Lucene search
+L

224 matches found

Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.14 views

PT-2025-41913

Name of the Vulnerable Software and Affected Versions FactoryTalk View Machine Edition versions affected versions not specified Description An authentication bypass issue exists in the FactoryTalk View Machine Edition Web Browser ActiveX control. Successful exploitation can lead to unauthorized...

7CVSS6.5AI score0.00362EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.6 views

Rockwell Automation PanelView Plus 7 Performance Series B 安全漏洞

Rockwell Automation PanelView Plus 7 Performance Series B is a multifunction HMI application from Rockwell Automation, Inc. A security vulnerability exists in Rockwell Automation PanelView Plus 7 Performance Series B. The vulnerability, which originates from an authentication bypass, could lead t...

9.8CVSS6.4AI score0.00362EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.38 views

EUVD-2021-18714

Malware in sbrugna...

4.8CVSS4.5AI score0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26393

Malicious code in bioql PyPI...

7.4CVSS6.6AI score0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25618

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00308EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.19 views

EUVD-2025-23950

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-14380

Malicious code in bioql PyPI...

4.9CVSS6.6AI score0.0031EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-43184

Malicious code in bioql PyPI...

4.4CVSS5AI score0.01028EPSS
Exploits0References2
Veracode
Veracode
added 2025/09/25 4:43 a.m.10 views

Information Disclosure

github.com/neuvector/neuvector is vulnerable to information disclosure. The vulnerability is due to passwords in Java command parameters being logged in security event logs when a process rule violation occurs, which allows an attacker to obtain sensitive credentials...

5.3CVSS6.2AI score0.00231EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/24 7:26 p.m.9 views

CVE-2025-6791

In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...

8.8CVSS7.5AI score0.00308EPSS
Exploits0References1
CVE
CVE
added 2025/08/22 6:56 p.m.25 views

CVE-2025-6791

Centreon Web’s Monitoring event logs module is affected by an SQL Injection due to improper neutralization of special elements in an SQL command. An authenticated, low-privilege attacker can modify HTTP requests to insert payloads into the database. Affected Centreon Web versions: 23.10.0–23.10.2...

8.8CVSS7.1AI score0.00308EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/22 6:56 p.m.13 views

CVE-2025-6791 Second order SQL injection available to user with low privilege

In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...

8.8CVSS0.00308EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/22 6:56 p.m.6 views

CVE-2025-6791 Second order SQL injection available to user with low privilege

In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...

8.8CVSS7.1AI score0.00308EPSS
Exploits0References2
OSV
OSV
added 2025/08/22 6:56 p.m.7 views

CVE-2025-6791 Second order SQL injection available to user with low privilege

In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...

8.8CVSS7.3AI score0.00308EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.8 views

PT-2025-33108 · Centreon · Web

Name of the Vulnerable Software and Affected Versions: Centreon web versions 23.10.0 through 23.10.26 Centreon web versions 24.04.0 through 24.04.16 Centreon web versions 24.10.0 through 24.10.9 Description: The web application is susceptible to SQL Injection due to improper neutralization of...

8.8CVSS7.5AI score0.00308EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.513 views

Microsoft Windows - Storage QoS Filter Driver Checker

Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...

7.8CVSS7.4AI score0.00586EPSS
Exploits2
NVD
NVD
added 2025/08/07 8:15 p.m.29 views

CVE-2025-48709

BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...

7.8CVSS0.00122EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/07 12:0 a.m.6 views

CVE-2025-48709 BMC Control-M/Server cleartext database credentials in process lists and logs

BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...

4.8CVSS6.4AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/04 8:27 p.m.16 views

CVE-2025-34091

A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due to observable decryption failure behavior in Windows Event Logs when handling malformed ciphertext in SYSTEM-DPAPI-encrypted blobs. A local attacker can repeatedly send malformed ciphertexts to the...

8.8CVSS5.6AI score
Exploits0References1
NVD
NVD
added 2025/07/02 8:15 p.m.10 views

CVE-2025-34091

Rejected reason: Neither filed by Chrome nor a valid security vulnerability...

Exploits0
Rows per page
Query Builder