Lucene search
K

10466 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.8 views

CVE-2021-27430

GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR...

8.4CVSS6.6AI score0.00239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.8 views

CVE-2021-27097

The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT...

7.8CVSS6.7AI score0.01037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.3 views

CVE-2021-27138

The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT...

7.8CVSS6.9AI score0.01095EPSS
Exploits0References1
OSV
OSV
added 2026/01/08 1:15 p.m.6 views

CVE-2025-62877

Projects using the SUSE Virtualization Harvester environment may expose the OS default ssh login password if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/08 12:29 p.m.2 views

CVE-2025-62877 Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer

Projects using the SUSE Virtualization Harvester environment may expose the OS default ssh login password if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is...

9.8CVSS6.5AI score0.00473EPSS
Exploits0References2
CVE
CVE
added 2026/01/08 12:29 p.m.17 views

CVE-2025-62877

CVE-2025-62877 affects SUSE Virtualization (Harvester) where the interactive installer on Harvester 1.5.x–1.6.x may expose the OS default SSH password when creating a new cluster or adding hosts. The issue does not occur when PXE boot with the Harvester configuration is used. Affected component i...

9.8CVSS6.4AI score0.00473EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.4 views

IGEL OS < 11.0.0 Secure Boot bypass (CVE-2025-47827)

The version of IGEL OS running on the remote host is prior to version 11. It is, therefore, affected by a cryptographic signature verification vulnerability in the igel-flash-driver module. An attacker could exploit this flaw to bypass Secure Boot protections. By leveraging the improper...

4.6CVSS8.6AI score0.03817EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2026/01/08 12:0 a.m.4 views

FreeRDP DoS Vulnerability (GHSA-3p57-rq4q-233x)

FreeRDP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:freerdpproject:freerdp...

6.5CVSS6.8AI score0.00416EPSS
Exploits0References4
NVD
NVD
added 2026/01/07 9:15 p.m.7 views

CVE-2025-64305

MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal...

7.1CVSS0.00144EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/07 8:2 p.m.5 views

CVE-2025-64305 Columbia Weather Systems MicroServer Cleartext Storage in a File or on Disk

MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal...

7.1CVSS6.7AI score0.00144EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/07 8:2 p.m.23 views

CVE-2025-64305 Columbia Weather Systems MicroServer Cleartext Storage in a File or on Disk

MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal...

7.1CVSS0.00144EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/01/07 6:30 p.m.6 views

africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +3482 more potentially affected by CVE-2025-12543 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.2.38.Final)

io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-12543 Source advisory: OSV:GHSA-J382-5JJ3-VW4J...

9.6CVSS7.4AI score0.01179EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.6 views

CVE-1999-0799

Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location...

10CVSS7.2AI score0.01845EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.6 views

PT-2026-1845

Name of the Vulnerable Software and Affected Versions Columbia Weather Systems MicroServer affected versions not specified Description The MicroServer copies portions of the system firmware to an unencrypted external SD card during boot. This firmware includes user and vendor secrets in plaintext...

7.1CVSS6.5AI score0.00144EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.5 views

PT-2026-1506

Name of the Vulnerable Software and Affected Versions SUSE Virtualization Harvester versions 1.5.x through 1.6.x Description The interactive installer for SUSE Virtualization Harvester may expose the default OS SSH login password when creating a new cluster or adding hosts to an existing cluster...

9.8CVSS6.8AI score0.00473EPSS
Exploits0References8
Snyk
Snyk
added 2026/01/05 8:25 p.m.2 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the interactive installer process. An attacker can gain unauthorized remote access to the host system by exploiting the default administrative credentials over SSH before the password is reset. This is...

9.8CVSS7.1AI score0.00473EPSS
Exploits0References2
Metasploit
Metasploit
added 2026/01/05 6:59 p.m.382 views

HTTP Fetch, Linux Reboot

Fetch and execute an RISC-V 32-bit payload from an HTTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/http/riscv32le/reboot msf...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2026/01/05 6:59 p.m.332 views

HTTP Fetch, Linux Reboot

Fetch and execute an RISC-V 64-bit payload from an HTTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/http/riscv64le/reboot msf...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2026/01/05 6:59 p.m.251 views

HTTPS Fetch, Linux Reboot

Fetch and execute an RISC-V 32-bit payload from an HTTPS server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/https/riscv32le/reboot msf...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/01/04 12:0 a.m.4 views

warehouse 授权问题漏洞

warehouse is a spring boot based logistics management system for small and medium-sized warehouses by yeqifu individual developers. There is an authorization issue vulnerability in warehouse, which originates from improper authorization of the function saveUserRole in the file...

8.8CVSS6.4AI score0.00299EPSS
Exploits1References6
Rows per page
Query Builder