Lucene search
K

238 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2014-0709

Malware in sbrugna...

5.5CVSS6.4AI score0.01426EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-31221

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00938EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-25808

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00113EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-48609

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00943EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-35231

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00929EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-48608

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00835EPSS
Exploits0References2
Cisco
Cisco
added 2025/09/24 4:0 p.m.17 views

Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability

A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required...

8.1CVSS7.1AI score0.00435EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/01 2:47 p.m.6 views

CVE-2025-3611

Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team...

4.3CVSS6.6AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:31 a.m.5 views

CVE-2023-27350

This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 Build 63914. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. ...

9.8CVSS9.9AI score0.99999EPSS
Exploits24References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:29 p.m.10 views

CVE-2020-21999

iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script...

9CVSS8.1AI score0.05242EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 11:28 a.m.9 views

CVE-2013-3380

The administrative web interface in the Access Control Server in Cisco Secure Access Control System ACS does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279...

4CVSS6AI score0.01332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:15 a.m.8 views

CVE-2013-1200

Session fixation vulnerability in Cisco Secure Access Control System ACS allows remote attackers to hijack web sessions via unspecified vectors, aka Bug ID CSCud95787...

6.8CVSS7AI score0.01209EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:39 a.m.9 views

CVE-2013-3428

The web interface in Cisco Secure Access Control System ACS does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957...

4CVSS6.1AI score0.00947EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:40 a.m.26 views

Security Bulletin: IBM Aspera Faspex 5 has addressed multiple vulnerabilities (CVE-2023-37412, CVE-2023-37398, CVE-2023-37413, CVE-2023-35907)

Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Aspera Faspex 5.0.11 Vulnerability Details CVEID:CVE-2023-37412 DESCRIPTION: IBM Aspera Faspex could allow a privileged user to make system changes without proper access controls. CWE:CWE-284:...

9.8CVSS5.5AI score0.00314EPSS
Exploits0Affected Software6
CNVD
CNVD
added 2025/03/26 12:0 a.m.2 views

GeoVision ASManager Windows Application Credentials Disclosure Vulnerability

GeoVision ASManager GV-ASManager is an access control system developed by the Chinese company GeoVision. A credential disclosure vulnerability exists in the GeoVision ASManager Windows Application due to improper memory handling in the ASManagerService.exe process. An attacker can exploit this...

5.1CVSS6.5AI score0.01278EPSS
Exploits2References1
CNVD
CNVD
added 2025/02/18 12:0 a.m.3 views

Siemens SiPass Integrated Third-Party Component DotNetZip Directory Traversal Vulnerability

Siemens SiPass integrated is a powerful and flexible access control system for organizations of all sizes, from simple offices to large complex facilities containing thousands of doors, gates, barriers and elevators. A directory traversal vulnerability exists in DotNetZip, a third-party component...

8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.7 views

The vulnerability of the software for controlling the Geovision GV-ASManager system lies in the absence of an authentication procedure, which allows a intruder to disclose the protected information.

The vulnerability of the software for controlling the Geovision GV-ASManager access control system is related to the absence of an authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

6.8CVSS6.5AI score0.00584EPSS
Exploits0References4Affected Software1
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/12/09 6:49 a.m.12 views

Making sure your door access control system is secure: Top 5 things to check

Your door access control system aka a physical access control system or PACS, also referred to as RFID cards or ‘swipe’ cards often have a poor reputation for being vulnerable to cloning attacks. Here’s the thing: it’s generally possible to configure your system to be very resistant to card...

7.3AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/09/19 3:54 p.m.10 views

CVE-2024-45862 Cleartext Storage of Sensitive Information in Kastle Systems Access Control System

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information...

8.7CVSS6.8AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/19 3:54 p.m.26 views

CVE-2024-45862 Cleartext Storage of Sensitive Information in Kastle Systems Access Control System

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information...

8.7CVSS0.00248EPSS
Exploits0References1
Rows per page
Query Builder