Lucene search
K

272 matches found

CNNVD
CNNVD
added 2025/07/08 12:0 a.m.4 views

SAP CMC Promotion Management 代码问题漏洞

SAP CMC Promotion Management is a software for managing and migrating content from SAP, Germany. A code issue vulnerability exists in SAP CMC Promotion Management that originates from a verified attacker who can enumerate internal network systems, potentially leading to information disclosure...

4.1CVSS6.5AI score0.00223EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/05 7:34 a.m.0 views

Malicious code in cmc-core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a5a8b47acbc96bb3300d8a151d3e815bd1ed23b9ffa960bea03f4a2d2508ae4 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/05 7:34 a.m.2 views

MAL-2025-5629 Malicious code in cmc-core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a5a8b47acbc96bb3300d8a151d3e815bd1ed23b9ffa960bea03f4a2d2508ae4 Any computer that has this package installed or running should be considered...

7.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/10 10:31 a.m.12 views

CVE-2024-13090 Privilege escalation in Guardian/CMC before 24.6.0

A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is...

7.3CVSS7.7AI score0.00118EPSS
Exploits0References1
NOZOMI
NOZOMI
added 2025/06/10 12:0 a.m.6 views

Privilege escalation in Guardian/CMC before 24.6.0

Summary A privilege escalation vulnerability may enable a service account to elevate its privileges. Impact The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that...

7.3CVSS7.4AI score0.00118EPSS
Exploits0Affected Software2
RedhatCVE
RedhatCVE
added 2025/05/23 5:32 a.m.5 views

CVE-2023-22378

A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting parameter, allows an authenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application. Authenticated users may be able to extract arbitrary...

8.8CVSS8AI score0.00508EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 p.m.9 views

CVE-2020-25050

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 software. The CMC service allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 August 2020...

7.5CVSS6.8AI score0.00431EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.8 views

CVE-2019-19393

The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...

6.1CVSS6AI score0.00846EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:55 a.m.8 views

CVE-2025-23746

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Edem CMC MIGRATE cmc-migrate allows Reflected XSS.This issue affects CMC MIGRATE: from n/a through = 0.0.3...

7.1CVSS7.2AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2025/01/22 3:15 p.m.7 views

CVE-2025-23746

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Edem CMC MIGRATE cmc-migrate allows Reflected XSS.This issue affects CMC MIGRATE: from n/a through = 0.0.3...

7.1CVSS0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/22 2:32 p.m.21 views

CVE-2025-23746 WordPress CMC MIGRATE plugin <= 0.0.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Edem CMC MIGRATE cmc-migrate allows Reflected XSS.This issue affects CMC MIGRATE: from n/a through = 0.0.3...

7.1CVSS0.00357EPSS
Exploits0References1
CVE
CVE
added 2025/01/22 2:32 p.m.55 views

CVE-2025-23746

CVE-2025-23746 is a reflected Cross‑Site Scripting issue in the CMC MIGRATE plugin for WordPress (NotFound) affecting versions up to 0.0.3. The connected Red Hat entry reiterates the description and target software (CMC MIGRATE) but does not provide concrete exploitation details or a published fi...

7.1CVSS7.2AI score0.00357EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.7 views

WordPress plugin CMC MIGRATE 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.8AI score0.00357EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.7 views

WordPress CMC MIGRATE plugin <= 0.0.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin CMC MIGRATE versions = 0.0.3...

7.1CVSS6.1AI score0.00357EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/10/15 9:15 a.m.14 views

CVE-2024-47943

The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...

9.8CVSS0.00618EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/15 8:57 a.m.18 views

CVE-2024-47943 Improper signature verification of firmware upgrade files

The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...

0.00618EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/15 8:57 a.m.10 views

CVE-2024-47943 Improper signature verification of firmware upgrade files

The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...

7.7AI score0.00618EPSS
Exploits0References2
CVE
CVE
added 2024/10/15 8:57 a.m.49 views

CVE-2024-47943

CVE-2024-47943 affects the Rittal IoT Interface & CMC III Processing Unit. The firmware upgrade feature does not properly verify patch signatures: the signing uses an HMAC-like mechanism with a hard-coded key, which is publicly available, allowing attackers to craft malicious signed .patch files ...

9.8CVSS7.4AI score0.00618EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.4 views

Rittal IoT Interface & CMC III Processing Unit 安全漏洞

The Rittal IoT Interface & CMC III Processing Unit is a key component of Rittal Germany's Smart Networking of Sensors for monitoring physical environmental conditions. A security vulnerability exists in the Rittal IoT Interface & CMC III Processing Unit prior to version 6.21.00.2, which stems fro...

9.8CVSS7AI score0.00618EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.5 views

Rittal IoT Interface & CMC III Processing Unit 安全漏洞

The Rittal IoT Interface & CMC III Processing Unit is a key component of Rittal Germany's Smart Networking of Sensors for monitoring physical environmental conditions. A security vulnerability exists in Rittal IoT Interface & CMC III Processing Unit versions prior to 6.21.00.2, which stems from a...

9.8CVSS6.4AI score0.00856EPSS
Exploits1References3
Rows per page
Query Builder