Lucene search
K

294 matches found

OSV
OSV
added 2026/04/18 5:1 p.m.7 views

MINI-88JR-P9X6-MRW8

Bulletin has no description...

7.1CVSS5.6AI score0.00261EPSS
Exploits0
OSV
OSV
added 2026/04/11 2:47 p.m.2 views

MINI-Q3XX-G95G-856Q

Bulletin has no description...

7.5CVSS5.7AI score0.00615EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.7 views

CVE-2026-32953

Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI—and thus the same key...

4.7CVSS5.9AI score0.00246EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.4 views

CVE-2026-4187

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

6.9CVSS5.7AI score0.00514EPSS
Exploits0References1
OSV
OSV
added 2026/03/22 7:0 p.m.2 views

MINI-GW49-J3R8-63M3

Bulletin has no description...

9.1CVSS5.7AI score0.01557EPSS
Exploits1
OSV
OSV
added 2026/03/20 4:24 a.m.5 views

CVE-2026-32953 Tillitis: TKey Client has an Error in Protocol Implementation

Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI—and thus the same key...

4.7CVSS6.4AI score0.00246EPSS
Exploits1References5
OSV
OSV
added 2026/03/17 7:42 p.m.4 views

GHSA-4W7R-3222-8H6V Tillitis TKey Client has an Error in Protocol Implementation

Impact Some specific 1 out of 256 User Supplied Secrets USS were not used, making the resulting Compound Device Identifier CDI the same as if no USS was provided. Affected client applications: all client apps using the tkeyclient Go module. Patches Upgrade to v1.3.0. NOTE WELL: For the affected e...

4.7CVSS6AI score0.00246EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/16 3:30 p.m.10 views

EUVD-2026-12245

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

6.9CVSS5.8AI score0.00514EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/15 7:2 p.m.39 views

CVE-2026-4187 Tiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authentication

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

6.9CVSS0.00514EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/15 7:2 p.m.3 views

CVE-2026-4187 Tiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authentication

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

6.9CVSS5.8AI score0.00514EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/15 7:2 p.m.3 views

CVE-2026-4187

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

6.9CVSS5.5AI score0.00514EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/15 7:2 p.m.29 views

CVE-2026-4187

Tiandy Easy7 Integrated Management Platform 7.17.0 is affected by CVE-2026-4187, specifically an issue in the Device Identifier Handler’s /WebService/UpdateLocalDevInfo.jsp. The vulnerability arises from improper handling of the username/password arguments, enabling manipulation that leads to mis...

6.9CVSS5.8AI score0.00514EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/15 12:0 a.m.12 views

PT-2026-25561

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

6.9CVSS5.8AI score0.00514EPSS
Exploits0References6
OSV
OSV
added 2026/03/13 10:47 a.m.3 views

MINI-W66V-G4CJ-X76W

Bulletin has no description...

6.1CVSS5.7AI score0.00328EPSS
Exploits0
CVE
CVE
added 2026/03/10 7:33 p.m.18 views

CVE-2025-48611

Summary of CVE-2025-48611 : The vulnerability is in the DeviceId.java code path (DeviceId class) where a missing bounds check can cause a desync in persistence, enabling local elevation of privilege without extra execution privileges or user interaction. This is consistently described across mult...

10CVSS5.9AI score0.00193EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/04 5:31 a.m.2 views

MINI-PX3R-4F23-44C9

Bulletin has no description...

8.6CVSS5.9AI score0.00532EPSS
Exploits0
NVD
NVD
added 2026/03/02 3:16 p.m.11 views

CVE-2025-58107

In Microsoft Exchange through 2019, Exchange ActiveSync EAS configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password...

7.5CVSS0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/03/02 12:0 a.m.14 views

CVE-2025-58107

CVE-2025-58107 affects on-premises Microsoft Exchange environments up to 2019, specifically Exchange ActiveSync (EAS) configurations. The issue is that EAS configs may transmit sensitive data from Samsung mobile devices in cleartext, including the user’s name, email address, device ID, bearer tok...

7.5CVSS5.9AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 1:5 p.m.2 views

MINI-762H-55FJ-G9G4

Bulletin has no description...

5.4CVSS5.1AI score0.00162EPSS
Exploits0
NVD
NVD
added 2026/02/22 11:16 a.m.10 views

CVE-2026-2944

A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack ma...

9.8CVSS0.05042EPSS
Exploits1References4
Rows per page
Query Builder