Lucene search
K

1630 matches found

Nuclei
Nuclei
added yesterday87 views

Intelbras WIN 300/WRN 342 - Credentials Disclosure

Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the defwirelesspassword line in the HTML source code. id: CVE-2021-3017 info: name: Intelbras WIN 300/WRN 342 - Credentials Disclosure author: pikpikcu severity: high description:...

7.5CVSS7AI score0.63023EPSS
Exploits0References5
Debian CVE
Debian CVE
added 5 days ago5 views

CVE-2026-59856

Vim is an open source, command line text editor. Prior to 9.2.0736, the PHP omni-completion script in runtime/autoload/phpcomplete.vim interpolates a class or trait name, taken from the contents of the edited buffer, into a search pattern that is run via winexecute without escaping. A name...

8.4CVSS6.3AI score0.00169EPSS
Exploits1
CVE
CVE
added 6 days ago10 views

CVE-2026-29007

CVE-2026-29007 affects U-Boot (versions up to 2026.04-rc3) with CONFIG_PROT_TCP enabled. The issue is an out-of-bounds read in tcp_rx_state_machine() (net/tcp.c) triggered by a crafted IP packet whose total length and TCP data offset fields are mismatched, e.g., IP length 40 bytes and TCP header ...

6.9CVSS6AI score0.00467EPSS
Exploits0References4
CVE
CVE
added 2026/07/01 3:33 a.m.12 views

CVE-2026-7828

UltraVNC repeater up to version 1.8.2.2 contains an integer overflow in the HTTP request logging path. In repeater/webgui/settings.c:336, win_log() allocates memory with malloc(sizeof(struct LIST) + strlen(line)); if strlen(line) is large, the size overflows to a value smaller than sizeof(struct ...

5.3CVSS6.2AI score0.01057EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/16 1:13 p.m.8 views

CVE-2026-46655

A flaw was found in virtio-win. A low-integrity process can issue an IOCTL request to viosock.sys!VIOSockSelect with a maliciously crafted request that causes an integer overflow. This allows the process to circumvent bounds checking, resulting in a heap overflow in the NonPagedPool kernel heap...

7.8CVSS6.2AI score
Exploits0References4
Snyk
Snyk
added 2026/06/12 2:32 p.m.7 views

Malicious Package

Overview ecto-spirit-win-k4n8 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/12 2:32 p.m.11 views

Malicious code in ecto-spirit-win-k4n8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8082c12f69dfbb45e83017fa0baf4f88f9500649dd443e80f2d7d4f858020814 The package ships a postinstall.js that imports childprocess and references HTTP GET and hostname operations. Without traced-code corroboration of ho...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/12 2:32 p.m.12 views

Malicious code in ecto-win-flag-q2m7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6344042aff547b32cf30bc456be25e1229f921217ec0d6777f470174df10792 On npm install, postinstall.js executes a harvest-and-exfiltrate chain against the installer's machine. It reads files under /app, /root, and...

5.4AI score
Exploits0References3
Snyk
Snyk
added 2026/06/12 2:32 p.m.12 views

Malicious Package

Overview ecto-win-flag-q2m7 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
OSV
OSV
added 2026/06/12 2:32 p.m.9 views

MAL-2026-5692 Malicious code in ecto-win-flag-q2m7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6344042aff547b32cf30bc456be25e1229f921217ec0d6777f470174df10792 On npm install, postinstall.js executes a harvest-and-exfiltrate chain against the installer's machine. It reads files under /app, /root, and...

5.4AI score
Exploits0References3
OSV
OSV
added 2026/06/12 2:32 p.m.8 views

MAL-2026-5691 Malicious code in ecto-spirit-win-k4n8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8082c12f69dfbb45e83017fa0baf4f88f9500649dd443e80f2d7d4f858020814 The package ships a postinstall.js that imports childprocess and references HTTP GET and hostname operations. Without traced-code corroboration of ho...

6.2AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.9 views

CVE-2026-45601

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS5.4AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.10 views

CVE-2026-42911

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS5.4AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.16 views

CVE-2026-42911

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS0.00234EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.14 views

CVE-2026-34335

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.36 views

CVE-2026-45603 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

7CVSS0.00179EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.37 views

CVE-2026-45601 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

7CVSS0.00179EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/09 5:5 p.m.8 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

8.7CVSS5.3AI score0.0243EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.32 views

CVE-2026-34335 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

7CVSS0.00234EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.24 views

PT-2026-47865

Name of the Vulnerable Software and Affected Versions Windows Ancillary Function Driver for WinSock affected versions not specified Description A use after free issue in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Use after free i...

7CVSS5.2AI score0.00234EPSS
Exploits0References5
Rows per page
Query Builder