Lucene search
K

532 matches found

NVD
NVD
added 2026/03/19 6:16 p.m.5 views

CVE-2025-67114

Use of a deterministic credential generation algorithm in /ftl/bin/calcf2 in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass an...

9.8CVSS0.00517EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.6 views

PT-2026-26319

Use of a deterministic credential generation algorithm in /ftl/bin/calc f2 in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass a...

5.9AI score0.00517EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/19 12:0 a.m.3 views

CVE-2025-67114

Use of a deterministic credential generation algorithm in /ftl/bin/calcf2 in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass an...

5.9AI score0.00517EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/03 2:39 a.m.8 views

EUVD-2025-208224

Cleartext Storage of Sensitive Information CWE-312 in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the session token and exploit access for a limited duration. This issue affects Command Centre Mobile...

5.7CVSS6AI score0.00071EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/03 3:18 p.m.8 views

CVE-2022-50975

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

8.8CVSS5.6AI score0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/02/02 3:16 p.m.7 views

CVE-2022-50975

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

8.8CVSS0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/02 2:7 p.m.30 views

CVE-2022-50975 Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated access to device configuration

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

8.8CVSS0.00226EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/02 2:7 p.m.4 views

CVE-2022-50975

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

8.8CVSS5.6AI score0.00226EPSS
Exploits0References3Affected Software10
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.8 views

Innomic VibroLine Series 访问控制错误漏洞

The Innomic VibroLine Series is a professional vibration measurement and analysis system developed by the German company Innomic. The Innomic VibroLine Series contains a security access control vulnerability. This vulnerability arises from the possibility for unverified remote attackers to use th...

8.8CVSS5.9AI score0.00226EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.7 views

PT-2026-5662

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

8.8CVSS5.6AI score0.00226EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.11 views

Hubitat Elevation security vulnerability

Hubitat Elevation is a localized smart home control system developed by Hubitat Inc. Versions prior to Hubitat Elevation 2.4.2.157 contained security vulnerabilities. These vulnerabilities were caused by user-controllable keys that allowed unauthorized access, potentially allowing remote...

9.4CVSS5.8AI score0.00465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26950)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26950 advisory. - In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access devic...

5.5CVSS6.7AI score0.00236EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001596 advisory. A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact...

6.4CVSS7.1AI score0.00227EPSS
Exploits0References5
CVE
CVE
added 2026/01/15 1:2 p.m.16 views

CVE-2026-22911

The CVE-2026-22911 issue concerns firmware update files that may expose password hashes for system accounts, enabling a remote attacker to recover credentials and gain unauthorized access to the device. Public references identify this as impacting SICK TDC-X401GL (and related advisories), with th...

7.5CVSS6.8AI score0.00479EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/01/15 1:2 p.m.29 views

CVE-2026-22911

Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device...

5.3CVSS0.00479EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.7 views

PT-2026-2992

Name of the Vulnerable Software and Affected Versions Affected versions not specified Description Firmware update files may reveal password hashes for system accounts. A remote attacker could potentially recover credentials and obtain unauthorized access to the device. Recommendations At the...

7.5CVSS6.7AI score0.00479EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002148)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002148 advisory. The kvmapichasevents function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service NULL pointer dereference and...

4.9CVSS7.1AI score0.00451EPSS
Exploits0References19
RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.14 views

CVE-2021-33716

A vulnerability has been identified in SIMATIC CP 1543-1 incl. SIPLUS variants All versions V3.0, SIMATIC CP 1545-1 All versions V1.1. An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext...

6.5CVSS6AI score0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.14 views

PT-2026-1252

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Network File System NFS automounting. Specifically, automounted filesystems do not consistently inherit superblock mount options like read-on...

5.2CVSS6.3AI score0.00165EPSS
Exploits0
OSV
OSV
added 2026/01/04 12:15 a.m.3 views

CVE-2025-3646

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain unauthorized acce...

8.2CVSS5.7AI score0.00194EPSS
Exploits0References2
Rows per page
Query Builder