CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

35 matches found

ICS•added 2026/01/13 7:0 a.m.•1 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthorized sensitive database operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

8.7CVSS6.6AI score0.00054EPSS

Exploits0References11

CNVD•added 2025/12/15 12:0 a.m.•0 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud SQL Injection Vulnerability

Rockwell Automation FactoryTalk DataMosaix Private Cloud is an industrial data platform product from Rockwell Automation USA. A SQL injection vulnerability exists in Rockwell Automation FactoryTalk DataMosaix Private Cloud, which can be exploited by an attacker to perform sensitive database...

8.7CVSS5.9AI score0.00054EPSS

Exploits0References1

RedhatCVE•added 2025/12/10 2:22 p.m.•1 views

CVE-2025-12807

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS6.7AI score0.00054EPSS

Exploits0References1

EUVD•added 2025/12/09 6:30 p.m.•1 views

EUVD-2025-202153

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS6.2AI score0.00054EPSS

Exploits0References2

NVD•added 2025/12/09 4:17 p.m.•2 views

CVE-2025-12807

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS0.00054EPSS

Exploits0References1

Cvelist•added 2025/12/09 1:56 p.m.•24 views

CVE-2025-12807 FactoryTalk® DataMosaix™ Private Cloud SQL Injection

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS0.00054EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 1:56 p.m.•2 views

CVE-2025-12807 FactoryTalk® DataMosaix™ Private Cloud SQL Injection

A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints...

8.7CVSS6.4AI score0.00054EPSS

Exploits0References1

CVE•added 2025/12/09 1:56 p.m.•11 views

CVE-2025-12807

DataMosaix Private Cloud (FactoryTalk) is affected by CVE-2025-12807. The vulnerability arises from API endpoints that allow low-privilege users to perform sensitive database operations, indicating an authorization/exposure flaw in the product’s API surface. Reported impact includes the potential...

8.7CVSS6.4AI score0.00054EPSS

Exploits0References1

CNNVD•added 2025/12/09 12:0 a.m.•1 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud 安全漏洞

Rockwell Automation FactoryTalk DataMosaix Private Cloud is an industrial data platform product from Rockwell Automation USA. A SQL injection vulnerability exists in Rockwell Automation FactoryTalk DataMosaix Private Cloud, which can be exploited by an attacker to perform sensitive database...

8.7CVSS5.8AI score0.00054EPSS

Exploits0References1

Positive Technologies•added 2025/12/09 12:0 a.m.•3 views

PT-2025-49867

CVE-2025-12807 A security issue was discovered in DataMosaix Private Cloud, allowing users with low privilege to perform sensitive database operations through exposed API endpoints. https://t.co/lEhiHUNcHf...

8.7CVSS6.7AI score0.00054EPSS

Exploits0References3

CNVD•added 2025/11/14 12:0 a.m.•2 views

Unspecified Vulnerability in Rockwell Automation DataMosaix Private Cloud

Rockwell Automation DataMosaix Private Cloud is an industrial DataOps solution from Rockwell Automation, Inc. It is used to simplify and control access to relevant, reliable and contextualized data. A security vulnerability exists in Rockwell Automation DataMosaix Private Cloud that can be...

7.6CVSS5.9AI score0.00018EPSS

Exploits0References1

CNVD•added 2025/11/14 12:0 a.m.•0 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud Cross-Site Scripting Vulnerability

Rockwell Automation FactoryTalk DataMosaix Private Cloud is an industrial data platform product from Rockwell Automation USA. Rockwell Automation FactoryTalk DataMosaix Private Cloud suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering an...

8.6CVSS6.1AI score0.0009EPSS

Exploits0References1

CISA•added 2025/11/13 12:0 p.m.•4 views

CISA Releases 18 Industrial Control Systems Advisories

CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...

Exploits0References18

ICS•added 2025/11/13 7:0 a.m.•4 views

Rockwell Automation FactoryTalk DataMosaix Private Cloud

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take over accounts, steal credentials, redirect users to a malicious website, or bypass MFA. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

Exploits0References13

RedhatCVE•added 2025/11/12 2:3 p.m.•9 views

CVE-2025-11085

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS6.8AI score0.0009EPSS

Exploits0References1

RedhatCVE•added 2025/11/12 2:3 p.m.•7 views

CVE-2025-11084

A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period...

7.6CVSS6.6AI score0.00018EPSS

Exploits0References1

EUVD•added 2025/11/11 3:31 p.m.•2 views

EUVD-2025-84346

A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period...

7.6CVSS6.1AI score0.00018EPSS

Exploits0References2

EUVD•added 2025/11/11 3:31 p.m.•1 views

EUVD-2025-84347

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS6.3AI score0.0009EPSS

Exploits0References2

NVD•added 2025/11/11 2:15 p.m.•6 views

CVE-2025-11085

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS0.0009EPSS

Exploits0References1

Vulnrichment•added 2025/11/11 1:35 p.m.•2 views

CVE-2025-11085 FactoryTalk® DataMosaix™ Private Cloud – Persistent XSS

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS6.4AI score0.0009EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by