Lucene search
K

76 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.10 views

Cloud Foundry windows-utilities-release 安全漏洞

Cloud Foundry Windows-Utilities-Release is a collection of Windows platform maintenance tools provided by the Cloud Foundry company. There are security vulnerabilities in Cloud Foundry Foundation Windows-Utilities-Release; these vulnerabilities stem from the use of a predictable random number...

7.5CVSS5.4AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 4:16 p.m.13 views

CVE-2018-25387

HaPe PKH 1.1 contains a cross-site request forgery vulnerability that allows attackers to change administrator passwords by submitting forged requests to the user update endpoint. Attackers can craft malicious forms targeting the aksiuser.php script with parameters like iduser, password, and leve...

6.9CVSS0.00175EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.5 views

CVE-2025-15554

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...

6CVSS5.8AI score0.00145EPSS
Exploits0References1
NVD
NVD
added 2026/03/16 2:17 p.m.2 views

CVE-2025-15554

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...

7.8CVSS0.00145EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.5 views

PT-2026-25677

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...

6CVSS5.8AI score0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

Tinycontrol多款产品 安全漏洞

Tinycontrol tcPDU is a product of the Polish company Tinycontrol. Tinycontrol tcPDU is a network distribution unit. Tinycontrol LAN Controllers LK3.5 is a device for remote monitoring and control of environmental parameters. Tinycontrol LAN Controllers LK3.9 is also a device for remote monitoring...

8.7CVSS5.9AI score0.00275EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

Truesec LAPSWebUI 安全漏洞

Truesec LAPSWebUI is a web-based management interface provided by the Swedish company Truesec. Versions of Truesec LAPSWebUI prior to version 2.4 contained security vulnerabilities. These vulnerabilities stemmed from the browser caching of LAPS passwords, which could allow attackers to gain...

7.8CVSS5.8AI score0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.11 views

Brocade SANnav 安全漏洞

Brocade SANnav is a storage area network management software developed by the American company Brocade. Versions of Brocade SANnav prior to 2.4.0b contained security vulnerabilities. These vulnerabilities stemmed from the fact that logs supported by SANnav recorded administrator passwords for...

8.5CVSS5.8AI score0.00262EPSS
Exploits0References1
OSV
OSV
added 2025/12/24 8:15 p.m.5 views

CVE-2019-25242

FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by...

5.1CVSS5.7AI score0.002EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/11/20 12:21 a.m.12 views

CVE-2025-63205

An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD, firmware versions 6.5.0-9, allowing attackers to gain sensitive information such as administrator passwords via the...

7.5CVSS5.3AI score0.00327EPSS
Exploits1References1
NVD
NVD
added 2025/11/19 6:15 p.m.5 views

CVE-2025-63205

An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD, firmware versions 6.5.0-9, allowing attackers to gain sensitive information such as administrator passwords via the...

7.5CVSS0.00327EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.9 views

PT-2025-47492

Name of the Vulnerable Software and Affected Versions bridgetech probes VB220 IP Network Probe, VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD versions 6.5.0-9 Description An issue exists that allows attackers to gain sensitive...

6.5AI score0.00327EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.4 views

PT-2025-47498

Name of the Vulnerable Software and Affected Versions bridgetech VB288 Objective QoE Content Extractor version 5.6.0-8 Description A flaw exists in bridgetech VB288 Objective QoE Content Extractor firmware version 5.6.0-8 that allows attackers to obtain sensitive information, including...

7.5CVSS6.5AI score0.00214EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.5 views

Lynx Twonky Server 安全漏洞

Lynx Twonky Server is a DLNA/UPnP media server from Lynx USA. A security vulnerability exists in Lynx Twonky Server version 8.5.2, which stems from the use of hard-coded encryption keys that could lead to the decryption of administrator passwords...

9.8CVSS6.6AI score0.31944EPSS
Exploits3References1
Snyk
Snyk
added 2025/10/16 4:42 p.m.5 views

Authorization Bypass Through User-Controlled Key

Overview @strapi/core is a Core of Strapi Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the lookup operator in the document service due to improper sanitization of query operator for private fields . An attacker can retrieve sensitive...

8.2CVSS7AI score0.00383EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/10/10 4:26 a.m.3 views

CVE-2025-6038

The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating...

8.8CVSS6.4AI score0.00293EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2010-5054

Malware in sbrugna...

4CVSS6.4AI score0.01086EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-4008

Malware in sbrugna...

9CVSS9.2AI score0.01029EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18074

Malware in sbrugna...

7.8CVSS7.6AI score0.00819EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-2313

Malware in sbrugna...

2.1CVSS6.4AI score0.0021EPSS
Exploits0References5
Rows per page
Query Builder