Lucene search
K

6330 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-4255

Malware in sbrugna...

7.5CVSS6.4AI score0.03361EPSS
Exploits1References15
circl
circl
added 2025/10/05 10:2 a.m.6 views

CVE-2017-9965

creationtimestamp| type| source ---|---|--- 2025-10-05 10:02:43+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2017/CVE-2017-9965.yaml...

5.8CVSS6AI score0.04612EPSS
Exploits1References1
circl
circl
added 2025/10/05 8:40 a.m.5 views

CVE-2018-11511

creationtimestamp| type| source ---|---|--- 2025-10-05 08:40:40+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2018/CVE-2018-11511.yaml 2025-10-06 21:02:22+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m2kj4bihhq2q 2025-12-07...

9.8CVSS7AI score0.11176EPSS
In wildExploits7References5
ptsecurity
ptsecurity
added 2025/10/05 12:0 a.m.9 views

PT-2025-40793

A vulnerability was found in Frappe LMS 2.34.x/2.35.0. The impacted element is an unknown function of the component Incomplete Fix CVE-2025-55006. Performing manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been made public and could be...

8.8CVSS5.8AI score0.00361EPSS
Exploits1References10
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28395

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00441EPSS
Exploits1References4
circl
circl
added 2025/10/01 6:49 p.m.9 views

CVE-2025-27223

creationtimestamp| type| source ---|---|--- 2025-10-01 18:49:45+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-27223.yaml 2025-10-02 21:02:26+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m2ahapki2u26 2025-10-18...

7.5CVSS5.8AI score0.02102EPSS
Exploits1References3
debiancve
debiancve
added 2025/10/01 7:42 a.m.3 views

CVE-2025-39894

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check confirmed bit in brnflocalin after confirm When send a broadcast packet to a tap device, which was added to a bridge, brnflocalin is called to confirm the conntrack. If another conntrack with...

5.5CVSS5.3AI score0.0014EPSS
Exploits0
cvelist
cvelist
added 2025/09/29 8:34 p.m.24 views

CVE-2025-34234 Vasion Print (formerly PrinterLogic) Hardcoded Encryption Private Keys

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...

9.2CVSS0.00382EPSS
Exploits1References4
circl
circl
added 2025/09/29 3:18 a.m.4 views

CVE-2025-54249

creationtimestamp| type| source ---|---|--- 2025-09-29 03:18:25+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-54249.yaml 2025-09-30 21:02:43+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m23gd7gjji2j 2025-10-18...

6.5CVSS4.8AI score0.01811EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2025/09/29 12:0 a.m.4 views

PT-2025-39885

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 25.1.102 Vasion Print Application versions prior to 25.1.1413 Description The /api-gateway/identity/search-groups API endpoint does not require authentication. An unauthenticated remote attacker can enumerate eve...

6.9CVSS6.7AI score0.0065EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2025/09/29 12:0 a.m.6 views

PT-2025-39897

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 25.1.102 Vasion Print Application versions prior to 25.1.1413 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and Application deployments contain hardcoded private keys stored in clear text...

9.2CVSS6.5AI score0.00382EPSS
Exploits1References9
circl
circl
added 2025/09/24 1:50 p.m.7 views

CVE-2020-36719

creationtimestamp| type| source ---|---|--- 2025-09-24 13:50:13+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-36719.yaml...

9.8CVSS8.7AI score0.04304EPSS
Exploits1References1
circl
circl
added 2025/09/24 9:47 a.m.7 views

CVE-2020-36705

creationtimestamp| type| source ---|---|--- 2025-09-24 09:47:43+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/passive/cves/2020/CVE-2020-36705.yaml...

9.8CVSS6AI score0.06944EPSS
Exploits1References1
thn
thn
added 2025/09/24 6:24 a.m.3 views

State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability

Libraesva has released a security update to address a vulnerability in its Email Security Gateway ESG solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked as CVE-2025-59689 , carries a CVSS score of 6.1, indicating medium severity. "Libraesva ESG i...

6.1CVSS8AI score0.01929EPSS
Exploits0
circl
circl
added 2025/09/18 1:43 a.m.7 views

CVE-2019-11886

creationtimestamp| type| source ---|---|--- 2025-09-18 01:43:53+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2019/CVE-2019-11886.yaml 2025-09-21 21:02:24+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lzes4jrnvf2g...

8.8CVSS8.6AI score0.0189EPSS
Exploits1References2
cvelist
cvelist
added 2025/09/16 8:33 a.m.13 views

CVE-2025-2404 XSS in Ubit Information Technologies' STOYS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ubit Information Technologies STOYS allows Cross-Site Scripting XSS. This issue affects STOYS: from 2 before 20250916...

4.3CVSS0.00201EPSS
Exploits0References2
circl
circl
added 2025/09/15 9:55 p.m.13 views

CVE-2020-11515

creationtimestamp| type| source ---|---|--- 2025-09-15 21:55:04+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-11515.yaml 2025-09-16 21:02:25+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lyy7rtlmvj2p...

6.1CVSS6AI score0.02072EPSS
Exploits2References2
ptsecurity
ptsecurity
added 2025/09/10 12:0 a.m.8 views

PT-2025-86: Disclosure of confidential data via controller configuration request in Fastwel PLC web server

The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. The discovered vulnerability can be exploited by an attacker to obtain administrator‑level privileges. Vulnerability status: Confirmed by vendor Date of vulnerability remediation:...

8.3CVSS5.8AI score
Exploits0References2
ptsecurity
ptsecurity
added 2025/09/10 12:0 a.m.9 views

PT-2025-87: Incorrect session expiration in Fastwel PLC web server

The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. The discovered vulnerability can be exploited by an attacker to gain unlimited access to a device by brute-forcing or compromising a session token. Vulnerability status: Confirmed ...

9.2CVSS5.8AI score
Exploits0References2
cve
cve
added 2025/09/04 3:33 p.m.42 views

CVE-2025-38724

CVE-2025-38724: Linux kernel NFS server (nfsd) had a race in nfsd4_setclientid_confirm() where it did not check get_client_locked() return, risking reference loss and a potential use-after-free. A fix obtains a reference early when a confirmed client exists, and handles failure as if no confirmed...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder