Lucene search
K

212 matches found

NVD
NVD
added 2026/06/30 10:16 a.m.9 views

CVE-2025-7406

Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative local admin privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute...

7.8CVSS0.00128EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 10:16 a.m.8 views

CVE-2025-24815

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system...

7.8CVSS0.0015EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 8:59 a.m.13 views

CVE-2025-7406

CVE-2025-7406 affects Nokia MantaRay NM. A local privilege escalation allows an admin with local privileges to gain root access, yielding root filesystem control and full actions as root. Mitigation mentioned: temporarily restrict the set of commands permitted via sudo for affected accounts. No s...

7.8CVSS5.9AI score0.00128EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/30 8:55 a.m.33 views

CVE-2025-24815 An unrestricted file upload vulnerability in Nokia MantaRay NM

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system...

0.0015EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 8:55 a.m.13 views

CVE-2025-24815

CVE-2025-24815 affects Nokia MantaRay NM and describes an unrestricted file upload vulnerability caused by insufficient file type validation. The issue could allow an authenticated attacker to upload malicious files onto the system. No remediation details are provided in the supplied documents.

7.8CVSS5.8AI score0.0015EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/30 8:55 a.m.6 views

EUVD-2025-210369

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system...

7.8CVSS5.8AI score0.0015EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 7:40 p.m.38 views

CVE-2026-35014 Open ISES Tickets < 3.44.2 Reflected XSS via routes_nm.php ticket_id Parameter

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routesnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a hidden input field VALUE attribute. Attacke...

5.1CVSS0.00229EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/20 7:40 p.m.7 views

CVE-2026-35014 Open ISES Tickets < 3.44.2 Reflected XSS via routes_nm.php ticket_id Parameter

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routesnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a hidden input field VALUE attribute. Attacke...

5.1CVSS5.8AI score0.00229EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in binutils

A memory consumption issue in the getdata function in binutils/nm.c in GNU nm before version 2.34 allows attackers to cause a denial of service through crafted commands...

5.5CVSS5AI score0.00275EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of Tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in routesnm.php, which coul...

5.1CVSS5.8AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/07 6:31 p.m.3 views

EUVD-2025-209263

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application...

5.9AI score0.01006EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/07 6:31 p.m.10 views

EUVD-2025-209264

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application...

8CVSS5.9AI score0.01006EPSS
Exploits0References2
NVD
NVD
added 2026/04/07 4:16 p.m.6 views

CVE-2025-24817

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application...

8CVSS0.01006EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/07 3:14 p.m.20 views

CVE-2025-24819 A Relative Path Traversal vulnerability in Nokia MantaRay NM

Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application...

0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/04/07 3:13 p.m.18 views

CVE-2025-24818

CVE-2025-24818 affects Nokia MantaRay NM, with an OS command injection in the Log Search application caused by improper neutralization of special elements used in an OS command. The CVSS v3.1 metrics indicate a base score of 8.0 (High) with adjacent attack vector, low attack complexity, low privi...

8CVSS5.9AI score0.01006EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/07 3:13 p.m.7 views

CVE-2025-24818

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application...

5.9AI score0.01006EPSS
Exploits0References2
CVE
CVE
added 2026/04/07 3:9 p.m.12 views

CVE-2025-24817

Nokia MantaRay NM (Symptom Collector) is reported to be vulnerable to an OS command injection caused by improper neutralization of special elements in an OS command. CVSS v3.1 base score 8.0 (HIGH) with adjacent attack vector, low attack complexity, and low privileges required, no user interactio...

8CVSS5.9AI score0.01006EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.8 views

PT-2026-30842

Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application...

5.9AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/08 12:0 a.m.6 views

Projectworlds Online Art Gallery Shop SQL注入漏洞

Projectworlds Online Art Gallery Shop is an online art gallery store open source by Projectworlds. Version 1.0 of Projectworlds Online Art Gallery Shop has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters in the file/admin/adminHome.php, specifically...

9.8CVSS7.2AI score0.00357EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in GCC-12

In libiberty/rust-demangle.c within GNU GCC 11.2, stack consumption is allowed in the demangleconst function, as demonstrated by the nm-new output...

5.5CVSS6.6AI score0.00892EPSS
Exploits1References3
Rows per page
Query Builder