Lucene search
K

23 matches found

NVD
NVD
added 4 days ago9 views

CVE-2026-55761

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. In versions 2.39.0 through 2.39.3 and 2.40.0 until 2.43.0, unauthenticated restore and administrator initialization...

7.1CVSS0.00272EPSS
Exploits1References6
EUVD
EUVD
added 2026/06/09 6:30 p.m.14 views

EUVD-2026-35441

An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...

10CVSS5.6AI score0.99041EPSS
Exploits6References2
NVD
NVD
added 2026/06/09 4:16 p.m.9 views

CVE-2026-10523

An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...

9.9CVSS0.4719EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-47807

Name of the Vulnerable Software and Affected Versions Ivanti Sentry versions prior to R10.5.2 Ivanti Sentry versions prior to R10.6.2 Ivanti Sentry versions prior to R10.7.1 Description An authentication bypass allows a remote unauthenticated attacker to create arbitrary administrative accounts a...

9.9CVSS6.2AI score0.4719EPSS
Exploits4References45
CVE
CVE
added 2026/05/28 7:7 p.m.43 views

CVE-2026-9039

CVE-2026-9039 affects the XCharge C6 via a configuration weakness in the device’s remote management service. An authenticated session can be established over a channel intended only for vehicle-charger signaling. The service is exposed on interfaces at the charging connector and accepts a default...

8.6CVSS5.8AI score0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 7:7 p.m.14 views

CVE-2026-9039

A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...

8.6CVSS5.8AI score0.00185EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 7:7 p.m.10 views

EUVD-2026-33004

A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...

8.6CVSS5.8AI score0.00185EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Google Cloud AlloyDB for PostgreSQL 安全漏洞

Google Cloud AlloyDB for PostgreSQL is a cloud-native, high-performance relational database service from Google Inc. That service is compatible with PostgreSQL. Versions of Google Cloud AlloyDB for PostgreSQL prior to 2025-11-03 contained a security vulnerability. This vulnerability stemmed from...

9.2CVSS5.9AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 12:12 p.m.30 views

CVE-2026-8077 Weak credentials vulnerability in the CashDro 3 web administration panel

Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...

8.6CVSS0.00248EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-33880

Name of the Vulnerable Software and Affected Versions Neko versions 3.0.0 through 3.0.10 Neko versions 3.1.0 through 3.1.1 Description An issue allows any authenticated user to obtain full administrative control of the Neko instance, including member management, room settings, broadcast control,...

8.8CVSS5.2AI score0.00437EPSS
Exploits0References12
OSV
OSV
added 2026/02/03 8:15 p.m.3 views

CVE-2025-10878

A SQL injection vulnerability exists in the login functionality of Fikir Odalari AdminPando 1.0.1 before 2026-01-26. The username and password parameters are vulnerable to SQL injection, allowing unauthenticated attackers to bypass authentication completely. Successful exploitation grants full...

10CVSS5.9AI score0.00602EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.6 views

PT-2026-1869

Name of the Vulnerable Software and Affected Versions Intelbras CFTV IP NVD 9032 R Ftd version 2.800.00IB00C.0.T Description A security issue exists in Intelbras CFTV IP NVD 9032 R Ftd version 2.800.00IB00C.0.T that allows an unauthenticated attacker to bypass the multi-factor authentication MFA...

8.2CVSS6.8AI score0.00331EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/05 12:0 a.m.5 views

CData API Server 安全漏洞

CData API Server is a server for creating, deploying, and managing custom APIs from CData. This server provides a highly scalable platform that helps organizations quickly build and expose APIs to communicate with different data sources. A security vulnerability exists in versions prior to CData...

9.8CVSS6.5AI score0.08151EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.7 views

Siemens Location Intelligence Perpetual 信任管理问题漏洞

Location Intelligence is a web-based application that creates transparency in production and logistics processes based on location data, thus uncovering optimization potential. Siemens Location Intelligence suffers from a Use Hardcoded Credentials vulnerability that can be exploited by an attacke...

9.8CVSS7AI score0.00733EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/01/10 8:44 p.m.12 views

CVE-2022-35401

An authentication bypass vulnerability exists in the getIFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.38649674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to exploit this...

9CVSS7.3AI score0.20849EPSS
Exploits1References1
Tibco
Tibco
added 2022/08/05 2:41 a.m.23 views

TIBCO Security Advisory: August 9, 2022 - TIBCO FTL -CVE-2022-30573

TIBCO FTL Privilege Escalation Original release date: August 9, 2022 Last revised: --- CVE-2022-30573 Source: TIBCO SoftwareInc. Products Affected TIBCO FTL - Community Edition versions 6.0.0 through 6.8.0 TIBCO FTL - Developer Edition versions 6.0.1 through 6.8.0 TIBCO FTL - Enterprise Edition...

6.5CVSS7AI score0.0065EPSS
Exploits0Affected Software3
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.10 views

Auerswald Compact 系列安全漏洞

The Auerswald Compact Series is an Ict solution from Auerswald Germany. a security vulnerability exists in the Auerswald Compact Series that could be exploited by an attacker to access a web-based management application for full administrative access to the device...

10CVSS5.6AI score0.71979EPSS
Exploits6References4
0day.today
0day.today
added 2021/12/06 12:0 a.m.406 views

Auerswald COMpact 8.0B - Multiple Backdoors Vulnerability

Exploit Title: Auerswald COMpact 8.0B - Multiple Backdoors Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Multiple Backdoors RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to...

9.8CVSS0.7AI score0.71979EPSS
Exploits6
ATTACKERKB
ATTACKERKB
added 2020/04/21 12:0 a.m.101 views

CVE-2020-4427

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process...

10CVSS9.7AI score0.71363EPSS
In wildExploits10References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Cisco IOS 11.x/12.x HTTP Configuration Arbitrary Administrative Access Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/2936/info IOS is router firmware developed and distributed by Cisco Systems. IOS functions on numerous Cisco devices, including routers and switches. It is possible to gain full remote administrative access on devices usi...

7.1AI score
Exploits0
Rows per page
Query Builder