Lucene search
K

50 matches found

Vulnrichment
Vulnrichment
added 2025/12/11 2:21 p.m.5 views

CVE-2025-14265 Improper server-side validation in ScreenConnect extension framework

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of...

9.1CVSS6.9AI score0.0033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/19 12:11 a.m.10 views

CVE-2025-63225

The Eurolab ELTS100UBX device firmware version ELTS100v1.UBX is vulnerable to Broken Access Control due to missing authentication on critical administrative endpoints. Attackers can directly access and modify sensitive system and network configurations, upload firmware, and execute unauthorized...

9.8CVSS7.4AI score0.00562EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/22 7:38 p.m.6 views

EUVD-2025-35593

Vert.x-Web Access Control Flaw in StaticHandler’s Hidden File Protection for Files Under Hidden Directories...

6.3CVSS6.4AI score0.00459EPSS
Exploits0References3
NVD
NVD
added 2025/10/22 3:15 p.m.7 views

CVE-2025-11965

In Eclipse Vert.x versions 4.0.0, 4.5.21 and 5.0.0, 5.0.4, a StaticHandler configuration for restricting access to hidden files fails to restrict access to hidden directories, allowing unauthorized users to retrieve files within them e.g. '.git/config'...

7.5CVSS0.00459EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-29592

Malicious code in bioql PyPI...

7.8CVSS7AI score0.00782EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27994

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00531EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.4 views

Digiever NVR 安全漏洞

Digiever NVR is a camera centralized management, video storage and surveillance device from Digiever Corporation of Taiwan, China. A security vulnerability exists in the Digiever NVR, which stems from the exposure of sensitive information, and could allow an unauthenticated, remote attacker to...

10CVSS6.6AI score0.0045EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.5 views

PT-2025-34489 · Voltronic Power +1 · Viewpower +1

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower versions 1.04-21353 and earlier PowerShield Netguard versions prior to 1.04-23292 Description: A remote attacker can configure the system via a web interface without authentication. This includes changing the web...

9.8CVSS9.5AI score0.00616EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.7 views

Vulnerability of the main and fileman modules of the 1C-Bitrix website management system: Website management that allows attackers to gain unauthorized access to configuration and executable files

Vulnerability of the main and fileman modules of the 1C-Bitrix website management system: Website management involves insecure handling of privileges. Exploiting this vulnerability can allow an attacker to gain unauthorized access to configuration and executable files...

6.8CVSS5.5AI score
Exploits0References1Affected Software3
CNNVD
CNNVD
added 2025/07/09 12:0 a.m.5 views

Radiflow iSAP Smart Collector 安全漏洞

Radiflow iSAP Smart Collector is a remote traffic collection and forwarding appliance designed for industrial networks from Radiflow USA. A security vulnerability exists in the Radiflow iSAP Smart Collector that originates from an unauthenticated REST API on the management network and could lead ...

9.9CVSS6.8AI score0.00281EPSS
Exploits0References1
OSV
OSV
added 2025/06/03 4:42 p.m.6 views

CVE-2025-30167 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...

7.3CVSS6.4AI score0.00154EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.4 views

PT-2025-18415

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the access of the PCI config space via pci ops::read and pci ops::write, which are low-level hardware...

5.5CVSS6.7AI score0.00122EPSS
Exploits0
OSV
OSV
added 2025/01/14 2:15 p.m.3 views

CVE-2024-35277

A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending...

7.5CVSS5.8AI score0.00685EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.3 views

PT-2024-8645 · Ivanti · Ivanti Secure Access Client

Name of the Vulnerable Software and Affected Versions: Ivanti Secure Access Client versions prior to 22.7R4 Description: A race condition in Ivanti Secure Access Client allows a local authenticated attacker to modify sensitive configuration files. This issue is related to synchronization errors...

7.1CVSS6.7AI score0.00296EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/08/17 12:0 a.m.6 views

PT-2024-7422 · Trend Micro · Trend Micro Antivirus

Name of the Vulnerable Software and Affected Versions: Trend Micro Antivirus One versions 3.10.4 and below Consumer Description: The issue is related to insufficient access control, which could allow an attacker to gain unauthorized access to protected information. This could permit arbitrary...

7.8CVSS7.3AI score0.00125EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/06/07 12:0 a.m.5 views

PT-2024-4074 · NetGear · Netgear Wnr614 N300

Name of the Vulnerable Software and Affected Versions: Netgear WNR614 N300 version 1.1.0.54 1.0.1 Description: The issue is related to the storage of protected information in an unencrypted form. This could allow a remote attacker to disclose protected information. The estimated number of...

8.8CVSS6.8AI score0.00347EPSS
Exploits1References7
OSV
OSV
added 2023/09/22 3:15 p.m.7 views

CVE-2022-4039

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server...

9.8CVSS5.5AI score0.00789EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/04/26 12:0 a.m.10 views

PT-2023-36151 · Openssl +1 · Openssl +1

Name of the Vulnerable Software and Affected Versions: openssl-ibmca versions prior to 2.4.0 Description: The issue concerns adjustments and fixes for OpenSSL versions 3.1 and 3.2, including support for RSA blinding, constant-time fixes for RSA PKCS1 v1.5 and OAEP padding, and support for 'implic...

7.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/26 12:0 a.m.4 views

PT-2023-16281 · Econolite · Econolite Eos

Name of the Vulnerable Software and Affected Versions: Econolite EOS versions prior to 3.2.23 Description: The issue concerns the use of a weak hash algorithm for encrypting privileged user credentials. A configuration file, accessible without authentication, utilizes MD5 hashes for credential...

9.8CVSS5.1AI score0.00538EPSS
Exploits0References4
OSV
OSV
added 2022/05/28 11:3 a.m.3 views

OESA-2022-1676 git security update

Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. It outclasses SCM tools like Subversion, CVS, Perforce, and...

7.8CVSS6.8AI score0.00782EPSS
Exploits0References2
Rows per page
Query Builder