Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

RedhatCVE
RedhatCVEadded 2026/01/07 9:29 a.m.3 views

CVE-2019-12310

ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote attackers to view and retrieve verbose logging information. Files within this directory were observed to contain sensitive run-time information, including...

9.8CVSS7.3AI score0.01171EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-3947

Malware in sbrugna...

9.8CVSS9.5AI score0.01171EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-23280

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00173EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-23283

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00351EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/08/21 12:0 a.m.2 views

PT-2025-34213 · Exagrid · Exagrid Ex10

Name of the Vulnerable Software and Affected Versions: Exagid EX10 version 7.0.1p02 Description: An XML external entities XXE injection vulnerability exists in the /init API endpoint. An authenticated, unprivileged attacker can achieve information disclosure and privilege escalation by submitting...

5.3CVSS7.4AI score0.00066EPSS
Exploits0References7
CNNVD
CNNVDadded 2025/08/21 12:0 a.m.1 views

Exagrid EX10 安全漏洞

Exagrid EX10 is a backup storage server from Exagrid Corporation, USA. A security vulnerability exists in Exagrid EX10 version 7.0.1p02, which originates from the presence of XML external entity injection in the /init API endpoint, which could lead to information disclosure and elevation of...

5.3CVSS6.6AI score0.00066EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/08/02 8:24 p.m.6 views

CVE-2025-29556

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with the Admin role from creating or modifying users with the Security Officer role without approval. However, a flaw in the account creation process allows an...

7.3CVSS6.3AI score0.00351EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/08/02 8:24 p.m.8 views

CVE-2025-29557

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level privileges can issue an HTTP request to retrieve SMTP credentials, including plaintext passwords...

5.4CVSS6.4AI score0.00173EPSS
Exploits0References1
NVD
NVDadded 2025/07/31 4:15 p.m.4 views

CVE-2025-29556

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with the Admin role from creating or modifying users with the Security Officer role without approval. However, a flaw in the account creation process allows an...

7.3CVSS0.00351EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/07/31 12:0 a.m.3 views

CVE-2025-29556

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with the Admin role from creating or modifying users with the Security Officer role without approval. However, a flaw in the account creation process allows an...

6.3AI score0.00351EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/07/31 12:0 a.m.8 views

CVE-2025-29557

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level privileges can issue an HTTP request to retrieve SMTP credentials, including plaintext passwords...

0.00173EPSS
Exploits0References2
CVE
CVEadded 2025/07/31 12:0 a.m.17 views

CVE-2025-29556

ExaGrid EX10 vulnerable to Incorrect Access Control (CVE-2025-29556) in versions 6.3–7.0.1.P08. A flaw in the account creation flow allows an Admin to bypass restrictions via API request manipulation, enabling creation of Security Officer accounts without prior approval. Attack scenario: an Admin...

7.3CVSS6.5AI score0.00351EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/07/31 12:0 a.m.4 views

CVE-2025-29557

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level privileges can issue an HTTP request to retrieve SMTP credentials, including plaintext passwords...

6.4AI score0.00173EPSS
Exploits0References2
CVE
CVEadded 2025/07/31 12:0 a.m.14 views

CVE-2025-29557

ExaGrid EX10 (versions 6.3–7.0.1.P08) is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint. The issue allows users with operator-level privileges to issue an HTTP request that retrieves SMTP credentials, including plaintext passwords. The root cause is improper access c...

5.4CVSS6.6AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/07/31 12:0 a.m.1 views

ExaGrid EX10 安全漏洞

ExaGrid EX10 is a backup storage server from ExaGrid USA. A security vulnerability exists in ExaGrid EX10 versions 6.3 through 7.0.1.P08, which stems from improper handling of API requests and could lead to bypassing privilege restrictions...

7.3CVSS6.7AI score0.00351EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/07/31 12:0 a.m.3 views

PT-2025-31526 · Exagrid · Exagrid Ex10

Name of the Vulnerable Software and Affected Versions: ExaGrid EX10 versions 6.3 through 7.0.1.P08 Description: The software is susceptible to incorrect access control. Users with operator-level privileges can retrieve SMTP credentials, including plaintext passwords, by issuing an HTTP request to...

5.4CVSS6.6AI score0.00173EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/07/31 12:0 a.m.1 views

ExaGrid EX10 安全漏洞

ExaGrid EX10 is a backup storage server from ExaGrid USA. A security vulnerability exists in ExaGrid EX10 versions 6.3 through 7.0.1.P08, which stems from improper access control of the MailConfiguration API endpoint and could lead to obtaining SMTP credentials...

5.4CVSS6.7AI score0.00173EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/07/31 12:0 a.m.7 views

CVE-2025-29556

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with the Admin role from creating or modifying users with the Security Officer role without approval. However, a flaw in the account creation process allows an...

0.00351EPSS
Exploits1References2
GithubExploit
GithubExploitadded 2025/07/30 8:24 p.m.173 views

Exploit for CVE-2025-29556

CVE-2025-29556 – ExaGrid Security Officer Account Creation Byp...

7.3CVSS7AI score0.00351EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2025/07/30 12:0 a.m.5 views

PT-2025-31459 · Exagrid · Exagrid Ex10

Name of the Vulnerable Software and Affected Versions: ExaGrid EX10 versions 6.3 through 7.0.1.P08 Description: ExaGrid EX10 versions 6.3 through 7.0.1.P08 are susceptible to an incorrect access control issue. Starting with version 6.3, ExaGrid implemented restrictions to prevent users with the...

7.3CVSS6.4AI score0.00351EPSS
Exploits1References7
Rows per page
Query Builder