Lucene search
K
AttackerkbRecent

75103 matches found

ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:36 p.m.•8 views

CVE-2026-58454

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTT...

7.7CVSS6.6AI score0.00523EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:33 p.m.•7 views

CVE-2026-58453

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anykaipc HTTP service on port 80...

9.8CVSS5.8AI score0.0169EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:31 p.m.•8 views

CVE-2026-58452

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a...

8.8CVSS6.4AI score0.02422EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:23 p.m.•7 views

CVE-2026-58025

Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/WikiImporter.Php, includes/Import/WikiRevision.Php, includes/Logging/LogEntryBase.Php. This issue affects MediaWiki: from before 1.46.0, 1.45.4,...

5.9CVSS5.8AI score0.00503EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:19 p.m.•9 views

CVE-2026-58029

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php,...

5.3CVSS5.8AI score0.00351EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:15 p.m.•8 views

CVE-2026-58028

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation CentralAuth. This vulnerability is associated with program files includes/Api/ApiFormatBase.Php, includes/Api/ApiHelp.Php,...

5.8AI score0.00267EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:12 p.m.•7 views

CVE-2026-24270

NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering...

9.8CVSS5.8AI score0.00842EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:11 p.m.•13 views

CVE-2026-57517

Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated remote attackers to execute arbitrary SQL queries by submitting unsanitized input through the userRes POST parameter at the user endpoint. Attackers can exploit MySQL root privileges...

9.8CVSS6.7AI score0.00587EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:11 p.m.•6 views

CVE-2026-24266

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...

5.9CVSS5.8AI score0.00717EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:11 p.m.•7 views

CVE-2026-24264

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS5.8AI score0.00774EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:10 p.m.•7 views

CVE-2026-58026

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Parser/Parser.Php. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.8AI score0.00369EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:8 p.m.•6 views

CVE-2026-8857

A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php. This issue affects timeline: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.8AI score0.00333EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:4 p.m.•7 views

CVE-2026-58038

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from before 1.46.0, 1.45.4,...

5.8AI score0.00169EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:1 p.m.•10 views

CVE-2026-58027

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php. This issue affects AbuseFilter: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.3CVSS5.8AI score0.00371EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:58 p.m.•7 views

CVE-2026-24251

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.8AI score0.00155EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:58 p.m.•6 views

CVE-2026-24250

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.8AI score0.00155EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:58 p.m.•7 views

CVE-2026-58030

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation SyntaxHighlightGeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlightGeSHi: from before 1.46.0,...

5.3CVSS5.8AI score0.0027EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:57 p.m.•7 views

CVE-2026-24249

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.9AI score0.00164EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:57 p.m.•7 views

CVE-2026-24248

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.8AI score0.00175EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:56 p.m.•7 views

CVE-2026-24247

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.9AI score0.00169EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:56 p.m.•7 views

CVE-2026-58032

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Api/index.Js. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6,...

5.3CVSS5.8AI score0.00299EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:56 p.m.•7 views

CVE-2026-24246

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.8AI score0.00169EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:55 p.m.•8 views

CVE-2026-24245

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.9AI score0.00154EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:54 p.m.•7 views

CVE-2026-58033

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/InfoAction.Php. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.3CVSS5.8AI score0.00413EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:53 p.m.•8 views

CVE-2026-24244

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.9AI score0.00154EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:52 p.m.•12 views

CVE-2026-8480

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...

4.3CVSS5.8AI score0.00087EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:51 p.m.•6 views

CVE-2026-58037

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFormatter.Php,...

5.8AI score0.0027EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:49 p.m.•7 views

CVE-2026-24243

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.9AI score0.00175EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:48 p.m.•7 views

CVE-2026-24242

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:48 p.m.•7 views

CVE-2026-58036

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php,...

2.1CVSS5.8AI score0.00243EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:43 p.m.•6 views

CVE-2026-24240

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:41 p.m.•7 views

CVE-2026-58127

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...

9.8CVSS6.5AI score0.00985EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:39 p.m.•7 views

CVE-2025-23351

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function VF access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device...

9CVSS6.4AI score0.00269EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:39 p.m.•10 views

CVE-2026-58126

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can...

9.8CVSS6.5AI score0.00963EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:38 p.m.•6 views

CVE-2025-15646

HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the element was added to libgumbo 0.10.0 in 2015, but the walktree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen over-reads the heap...

9.8CVSS5.8AI score0.00663EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:36 p.m.•6 views

CVE-2025-23350

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function VF access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device...

9CVSS6.4AI score0.00269EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:34 p.m.•7 views

CVE-2026-24260

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering...

8.5CVSS5.8AI score0.00489EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:34 p.m.•7 views

CVE-2026-58024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiUserrights.Php. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.1CVSS5.8AI score0.00369EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:32 p.m.•7 views

CVE-2026-13707

Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from through 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.8AI score0.00217EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:29 p.m.•7 views

CVE-2026-13706

Improper input validation vulnerability in Wikimedia Foundation UrlShortener. This vulnerability is associated with program files includes/UrlShortenerUtils.Php...

5.8AI score0.00328EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:25 p.m.•7 views

CVE-2026-58399

@acastellon/auth is an authentication control system for microservices. Versions prior to 2.3.0 appear to allow an unauthenticated authentication bypass in validateToken through spoofable auth-user and Host request headers. The validateToken middleware contains a service-to-service bypass for...

8.7CVSS5.8AI score0.00543EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:24 p.m.•5 views

CVE-2026-58031

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from...

5.8AI score0.00133EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:21 p.m.•6 views

CVE-2026-58034

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/blockConnectedTempAccountsField.Vue. This issue affects...

5.8AI score0.00142EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:19 p.m.•5 views

CVE-2026-6283

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from v.4.8.2.23 before v.4.8.3.1...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:17 p.m.•6 views

CVE-2026-58035

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Block/SpecialBlock.Vue...

5.8AI score0.00142EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:12 p.m.•5 views

CVE-2026-5220

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.23 before v.4.8.3.1...

6.4CVSS5.8AI score0.00148EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:9 p.m.•4 views

CVE-2026-14330

Multiple unbounded alloca calls in the PulseAudio protocol server...

5.5CVSS5.8AI score0.001EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:9 p.m.•5 views

CVE-2026-14324

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:8 p.m.•7 views

CVE-2026-2891

The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect to a malicious SIP server and receive malformed data. HP is releasing updates to mitigate these potential vulnerabilities...

8.2CVSS5.8AI score0.00253EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/07/01 2:8 p.m.•5 views

CVE-2026-5138

A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-tenant information disclosure vulnerability. This flaw occurs because the taxonomyscope controller method does not properly validate organization and location IDs from nested request parameters,...

4.3CVSS5.8AI score0.00231EPSS
Exploits0References7
Total number of security vulnerabilities75103