Lucene search
K

692 matches found

Vulnrichment
Vulnrichment
added 2025/12/16 3:15 p.m.5 views

CVE-2025-14432 Poly Video - Sensitive Data Might Be Written to Log File

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...

8.1CVSS6.3AI score0.00344EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.7 views

PT-2025-51682

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...

8.1CVSS6.7AI score0.00344EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

D-Link DAP-1325 访问控制错误漏洞

The D-Link DAP-1325 is a wireless access point/bridge from China's AUO D-Link, which is primarily used to provide wireless network coverage and has a bridging function to convert a wired network to a wireless network or connect two wireless networks together. An access control error vulnerability...

8.7CVSS9.1AI score0.0062EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/10 8:36 a.m.4 views

CVE-2025-41746

An XSS vulnerability in pxcportSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-lev...

7.1CVSS6.3AI score0.08236EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 8:36 a.m.7 views

CVE-2025-41748

An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS6.3AI score0.08404EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 8:36 a.m.6 views

CVE-2025-41752

An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS6.3AI score0.08236EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.7 views

EUVD-2025-201901

An XSS vulnerability in pxcportCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.8AI score0.08236EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:17 p.m.13 views

CVE-2025-41748

An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.08404EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.7 views

CVE-2025-41750

An XSS vulnerability in pxcPortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.08404EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.4 views

CVE-2025-41752

An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.08236EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.3 views

CVE-2025-41751

An XSS vulnerability in pxcportCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.4 views

CVE-2025-41749

An XSS vulnerability in portutil.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.00559EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.6 views

CVE-2025-41749

An XSS vulnerability in portutil.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.8AI score0.00559EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.4 views

CVE-2025-41747

An XSS vulnerability in pxcvlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to...

7.1CVSS5.9AI score0.08236EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.5 views

CVE-2025-41745

An XSS vulnerability in pxcportCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-leve...

7.1CVSS5.8AI score0.00548EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.4 views

CVE-2025-41695

An XSS vulnerability in dynconn.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.8AI score0.00554EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 8:10 a.m.15 views

CVE-2025-41745

CVE-2025-41745 describes an XSS in pxc_portCntr2.php that allows an unauthenticated attacker to trick an authenticated user into sending a manipulated POST to modify web-based management parameters. The vulnerability affects devices exposing the pxc_portCntr2.php page within their web management ...

7.1CVSS5.9AI score0.00548EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/09 8:9 a.m.23 views

CVE-2025-41746 Reflected XSS vulnerability in pxc_portSecCfg.php

An XSS vulnerability in pxcportSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-lev...

7.1CVSS0.08236EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 8:9 a.m.15 views

CVE-2025-41746

CVE-2025-41746 is a reflected XSS vulnerability in pxc_portSecCfg.php (pxc_portSecCfg.php/pxc portSecCfg.php as reported) that an unauthenticated attacker could leverage to induce an authenticated user to submit a manipulated POST request to change device configuration via the web UI. The issue i...

7.1CVSS5.9AI score0.08236EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/09 8:9 a.m.3 views

CVE-2025-41748 Reflected XSS vulnerability in pxc_Dot1xCfg.php

An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.9AI score0.08404EPSS
Exploits0References1
Rows per page
Query Builder