CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

909 matches found

CNNVD•added 2021/07/22 12:0 a.m.•2 views

IDEMIA Morpho Wave Compact 路径遍历漏洞

IDEMIA Morpho Wave Compact is an industrial control device from idemia. Contactless fingerprint scanner. A security vulnerability in IDEMIA Morpho Wave Compact and VisionPass devices prior to version 2.6.2, which originates from path traversal in the Thrift command handler in the device, allows...

5.9CVSS6.2AI score0.00286EPSS

Exploits0References4

CNNVD•added 2021/07/22 12:0 a.m.•2 views

IDEMIA Morpho Wave Compact缓冲区错误漏洞

IDEMIA Morpho Wave Compact is an industrial control device from idemia. Contactless fingerprint scanner. A security vulnerability exists in IDEMIA Morpho Wave Compact and VisionPass devices prior to version 2.6.2, which originates from a buffer overflow in the Thrift command handler in the device...

6.2CVSS6.8AI score0.00092EPSS

Exploits0References4

CNVD•added 2021/06/24 12:0 a.m.•18 views

AKCMS suffers from SQL injection vulnerability (CNVD-2021-46735)

AKCMS is a lightweight CMS builder with distinctive and compact features. AKCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.8AI score

Exploits0

NVD•added 2021/04/22 9:15 p.m.•17 views

CVE-2021-25677

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions = V0.5.0.0 V1.0.0.0, TALON TC Compact BACnet All versions V3.5.5, TALON TC Modular BACnet All versions V3.5.5. The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the D...

5.3CVSS0.00385EPSS

Exploits0References3

OSV•added 2021/04/22 9:15 p.m.•1 views

CVE-2020-27009

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus Source Code Version...

8.1CVSS7.3AI score

Exploits0References2

OSV•added 2021/04/22 9:15 p.m.•2 views

CVE-2020-27736

6.5CVSS5.7AI score0.00827EPSS

Exploits0References3

OSV•added 2021/04/22 9:15 p.m.•1 views

CVE-2020-15795

8.1CVSS5.9AI score

Exploits0References2

Cvelist•added 2021/04/22 8:42 p.m.•22 views

CVE-2021-25677

5.3CVSS5.5AI score0.00385EPSS

Exploits0References3

CVE•added 2021/04/22 8:42 p.m.•77 views

CVE-2021-25677

CVE-2021-25677 concerns DNS transaction ID randomness in Siemens DNS clients across multiple products (APOGEE PXC BACnet/P2 Ethernet, Nucleus NET/ReadyStart, SIMOTICS CONNECT 400, TALON TC). Root cause: DNS client does not properly randomize transaction IDs, enabling potential DNS cache poisoning...

5.3CVSS5.9AI score0.00385EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2021/04/14 12:0 a.m.•2 views

PT-2021-2645 · Unknown · Apogee Pxc Compact +5

Name of the Vulnerable Software and Affected Versions: APOGEE PXC Compact BACnet versions prior to V3.5.5 APOGEE PXC Compact P2 Ethernet versions prior to V2.8.20 APOGEE PXC Modular BACnet versions prior to V3.5.5 APOGEE PXC Modular P2 Ethernet versions prior to V2.8.20 Nucleus NET versions prior...

8.1CVSS8AI score0.00686EPSS

Exploits0References7

Positive Technologies•added 2021/04/14 12:0 a.m.•2 views

PT-2021-2646 · Siemens +1 · Simotics Connect 400 +8

6.5CVSS6.2AI score0.00827EPSS

Exploits0References8

Positive Technologies•added 2021/04/14 12:0 a.m.•2 views

PT-2021-2648 · Siemens +1 · Simotics Connect 400 +7

7.4CVSS7.2AI score0.00867EPSS

Exploits0References8

Positive Technologies•added 2021/04/14 12:0 a.m.•4 views

PT-2021-2649 · Siemens +1 · Simotics Connect 400 +7

5.3CVSS5.2AI score0.00385EPSS

Exploits0References8

CNVD•added 2021/03/17 12:0 a.m.•21 views

Kangtaike SolarView Compact SV-CPT-MC310 Path Traversal Vulnerability (CNVD-2021-56806)

Kangtaike SolarView Compact is an application system from Kangtaike Japan Inc. which provides photovoltaic power measurement systems. Kangtaike SolarView Compact SV-CPT-MC310 suffers from a path traversal vulnerability that could be exploited by attackers to obtain information inside the system,...

4.3CVSS5AI score0.00326EPSS

Exploits0References1

CNVD•added 2021/03/17 12:0 a.m.•18 views

Kangtaike SolarView Compact SV-CPT-MC310 Cross-Site Scripting Vulnerability

Kangtaike SolarView Compact is an application system from Kangtaike, Japan. Kangtaike SolarView Compact SV-CPT-MC310 is vulnerable to cross-site scripting, which can be exploited by attackers to inject arbitrary scripts via unspecified vectors...

6.1CVSS4.9AI score0.00611EPSS

Exploits0References1

OSV•added 2021/03/03 6:15 p.m.•1 views

CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

9.8CVSS5.8AI score0.18159EPSS

Exploits1References2

NVD•added 2021/02/24 12:15 p.m.•15 views

CVE-2021-20660

Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00611EPSS

Exploits0References3

NVD•added 2021/02/24 12:15 p.m.•10 views

CVE-2021-20662

Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to alter the setting information without the access privileges via unspecified vectors...

7.5CVSS0.00399EPSS

Exploits0References3

OSV•added 2021/02/24 12:15 p.m.•0 views

CVE-2021-20661

Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors...

8.1CVSS7AI score0.01218EPSS

Exploits0References3

OSV•added 2021/02/24 12:15 p.m.•0 views

CVE-2021-20660

Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.6AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by