Lucene search
K

273 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-46423

Malicious code in bioql PyPI...

9.4CVSS6.6AI score0.00477EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-28606

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-49154

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00659EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-33300

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00952EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-1049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Pacemaker configuration tool pcs. The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using...

8.8CVSS7.2AI score0.01825EPSS
Exploits1References2
Wolfi
Wolfi
added 2025/08/08 7:47 p.m.3 views

GHSA-9342-92GG-6V29 vulnerabilities

Vulnerabilities for packages: apicurio-registry, thingsboard, wildfly, jenkins, dependency-track, apache-nifi, keycloak, keycloak-config-cli...

5.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.8 views

The vulnerability of the HPE Networking Instant On configuration and access point management tool lies in its use of strictly encrypted credentials. This allows attackers to circumvent security restrictions and gain increased privileges.

The vulnerability of the HPE Networking Instant On configuration and access point management tool is related to the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain increased privileges...

10CVSS7.5AI score0.01003EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.7 views

The vulnerability of the Segnetics SMConfig system configuration tool lies in its insufficient verification of the authenticity of executed requests, allowing attackers to carry out CSRF attacks.

The vulnerability of the Segnetics SMConfig system configuration tool is related to insufficient verification of the authenticity of the requests being executed. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

9CVSS5.4AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/24 6:13 p.m.12 views

CVE-2024-13946

DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.1CVSS6.9AI score0.00977EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:33 a.m.5 views

CVE-2024-25647

Incorrect default permissions for some IntelR Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.2AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:32 a.m.7 views

CVE-2024-23312

Uncontrolled search path for some IntelR Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:31 a.m.6 views

CVE-2023-46280

A vulnerability has been identified in Security Configuration Tool SCT All versions, SIMATIC Automation Tool All versions V5.0 SP2, SIMATIC BATCH V9.1 All versions V9.1 SP2 Upd5, SIMATIC NET PC Software V16 All versions V16 Update 8, SIMATIC NET PC Software V17 All versions, SIMATIC NET PC Softwa...

8.2CVSS6.8AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:54 a.m.11 views

CVE-2023-24591

Uncontrolled search path in some IntelR Binary Configuration Tool software before version 3.4.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.1AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.14 views

CVE-2022-28863

An issue was discovered in Nokia NetAct 22. A remote user, authenticated to the website, can visit the Site Configuration Tool section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value...

8.8CVSS6.9AI score0.00952EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:0 p.m.6 views

CVE-2021-20587

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions...

9.8CVSS9.1AI score0.03663EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:39 p.m.7 views

CVE-2021-26597

An issue was discovered in Nokia NetAct 18A. A remote user, authenticated to the NOKIA NetAct Web Page, can visit the Site Configuration Tool web site section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the...

6.5CVSS6.4AI score0.01437EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/22 6:9 p.m.12 views

CVE-2024-13946 Binary Planting / LoadLibrary DLL's not Signed

DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.1CVSS6.6AI score0.00977EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2025/05/19 2:59 p.m.6 views

CVE-2025-3908

The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory...

6.3AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.5 views

OpenVPN 安全漏洞

OpenVPN is a software package for creating encrypted tunnels for virtual private networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a...

6.2CVSS6.1AI score0.00182EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/09 12:0 a.m.8 views

The vulnerability of the Configuration tool for access control and remote authentication in BIG-IP allows a attacker to carry out XSS attacks.

The vulnerability of the Configuration tool for access control and remote authentication in BIG-IP relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

9CVSS6.2AI score0.00419EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder