Lucene search
K

258 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:45 a.m.10 views

CVE-2025-40582

A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions with SINEMA Remote Connect Edge Client installed. Affected devices do not properly sanitize configuration parameters. This could allow a non-privileged local attacker to execute root commands on the device...

8.5CVSS7.2AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:39 a.m.17 views

CVE-2022-35874

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a...

9.8CVSS7.2AI score0.00869EPSS
Exploits1References1
OSV
OSV
added 2025/12/09 4:17 p.m.5 views

CVE-2025-41748

An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.8AI score0.08404EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.4 views

CVE-2025-41752

An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.8AI score0.08236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 8:10 a.m.4 views

CVE-2025-41695 Reflected XSS vulnerability in dyn_conn.php

An XSS vulnerability in dynconn.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.9AI score0.00554EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 8:10 a.m.18 views

CVE-2025-41745 Reflected XSS vulnerability in pxc_portCntr2.php

An XSS vulnerability in pxcportCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-leve...

7.1CVSS0.00548EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 8:9 a.m.3 views

CVE-2025-41748 Reflected XSS vulnerability in pxc_Dot1xCfg.php

An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.9AI score0.08404EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 8:7 a.m.20 views

CVE-2025-41751 Reflected XSS vulnerability in pxc_portCntr.php

An XSS vulnerability in pxcportCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.08236EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 8:7 a.m.11 views

CVE-2025-41751

CVE-2025-41751 describes a reflected XSS in pxc_portCntr.php that permits an unauthenticated remote attacker to trick an authenticated user into clicking a link to modify device configuration through the web-based management interface. The vulnerability affects parameters exposed in the WBM conte...

7.1CVSS5.9AI score0.08236EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/09 8:7 a.m.2 views

CVE-2025-41752 Reflected XSS vulnerability in pxc_portSfp.php

An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.9AI score0.08236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.7 views

PT-2025-49823

An XSS vulnerability in pxc portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS6.3AI score0.08236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.7 views

PT-2025-49821

An XSS vulnerability in port util.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS6.3AI score0.00559EPSS
Exploits0References1
OSV
OSV
added 2025/10/30 10:15 p.m.2 views

CVE-2025-34134

Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the Business Process Intelligence BPI component. Insufficient validation and sanitization of administrator-controlled BPI configuration parameters notably bpilogfile and bpiconfigfile allow an authenticated...

7.2CVSS6.5AI score0.02194EPSS
Exploits0References3
CVE
CVE
added 2025/10/30 9:41 p.m.14 views

CVE-2025-34134

CVE-2025-34134 – Nagios XI BPI RCE in pre-2024R1.4.2 . An authenticated administrator can abuse insufficient validation/sanitization of BPI configuration parameters (notably bpi_logfile and bpi_configfile) to create/overwrite files in the webroot and edit them via the BPI editor. If such files ha...

9.4CVSS8AI score0.02194EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.4 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2012R1.3, which stems from insufficient...

9.8CVSS7.6AI score0.0102EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/10/29 6:2 p.m.4 views

CVE-2025-11232

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...

7.5CVSS5.2AI score0.00387EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-3916

Malware in sbrugna...

8.8CVSS8.8AI score0.01594EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-19458

Malware in sbrugna...

7.5CVSS6AI score0.03688EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-6486

Malware in sbrugna...

6.8CVSS6.4AI score0.00925EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-4726

Malware in sbrugna...

7.5CVSS7.5AI score0.01114EPSS
Exploits0References2
Rows per page
Query Builder