|
201
|
- |
|
-
|
-
|
A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted …
|
CWE-1287
Improper Validation of Specified Type of Input
|
CVE-2026-10825
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202
|
- |
|
-
|
-
|
A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems fr…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2026-10828
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203
|
- |
|
-
|
-
|
A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplie…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-10829
|
2026-06-17 00:26 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
204
|
- |
|
-
|
-
|
A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed C…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2025-11694
|
2026-06-17 00:26 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
205
|
- |
|
-
|
-
|
An authentication
bypass security issue exists within FactoryTalk Historian Site Edition. By
continually sending requests to the login endpoint, an attacker may obtain a
valid authentication token.
|
CWE-362
Race Condition
|
CVE-2025-13036
|
2026-06-17 00:26 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
206
|
- |
|
-
|
-
|
A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including …
|
CWE-862
Missing Authorization
|
CVE-2025-14272
|
2026-06-17 00:26 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207
|
- |
|
-
|
-
|
A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing conn…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-0646
|
2026-06-17 00:26 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208
|
- |
|
-
|
-
|
An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface passwor…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-0647
|
2026-06-17 00:26 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209
|
- |
|
-
|
-
|
A denial of service security issue exists in the
affected product. The security issue stems from a fault occurring when a
crafted CIP message is sent. Devices with less memory are more likely to be
a…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-11317
|
2026-06-17 00:26 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210
|
7.5 |
HIGH
Network
|
-
|
-
|
A command injection vulnerability was found in galaxy_ng. The do_git_checkout() function in the legacy role import API (v1) interpolates unsanitized git ref names (branch/tag names) into shell comman…
|
CWE-78
OS Command
|
CVE-2026-12398
|
2026-06-17 00:26 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
