Lucene search
K

185 matches found

CNNVD
CNNVD
added 2026/05/07 12:0 a.m.14 views

PHOENIX CONTACT多款产品 安全漏洞

PHOENIX CONTACT FL MGUARD 2102, among others, are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL MGUARD 2102 is a router. PHOENIX CONTACT FL MGUARD 2105 is also a router. PHOENIX CONTACT FL MGUARD represents a series of routers. Several products from PHOENIX CONTACT have...

8CVSS5.9AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2026/02/07 5:2 p.m.16 views

CVE-2026-2105

Summary (CVE-2026-2105). A flaw exists in the yeqifu warehouse project, specifically in the Department Management component. The vulnerability affects the DeptController.java functions addDept, updateDept, and deleteDept, causing improper authorization. Exploitation is described as remote; an exp...

8.8CVSS6.2AI score0.00276EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : openssl-1.0.1e-51.el7.5 (AXSA:2016-230:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-230:03 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

10CVSS8.3AI score0.89058EPSS
Exploits8References9
RedhatCVE
RedhatCVE
added 2026/01/09 10:12 a.m.9 views

CVE-2019-2105

In FileInputStream::Read of fileinputstream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android...

8.8CVSS8AI score0.00712EPSS
Exploits0References1
CISA
CISA
added 2025/12/22 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-52163link is external Digiever DS-2105 Pro Missing Authorization Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

8.8CVSS6.9AI score0.96285EPSS
In wildExploits1References6
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/22 12:0 a.m.7 views

Digiever DS-2105 Pro Missing Authorization Vulnerability

Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via timetzsetup.cgi...

8.8CVSS8.2AI score0.96285EPSS
In wildExploits1
Circl
Circl
added 2025/12/10 3:42 p.m.4 views

CVE-2024-2105

creationtimestamp| type| source ---|---|--- 2025-12-10 15:42:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7nfjxpm7v2y 2025-12-11 09:04:24+00:00| seen| https://infosec.exchange/users/certvde/statuses/115700128904081487...

6.5CVSS5.7AI score0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-2105

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0339EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/22 11:42 p.m.9 views

CVE-2022-41204

An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This allows them to steal credentials and hijack...

8.8CVSS8.7AI score0.0076EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:2 p.m.6 views

CVE-2006-2105

Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote attackers to read arbitrary files via ".." sequences terminated by a %00 null character in the n parameter...

5CVSS7.1AI score0.01275EPSS
Exploits1References1
CVE
CVE
added 2025/04/26 5:34 a.m.75 views

CVE-2025-2105

CVE-2025-2105 (Jupiter X Core) affects WordPress Jupiter X Core plugin up to version 4.8.11. Vulnerability: PHP Object Injection via deserialization of untrusted input from the ‘file’ parameter of raven_download_file, enabling injection of a PHP object through a PHAR file. Impact is contingent on...

8.1CVSS8.3AI score0.00621EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/04/26 5:34 a.m.34 views

CVE-2025-2105 Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR

The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'ravendownloadfile' function. This makes it possible for attackers to inject a PHP Object through a PH...

8.1CVSS0.00621EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/04/25 9:32 p.m.11 views

WordPress Jupiter X Core plugin <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR vulnerability

Unauthenticated PHP Object Injection via PHAR vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin JupiterX Core versions = 4.8.11...

8.1CVSS8.6AI score0.00621EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2016-2105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the EVPEncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a deni...

7.5CVSS7.1AI score0.3965EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/08 4:43 a.m.4 views

CVE-2023-52164

accessdevice.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.1CVSS7.1AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/08 4:43 a.m.5 views

CVE-2023-52163

Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.9CVSS7AI score0.96285EPSS
Exploits1References1
NVD
NVD
added 2025/02/03 9:15 p.m.5 views

CVE-2023-52163

Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

8.8CVSS0.96285EPSS
Exploits1References4
OSV
OSV
added 2025/02/03 9:15 p.m.3 views

CVE-2023-52163

Digiever DS-2105 Pro 3.1.0.71-11 devices allow timetzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

8.8CVSS5.8AI score0.96285EPSS
Exploits1References4
NVD
NVD
added 2025/02/03 9:15 p.m.7 views

CVE-2023-52164

accessdevice.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.1CVSS0.00323EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/03 12:0 a.m.10 views

CVE-2023-52164

accessdevice.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

0.00323EPSS
Exploits0References2
Rows per page
Query Builder