Lucene search
K

1603 matches found

Debian CVE
Debian CVE
added 2026/04/23 12:3 a.m.4 views

CVE-2026-41179

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs...

9.8CVSS5.6AI score0.09199EPSS
Exploits2
AlpineLinux
AlpineLinux
added 2026/04/23 12:3 a.m.6 views

CVE-2026-41179

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs...

9.8CVSS5.6AI score0.09199EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-41179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version...

9.8CVSS5.9AI score0.09199EPSS
Exploits2References2
OSV
OSV
added 2026/04/22 2:45 p.m.7 views

GHSA-JFWF-28XR-XW6Q RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution

Summary The RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs... supports inline backend definitions, an unauthenticated attacker can instantiate an attacker-controlled backend on demand. For the WebDAV backend,...

9.8CVSS6.1AI score0.09199EPSS
Exploits2References9
Github Security Blog
Github Security Blog
added 2026/04/22 2:45 p.m.10 views

RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution

Summary The RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs... supports inline backend definitions, an unauthenticated attacker can instantiate an attacker-controlled backend on demand. For the WebDAV backend,...

9.8CVSS6.1AI score0.09199EPSS
Exploits2References9Affected Software1
Packet Storm
Packet Storm
added 2026/04/22 12:0 a.m.72 views

📄 WebDAV PHP Upload

This Metasploit module exploits WebDAV which also has PHP enabled, such as found on XAMPP servers. It can use do by using any supplied credentials to upload via WebDAV, a PHP payload and then execute it. This module requires Metasploit: https://metasploit.com/download Current source:...

8.7CVSS5.8AI score0.01209EPSS
Exploits2
Metasploit
Metasploit
added 2026/04/21 7:2 p.m.376 views

WebDAV PHP Upload

This module exploits WebDAV which also has PHP enabled, such as found on XAMPP servers. It can use do by using any supplied credentials to upload via WebDAV, a PHP payload and then execute it. Module Options msf use exploit/multi/http/webdavuploadphp msf exploitwebdavuploadphp show targets...

8.7CVSS6AI score0.01209EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
added 2026/04/21 12:0 a.m.11 views

(0Day) Microsoft Windows library-ms NTLM Response Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must view a folder containing malicious content. The specific flaw exists within the...

3.5CVSS5.7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/17 10:45 a.m.6 views

CVE-2026-5131 Server-Side Request Forgery in GREENmod

GREENmod uses named pipes for communication between plugins, the web portal, and the system service, but the access control lists for these pipes are configured incorrectly. This allows an attacker to communicate with the stream and upload any XML or JSON file, which will be processed by the name...

6.9CVSS5.7AI score0.00426EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/04/07 12:0 a.m.6 views

nginx security update

2:1.26.3-2.0.1.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-6 - Resolves: RHEL-157874 CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files 2:1.26.3-5 - Resolves: RHEL-159433 CVE-2026-27651 nginx: NGINX: Denial of Service via...

8.8CVSS7.6AI score0.21621EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/01 11:0 p.m.5 views

CVE-2026-5212

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

9CVSS7.7AI score0.00737EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/01 9:30 p.m.8 views

EUVD-2026-18023

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

6.9CVSS5.5AI score0.00991EPSS
Exploits1References6
NVD
NVD
added 2026/04/01 8:16 p.m.7 views

CVE-2026-5311

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

6.9CVSS0.00991EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/01 7:45 p.m.22 views

CVE-2026-5311 D-Link DNS-1550-04 file_center.cgi Webdav_Access_List access control

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

6.9CVSS0.00991EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/01 7:45 p.m.5 views

CVE-2026-5311 D-Link DNS-1550-04 file_center.cgi Webdav_Access_List access control

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

6.9CVSS5.8AI score0.00991EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/01 7:45 p.m.4 views

CVE-2026-5311

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

6.9CVSS5.8AI score0.00991EPSS
Exploits1References5Affected Software20
CVE
CVE
added 2026/04/01 7:45 p.m.11 views

CVE-2026-5311

CVE-2026-5311 concerns a security flaw in multiple D-Link NAS/Network storage devices (DNS-120, DNS-320/320L/320LW/321, DNS-323, DNS-325, DNS-326, DNS-327L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, DNS-1550-04, DNR-202L, DNR-322L, etc.). The vulnerability affects the Webdav_Access_Li...

6.9CVSS5.5AI score0.00991EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29599

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function Webdav...

6.9CVSS5.8AI score0.00991EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/31 9:31 p.m.7 views

EUVD-2026-17662

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

9CVSS7.7AI score0.00737EPSS
Exploits1References7
NVD
NVD
added 2026/03/31 9:16 p.m.5 views

CVE-2026-5212

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

9CVSS0.00737EPSS
Exploits1References6
Rows per page
Query Builder