 a.m.7 views

UBUNTU-CVE-2026-23340

In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdiscresetalltxgt vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netifsetrealnumtxqueues calls qdiscresetalltxgt to flush qdiscs for queues which will no longer be used...

7.8CVSS5.7AI score0.00137EPSS
Exploits0References9
cve
cve
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23310

Summary: CVE-2026-23310 affects the Linux kernel bonding/kern XDP path. If a bond is in 802.3ad or balance-xor mode and an XDP program is loaded, changing xmit_hash_policy to vlan+srcmac can escape the existing guard, leaving bond->xdp_prog set and causing an incompatible state during tear-dow...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References6Affected Software1
redhat
redhat
added 2026/03/23 1:38 a.m.7 views

kernel: macvlan: fix possible UAF in macvlan_forward_source()

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

7.8CVSS5.9AI score0.00188EPSS
Exploits0References5
cvelist
cvelist
added 2026/03/22 1:38 p.m.33 views

CVE-2019-25600 UltraVNC Viewer 1.2.2.4 Denial of Service via Buffer Overflow

UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect t...

7.1CVSS0.00689EPSS
Exploits0References4
euvd
euvd
added 2026/03/21 3:31 a.m.7 views

EUVD-2026-13964

OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attackers on the host loopback interface can connect to the exposed noVNC port to observe or interact wi...

8.5CVSS5.8AI score0.00514EPSS
Exploits0References5
cvelist
cvelist
added 2026/03/21 12:42 a.m.34 views

CVE-2026-32064 OpenClaw < 2026.2.21 - Missing VNC Authentication in Sandbox Browser noVNC Observer

OpenClaw versions prior to 2026.2.21 sandbox browser entrypoint launches x11vnc without authentication for noVNC observer sessions, allowing unauthenticated access to the VNC interface. Remote attackers on the host loopback interface can connect to the exposed noVNC port to observe or interact wi...

8.5CVSS0.00514EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/03/21 12:0 a.m.10 views

OpenClaw 访问控制错误漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.21 contained a security vulnerability related to access control. This vulnerability stemmed from the fact that the XaaS browser’s entry point did not perform authentication when...

9.1CVSS5.8AI score0.00514EPSS
Exploits0References4
osv
osv
added 2026/03/18 6:16 p.m.10 views

UBUNTU-CVE-2026-23262

In the Linux kernel, the following vulnerability has been resolved: gve: Fix stats report corruption on queue count change The driver and the NIC share a region in memory for stats reporting. The NIC calculates its offset into this region based on the total size of the stats region and the size o...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References24
euvd
euvd
added 2026/03/07 3:30 a.m.6 views

EUVD-2026-10093

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS5.8AI score0.00512EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/03/04 5:19 p.m.4 views

CVE-2026-20100

A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...

7.7CVSS6AI score0.00282EPSS
Exploits0References1
osv
osv
added 2026/03/03 8:16 p.m.4 views

CVE-2024-55025

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References2
astralinux
astralinux
added 2026/03/03 9:29 a.m.9 views

Astra Linux – Vulnerability in OVN

A flaw was discovered in the Open Virtual Network OVN. Specifically, specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations that are configured with a logical switch equipped with DNS records. This occurs if the same switch has any egress ACLs configured...

8.1CVSS6.7AI score0.00832EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/03/03 12:0 a.m.8 views

PT-2026-22782

Name of the Vulnerable Software and Affected Versions Weintek cMT-3072XH2 easyweb version 2.1.53, OS version 20231011 Description An access control issue exists in the VNC component. This allows unauthorized attackers to access the HMI system. Recommendations Update to a newer version that...

6.5CVSS5.9AI score0.00302EPSS
Exploits0References6
euvd
euvd
added 2026/03/03 12:0 a.m.3 views

EUVD-2024-55464

Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...

6.5CVSS5.9AI score0.00302EPSS
Exploits0References2
cve
cve
added 2026/02/05 4:13 p.m.11 views

CVE-2020-37134

CVE-2020-37134 affects UltraVNC Viewer 1.2.4.0. The vulnerability is a denial-of-service triggered by pasting a malformed 256-byte payload into the VNC Server connection dialog, which crashes the application. The available connected documents corroborate the affected software and the method to re...

7.5CVSS5.4AI score0.00361EPSS
Exploits0References3
github
github
added 2026/02/04 9:36 p.m.10 views

EVE's Debug Functions Unlockable Without Triggering Measured Boot

Impact On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH debug.enable.ssh, USB keyboard debug.enable.usb, and VNC access app.allow.vnc without triggering the measured boot. Thus, a user with...

8.8CVSS7.8AI score0.00159EPSS
Exploits0References7Affected Software1
ibm
ibm
added 2026/01/30 4:53 p.m.12 views

Security Bulletin: Multiple Vulnerabilities in VMware ESXi affect IBM Cloud Pak System

Summary Vulnerabilities in VMware ESXi affect IBM Cloud Pak System. IBM Cloud Pak System has addressed vulnerabilities. Cloud Pak Sytem has delivered updated workload nodes to VMware ESXi 83U3g. Vulnerability Details CVEID:CVE-2025-41236 DESCRIPTION: VMware ESXi, Workstation, and Fusion contain a...

9.3CVSS6.2AI score0.02173EPSS
Exploits2Affected Software1
Rows per page
Query Builder